Google Ads
This is a transcript for a video linked here: Introduction to Cryptography part 2.
00:00:00.480 --> 00:00:07.200 this is the second of my videos introduction to cryptography my earlier video gave an 00:00:07.200 --> 00:00:12.780 overview of cryptography some of the history behind cryptography an example using rot 13. 00:00:13.380 --> 00:00:18.060 in this video I'll look at the importance of cryptography today and some additional Concepts 00:00:18.060 --> 00:00:25.620 relevant to Modern security so why is cryptography so important it's essential to many of the things 00:00:25.620 --> 00:00:31.140 we do with Computing today helping to keep your personal details and credit cards safe 00:00:31.140 --> 00:00:34.200 to provide him proof that a person signed a virtual contract 00:00:35.940 --> 00:00:41.040 cryptography can be used to protect data and helps to provide the three elements 00:00:41.040 --> 00:00:47.760 of the CIA Triad confidentiality integrity and Authentication I've explained about the 00:00:47.760 --> 00:00:52.320 CIA Triad in another video so check out that video if you want to understand more about that 00:00:53.220 --> 00:01:00.660 cryptography can provide confidentiality keeping things secret Integrity proving that data hasn't 00:01:00.660 --> 00:01:07.860 been altered and authentication proven that somebody is who they claim to be cryptography 00:01:07.860 --> 00:01:12.960 can also provide non-repudiation providing assurances that data has come from a known sender 00:01:14.520 --> 00:01:19.920 whilst cryptography is often associated with keeping your credit card details secure when 00:01:19.920 --> 00:01:24.540 using a website it isn't just limited to networking it can be used for data which 00:01:24.540 --> 00:01:29.220 is at rest typically when it's stored in a computer but also includes backup storage 00:01:29.940 --> 00:01:34.740 when data is in transit such as when it is being sent across a network it could also 00:01:34.740 --> 00:01:39.720 be when data is being moved from data storage to a different system that will be processing that data 00:01:40.440 --> 00:01:44.160 and also when it's been used which often means stored in memory 00:01:46.740 --> 00:01:51.540 there are different encryption algorithms that are suited to different uses we will look at 00:01:51.540 --> 00:01:56.580 these in future including symmetric encryption and asymmetric encryption as used in public 00:01:56.580 --> 00:02:02.700 key encryption we can also look at how these are used on a daily basis to keep information secure 00:02:04.380 --> 00:02:11.100 the key to encryption is literally the key in modern computer-based cryptography the 00:02:11.100 --> 00:02:16.020 key is usually a large number the key is designed so it is impossible to guess or 00:02:16.020 --> 00:02:19.620 to work out through Brute Force it's usually a very large number 00:02:20.340 --> 00:02:32.800 a 128 bit key can take the values of 0 to 2 to the power 128. or about 3.4 times 10 to the power 38 . 00:02:33.480 --> 00:02:38.520 there are other important aspects to the key which will be explained in this and future videos 00:02:41.640 --> 00:02:48.300 kerckhoffs principle is that cryptography system should be secure even if everything except the 00:02:48.300 --> 00:02:53.340 key is public knowledge this is contrary to the alternative practice of keeping 00:02:53.340 --> 00:02:57.840 security by obscurity where the algorithm needs to be kept secret as well as the key 00:03:00.840 --> 00:03:05.940 the words codes and Cipher are often used interchangeably although that's 00:03:05.940 --> 00:03:12.780 not necessarily the case looking at codes whilst they can be used to create Secrets they do not 00:03:12.780 --> 00:03:19.620 always meet the needs of confidentiality for example within hospitals they often 00:03:19.620 --> 00:03:25.740 use code words colors or numbers that indicate certain situations their codes that members of 00:03:25.740 --> 00:03:29.220 Staff understand but which are meaningless to most of the visitors in the hospital 00:03:30.000 --> 00:03:36.720 for example many hospitals in the USA and Canada use color codes one example is that code red is 00:03:36.720 --> 00:03:41.160 often used to indicate fire this can be used to inform other members of Staff about the incident 00:03:41.160 --> 00:03:46.680 without causing panic and this is not however confidential as others can understand the code 00:03:48.660 --> 00:03:54.000 often codes may not relate to security or