Third party cookies may be stored when visiting this site. Please see the cookie information.

Penguin Fortress YouTube Channel

Video transcript: Introduction to Cryptography part 1

This is a transcript for a video linked here: Introduction to Cryptography part 1.

Video transcript - Introduction to Cryptography part 1

welcome to this video on an 

introduction to cryptography  

00:00:04.080 --> 00:00:08.700

it's an important field of cyber security 

providing a way of protecting data  

00:00:08.700 --> 00:00:13.800

this video is going to explain what cryptography 

is and towards the end I'll give an example of  

00:00:13.800 --> 00:00:19.620

how you can Implement a simple Cipher in Python in 

future videos I'll show how cryptography is used  

00:00:19.620 --> 00:00:25.860

today and how we can use to protect information 

so good Communications and prove your identity

00:00:29.160 --> 00:00:34.740

the word cryptography comes from ancient 

Greek cryptos meaning hidden secret and graphy  

00:00:34.740 --> 00:00:40.740

meaning to write a way to turn some readable 

information plain text into unintelligible  

00:00:40.740 --> 00:00:46.560

nonsense Cipher text although text is used 

in this definition it doesn't need to be  

00:00:46.560 --> 00:00:51.300

text could be any information that needs to 

be headed such as images or other binary data

00:00:54.120 --> 00:00:59.160

cryptography is far from a new idea another 

attempts to break the codes for thousands of  

00:00:59.160 --> 00:01:04.800

years kings queens and other rulers have used 

cryptography to protect messages and for just  

00:01:04.800 --> 00:01:09.240

as long others have tried to break those codes 

perhaps one of the most famous from history is  

00:01:09.240 --> 00:01:13.860

that of Mary Queen of Scots who used the form 

of cryptography to protect her secret messages  

00:01:13.860 --> 00:01:18.720

to her allies this included her instructions 

for Queen Elizabeth the first to be killed  

00:01:19.320 --> 00:01:23.700

her Cipher was broken and messages used 

as evidence in her trial leading to her  

00:01:23.700 --> 00:01:29.700

execution in 1586. showing how cryptography 

can literally be a case of life or death  

00:01:31.560 --> 00:01:37.260

the use of cryptography has changed the course 

of Wars significantly during World War II Germany  

00:01:37.260 --> 00:01:42.240

made use of the Enigma machine for encrypted 

messages used for orders and status reports to  

00:01:42.240 --> 00:01:47.400

and from the Army and Navy as explained in the 

film Enigma the Enigma machine could be used  

00:01:47.400 --> 00:01:54.420

to protect the messages the Enigma machine 

Germans have thousands of them what to do  

00:01:55.500 --> 00:02:00.540

it turns plain text messages onto gobbledygook 

then the gobbledygook is transmitted in Morse  

00:02:01.260 --> 00:02:05.040

at the receiving end there's another Enigma 

machine to turn it back into the original message  

00:02:06.000 --> 00:02:08.880

press the same key any number of times 

it will always come out different  

00:02:10.080 --> 00:02:13.620

some of the top mathematicians in the 

UK came together at Bletchley Park with  

00:02:13.620 --> 00:02:17.520

the aim of breaking Enigma and other 

types of encryption used by the Germans  

00:02:17.520 --> 00:02:24.060

the bombe shown here was designed by Alan Turin 

based on the Polish bomba it was further refined  

00:02:24.060 --> 00:02:29.220

by Golden Welshman with an appropriate crib 

supplied by the cryptographers the bombes  

00:02:29.220 --> 00:02:32.580

were used to work through different machine 

settings to try and find that day's settings  

00:02:34.440 --> 00:02:39.480

another snippet of video this time from the 