confidentiality at all but just a way 00:03:54.000 --> 00:03:58.920 of represented information in fact some are used to make it easier to understand the code 00:03:59.520 --> 00:04:03.840 for example Morse code can be used to transmit information that can 00:04:03.840 --> 00:04:06.780 be understood by anyone that has learned the morse code alphabet 00:04:09.240 --> 00:04:12.360 some codes are phrases with specific reasonings 00:04:14.400 --> 00:04:20.400 for example during the second world war the BBC Radio station radio londres broadcast 00:04:20.400 --> 00:04:27.120 messages to the French Resistance these were sentences or phrases which communicated a 00:04:27.120 --> 00:04:30.900 certain message to the resistance because these were in code and not 00:04:30.900 --> 00:04:35.640 Cipher there was no way to linguistically or mathematically try and decrypt them the 00:04:35.640 --> 00:04:39.240 only way to understand them was to have been told their meaning such as through a code book 00:04:41.280 --> 00:04:46.620 ciphers are a secret way of writing or a form of secret code normally through 00:04:46.620 --> 00:04:51.660 changing individual characters a rough approximation is that ciphers often work 00:04:51.660 --> 00:04:56.940 on individual letters whereas codes after work in entire words but that's not always the case 00:04:58.620 --> 00:05:03.960 ciphers do normally relate to security but that does not mean they are always secure 00:05:05.940 --> 00:05:12.180 this shares the program I created using rot 13 Cipher it's a cipher designed to obscure a 00:05:12.180 --> 00:05:16.980 message but reversing the code is so trivial you would not consider the data to be secure 00:05:17.760 --> 00:05:21.780 for more details about rot 13 see my earlier video or the corresponding 00:05:21.780 --> 00:05:25.560 video on penguin tutor where I created this Cipher application 00:05:27.600 --> 00:05:33.120 links are included in the description the use Link when we're talking about ciphers 00:05:33.120 --> 00:05:39.120 we're looking at ways of encrypting data in a secure way to provide secure encryption 00:05:39.120 --> 00:05:45.120 then we need two factors a computationally complex algorithm and long cryptographic Keys 00:05:45.960 --> 00:05:50.040 algorithms should be designed in a way that knowing the algorithm should not allow anyone 00:05:50.040 --> 00:05:55.260 to understand the message unless they also know the key in fact it's normal for the algorithm 00:05:55.260 --> 00:06:00.840 to be made publicly available and have it open to scrutiny by others can help to make it more secure 00:06:01.680 --> 00:06:05.880 I'll be looking at some of the different algorithms in a future video but in this 00:06:05.880 --> 00:06:09.840 video I'll be looking at Keys the key is a very important part of encryption 00:06:09.840 --> 00:06:14.580 and could say they are key to keeping the data secure it's now pun intended 00:06:17.460 --> 00:06:22.980 cryptographic keys can be either symmetric or asymmetric with pros and cons to each 00:06:24.840 --> 00:06:30.000 algorithms using symmetric keys are often called a shared secret this is 00:06:30.000 --> 00:06:34.080 because the key used for encrypting and decrypting the data has to be the same 00:06:34.080 --> 00:06:38.040 and both parties must therefore know the key they share the key 00:06:40.080 --> 00:06:46.020 the encryption is performed using a secret key the result in cipher text is past the 00:06:46.020 --> 00:06:52.200 recipient the recipient then uses the same secret key to decode the message this is 00:06:52.200 --> 00:06:57.540 fast and with a sufficiently large key can be very difficult to break however it has a few 00:06:57.540 --> 00:07:02.280 weaknesses one being that there needs to be a way of sharing the secret key in a secure way 00:07:03.360 --> 00:07:10.080 also it does not implement non-repudiation and it's not scalable as you need a pair of keys for 00:07:10.080 --> 00:07:15.420 every two people that you want to communicate together or if you shared the key then you 00:07:15.420 --> 00:07:19.560 would need to regenerate and redistribute Keys whenever but somebody left that group 00:07:20.220 --> 00:07:25.080 asymmetric key based algorithms use different keys for the sender and recipient 00:07:26.940 --> 00:07:33.360 the private and public keys are related but unique the private key is one that you need to keep 00:07:33.360 --> 00:07:39.000 private it is used for decrypting the messages received and it can also be used