imitation game sums up the tasks they faced  

00:02:40.980 --> 00:02:46.380

and what is it that we're really doing we're going 

to break an unbreakable Nazi code and win the war  

00:02:47.820 --> 00:02:54.480

oh one of the outcomes from Bexley Park was the 

creation of the world's first electronic computer  

00:02:54.480 --> 00:03:01.380

Colossus the aim to decipher the Lorenz encrypted 

tunny messages between Hitler and his generals  

00:03:01.980 --> 00:03:05.100

Colossus was designed and built 

by Tommy flowers and colleagues  

00:03:05.100 --> 00:03:09.780

and was closely guarded secret until 1975 

when the files were finally Declassified

00:03:13.260 --> 00:03:17.940

I'll just cover a few key aspects of terminology 

here before we move on to the examples

00:03:22.260 --> 00:03:28.020

so this shows a typical example of cryptography in 

use this is in fact a real example which we'll see  

00:03:28.020 --> 00:03:33.720

later it's based around rot 13 but that's not 

important at this stage we start on the left  

00:03:33.720 --> 00:03:38.940

and follow the flow to the right so we start 

with the plain text which may also be known as  

00:03:38.940 --> 00:03:45.180

the unencrypted or raw data this is turned into 

ciphertext through a process known as encryption  

00:03:46.080 --> 00:03:53.580

this is known as encrypting the data which results 

in the encrypted data shown here as the ciphertext  

00:03:55.020 --> 00:03:59.040

the software that performs the encryption is 

based upon an algorithm and usually some form  

00:03:59.040 --> 00:04:06.120

of key although the key may just be part of the 

algorithm to be able to read the ciphertext or  

00:04:06.120 --> 00:04:11.640

encrypted data then it needs to be decrypted 

this is through a process known as decryption  

00:04:11.640 --> 00:04:17.280

which again uses an algorithm and often some 

form of key depending upon the type of the  

00:04:17.280 --> 00:04:22.080

encryption this may be the same key as used 

for the encryption or is often a different key  

00:04:23.340 --> 00:04:29.580

this then returns the plain text or an encrypted 

data which can be read again it is the complexity  

00:04:29.580 --> 00:04:35.460

of the algorithm and if appropriate the key which 

determines how secure the data is there are also  

00:04:35.460 --> 00:04:40.020

different types of algorithms which depends upon 

the situation that the data will be used and can  

00:04:40.020 --> 00:04:44.220

result in different levels of security this is 

something that will be covered in future videos

00:04:46.920 --> 00:04:53.040

I'd also like to introduce some characters this 

is Alice she's the one wanting to send a protected  

00:04:53.040 --> 00:04:57.900

message and here is Bob he's the intended 

recipient who wants to read the messages  

00:04:59.460 --> 00:05:04.560

and here is Eve who is trying to eavesdrop on 

the message to find out what Alice is telling Bob  

00:05:05.460 --> 00:05:10.500

these are commonly used as fictional characters 

when discussing cryptography you'll often see them  

00:05:10.500 --> 00:05:15.480

in other explanations and academic papers so it 

makes sense to continue to use those names here

00:05:18.660 --> 00:05:24.540

in my practical example I'm going to use rot 13. 

this is not a secure way of protecting information  

00:05:24.540 --> 00:05:32.400

we're still used today for obscuring information 

rather than securing it rot 13 is based on the  

00:05:32.400 --> 00:05:38.340

Caesar shift Cipher used by Julius Caesar in the 

first century BC so I'm going to first show how  

00:05:38.340 --> 00:05:43.980

the Caesar shift Cipher works and then move 

on to the specific implementation with rot13.

00:05:46.560 --> 00:05:51.780

the Caesar shift Cipher is easy to understand 

basically shift the letter of the alphabet along  

00:05:51.780 --> 00:05:57.240

the number of the characters in the key the table 

shown above shows the alphabet with a key of zero  

00:05:58.380 --> 00:06:02.700

the ciphertext letter on the top lines 

up directly with the same letter below it  

00:06:03.840 --> 00:06:09.300

clearly this does not hide the message 

Cipher is not case sensitive I've used  

00:06:09.300 --> 00:06:13.500

lowercase for the plaintext and uppercase 

for ciphertext just to make it easy to follow

00:06:16.440 --> 00:06:20.460

with a shift of one character then the 

ciphertext moves along one position  

00:06:21.060 --> 00:06:27.180

this is the key value of one shift in a 

total of three characters gives this layout

00:06:29.280 --> 00:06:34.620

if I take our message from earlier we apply one 

character at a time so the H translates to E  

00:06:35.940 --> 00:06:40.380

then the E to B the Ls translate to eyes  

00:06:41.880 --> 00:06:47.940

and the O becomes an l as we're only using 

the alphabet the punctuation is left as it is  

00:06:49.440 --> 00:06:55.260

we can continue with the rest of the characters 

this gives the cipher text string to on the  

00:06:55.260 --> 00:07:01.680

bottom line which Alice can pass to Bob when Bob 

receives the message then he needs to know the key

00:07:03.720 --> 00:07:09.480

with that he can then create his own table which 

is the opposite of the one used by Alice shifted  

00:07:09.480 --> 00:07:11.640

-3 instead of plus three characters

00:07:14.280 --> 00:07:20.880

then Bob can use the same technique to convert 

from the ciphertext to the plain text so e becomes  

00:07:20.880 --> 00:07:27.300

h then Bob can continue to use the same technique 

to convert from the ciphertext to the plain text

00:07:29.400 --> 00:07:35.760

given the original text if he was able to see 

the message being transmitted then she would  

00:07:35.760 --> 00:07:40.980

have only seen the encrypted text without knowing 

the algorithm and the key she would not have been  

00:07:40.980 --> 00:07:45.960

able to understand the message of course this 

is not a very secure form of encryption and  

00:07:45.960 --> 00:07:50.580

anyone that is familiar with code word puzzles 

would be able to break this code very quickly

00:07:54.540 --> 00:08:00.780

which brings us along to rot13. this is not 

a secure way of protecting information but  

00:08:00.780 --> 00:08:03.840

it's still used today for obscuring 

information rather than securing it  

00:08:04.560 --> 00:08:09.180

sometimes used on internet forums to hide the 

punchline of a joke or to provide an answer  

00:08:09.180 --> 00:08:15.060

to a question in a way that is not immediately 

obvious we can also avoid Simple Text filters such  

00:08:15.060 --> 00:08:21.420

as those used to prevent inappropriate language 

on forums Windows XP even used it to obfuscate  

00:08:21.420 --> 00:08:26.760

some of the values in the registry the reason 

I'm using it here is that it gives an example  

00:08:26.760 --> 00:08:31.680

that can be easily seen and understood as modern 

cryptography uses far more complicated ciphers

00:08:35.520 --> 00:08:39.420

the rot 13 stands for rotate by 13 places  

00:08:40.860 --> 00:08:47.760

it's a special case of the Caesar Cipher shifting 

13 places so effectively the key is integrated  

00:08:47.760 --> 00:08:54.000

into the algorithm there are 26 characters in 

the alphabet so shift in 13 places means that  

00:08:54.000 --> 00:08:59.580

to go back to the plain text you just need to 

apply the algorithm again so instead of having  

00:08:59.580 --> 00:09:06.720

to shift in the opposite direction minus 13 is 

the same as shifting plus 13 places so here is  

00:09:06.720 --> 00:09:13.980

the same phrase encoded using rot 13. if you put 

the ciphertext through the algorithm again as  

00:09:13.980 --> 00:09:19.740

though it was plaintext then you'll get the plain 

text output this is known as a reciprocal Cipher

00:09:22.440 --> 00:09:27.240

you may also have noticed that I've done 

all this in lowercase Rot 13 is normally  

00:09:27.240 --> 00:09:32.520

implemented with a 13 shift for the lowercase and 

a 13 shift for the uppercase so it keeps the case  

00:09:33.360 --> 00:09:37.140

using rot 13 digits and 

punctuation is often left intact  

00:09:37.980 --> 00:09:44.160

rot 47 is an alternative that uses 94 

characters including digits and some punctuation  

00:09:45.420 --> 00:09:51.360

but none of these features make any of these any 

more secure in fact because these are common Keys  

00:09:51.360 --> 00:09:57.540

13 and 47 means they're more likely to be tried 

making them less secure as I said previously  

00:09:57.540 --> 00:10:03.360

these are only used to prevent you accidentally 

seeing the answers similar to puzzle answers being  

00:10:03.360 --> 00:10:07.140

written upside down it should not be used 

for anything that needs to be kept secret

00:10:09.660 --> 00:10:13.320

I'm going to show you how this can be 

implemented in Python I'm going to do  

00:10:13.320 --> 00:10:16.200

this manually as a demonstration 

of how it could be implemented  

00:10:17.040 --> 00:10:22.800

but the algorithm is also included in the 

python codecs module so you don't need to  

00:10:22.800 --> 00:10:27.600

implement it yourself just import that module 

and you can use it from standard libraries

00:10:30.780 --> 00:10:35.820

here's the code it's only 40 lines long and 

some of these are comments empty lines or  

00:10:35.820 --> 00:10:40.740

print statements the code is available on 

my website see the description for details  

00:10:41.460 --> 00:10:44.340

also note this isn't necessarily 

the most efficient way of doing  

00:10:44.340 --> 00:10:48.060

this it's been broken down step by 

step so you can see what happens  

00:10:49.680 --> 00:10:56.100

this is all kept enclosed in a while loop so it 

keeps running constantly until a blank string is  

00:10:56.100 --> 00:11:04.440

entered it uses the input statement to get the 

information from the user as the platin text

00:11:06.780 --> 00:11:11.580

if that's blank then it breaks 

out of this while open finishes  

00:11:12.180 --> 00:11:19.680

but assuming that we've entered some string it's 

going to go through the plain text string storing  

00:11:19.680 --> 00:11:25.740

each character at a time in a variable called 

pt_char which stands for plain text character

00:11:28.260 --> 00:11:35.220

it's going to convert that into an integer pt_int 

and because then we can perform mathematical  

00:11:35.220 --> 00:11:45.060

operations on it it's good to check that it's 

whether it's a capital letter i bigger or equal  

00:11:45.060 --> 00:11:53.580

to a and less than Z assuming it is it's going 

to increment by 13. if it's gone beyond the Z  

00:11:53.580 --> 00:12:03.840

then it's going to subtract 26 characters so this 

effectively becomes a ring it moves around and  

00:12:03.840 --> 00:12:10.140

then it's going to convert this number back into 

a character and add that to the ciphertext string

00:12:13.260 --> 00:12:17.880

the lowercase is exactly the same but we're 

checking for the lowercase letters here instead  

00:12:19.440 --> 00:12:25.500

and finally if it's not a text 

character then it will just add it  

00:12:25.500 --> 00:12:29.880

as it is so this will include numbers 

or punctuation will not be changed

00:12:33.720 --> 00:12:36.240

and then finally we print the result

00:12:38.640 --> 00:12:43.380

so here we've got the code in the Thonny 

editor I'm going to set it running  

00:12:44.820 --> 00:12:49.500

and you can see that it's asked for 

was to enter the string which is from  

00:12:49.500 --> 00:12:56.220

the start of that program so we've just put 

the same phrase we used before hello friend  

00:12:57.240 --> 00:13:03.000

and you'll see the output is here which is 

the same as we used in the previous example  

00:13:04.560 --> 00:13:10.020

and we can show that we can use the same 

algorithm by copying and pasting that

00:13:14.100 --> 00:13:19.980

onto here and then that has been 

converted back to Hello friends so  

00:13:19.980 --> 00:13:24.540

you can see how it moves backwards 

and forwards between the strings

00:13:26.760 --> 00:13:30.120

and you'll also see that the U is capital  

00:13:30.900 --> 00:13:36.900

to match the H which is capital and the 

punctuation which is the space is unchanged

00:13:39.960 --> 00:13:45.300

this has just been a very basic introduction 

to cryptography I briefly covered some of the  

00:13:45.300 --> 00:13:50.520

history of cryptography and I've demonstrated 

you this in example of the rot 13 Cipher  

00:13:51.180 --> 00:13:55.500

in future videos I'll be explaining some 

other features of cryptography and how  

00:13:55.500 --> 00:14:00.240

they can be used to keep your data secure if 

you'd like to know more please subscribe and  

00:14:00.240 --> 00:14:05.520

enable notifications to get notified about 

my future videos if this has been useful  

00:14:05.520 --> 00:14:09.780

please give it a like thanks for watching and 

I look forward to seeing you on a future video

Previous Application Security Testing
Application Security Testing