to prove the 00:07:39.000 --> 00:07:45.600 origin of the email the non-repudiation aspect this needs to be kept secret if others get your 00:07:45.600 --> 00:07:50.760 private key then they can read messages intended for you they can also use it to impersonate you 00:07:52.080 --> 00:07:58.620 the public key does not need the same protection in fact it is designed to be distributed it is 00:07:58.620 --> 00:08:05.100 used for encryption the messages it is also needed to validate who sent a message this is 00:08:05.100 --> 00:08:11.100 the key that should be shared although you also need to make sure the key is received as intended 00:08:12.900 --> 00:08:19.320 to explain this better I'm going to use Alice and Bob I introduced these in the last video so 00:08:19.320 --> 00:08:27.480 this is just a quick recap Alice wants to send an encrypted message to Bob Bob should then be 00:08:27.480 --> 00:08:33.840 able to decrypt that message and read it there's also Eve who is trying to ease drop on the message 00:08:34.440 --> 00:08:39.000 we want to ensure that even if Eve sees all the messages then she cannot understand them 00:08:41.160 --> 00:08:46.440 Alis wants to send a message to Bob to be able to encrypt that she needs Bob's public key 00:08:47.340 --> 00:08:54.060 this message can then be sent when Bob receives the email he then uses his private key to decrypt 00:08:54.060 --> 00:09:00.540 the message note that both of these are Bob's Keys Alice's key is not needed to secure the message 00:09:01.320 --> 00:09:05.520 although may be needed if it's necessary to prove that she was the one that sent the message we'll 00:09:05.520 --> 00:09:11.760 cover that later the only person that can read the encrypted message is Bob as it was his public 00:09:11.760 --> 00:09:17.700 key that was used this includes Alice once she's encrypted it she does not have the key to decrypt 00:09:17.700 --> 00:09:23.400 it if Bob wants to send a response to Alice then he would need to use Alice's public key instead 00:09:26.100 --> 00:09:30.900 the public key can be shared with as many people as you want to communicate with so unlike the 00:09:30.900 --> 00:09:36.900 symmetric Keys you only need one pair of keys the public key that you share and the private key 00:09:36.900 --> 00:09:43.920 that you keep Secret users can be removed more easily from the asymmetric systems as you just 00:09:43.920 --> 00:09:50.400 need to remove that key key generation is only required if it uses private key is compromised 00:09:52.440 --> 00:10:01.860 it can provide Integrity authentication and non-repudiation key distribution is simplified and 00:10:01.860 --> 00:10:08.640 now existing communication link needs to exist as you can share the public key the main disadvantage 00:10:08.640 --> 00:10:14.880 is that it is slow one way to overcome this performance issue is to use asymmetric encryption 00:10:14.880 --> 00:10:21.000 to then share a symmetric key this benefits from the advantages of asymmetric key algorithm but 00:10:21.000 --> 00:10:26.160 with the speed Advantage from using symmetric key algorithm after you've exchanged that key 00:10:29.520 --> 00:10:35.940 the previous examples showed encryption used to keep something secret but cryptography can also 00:10:35.940 --> 00:10:42.420 be used to provide integrity and non-repudiation a hash is a one-way algorithm sometimes called the 00:10:42.420 --> 00:10:49.020 message digest or a digital fingerprint it is used to prove a file is uncorrupted since the hash was 00:10:49.020 --> 00:10:55.980 generated a small change to file should create a large change to the hash proving that the file has 00:10:55.980 --> 00:11:02.280 been tampered with it's extremely difficult if not impossible to derive a message from a hash 00:11:02.280 --> 00:11:07.260 function and it's highly likely that two different messages will produce the same hash value 00:11:09.720 --> 00:11:15.120 to perform non-repudiation then the hash value needs to be converted to a digital signature 00:11:15.660 --> 00:11:21.900 this is essentially an encrypted hash value to prove who sent the message note that digital 00:11:21.900 --> 00:11:28.800 signatures and encryption can and often are used together in this example I refer to data which 00:11:28.800 --> 00:11:35.100 may or may not have been encrypted so Alice who is wanting to send a signed message first passes 00:11:35.100 --> 00:11:41.100 the data through a hashing algorithm she then encrypts that hash using her own private key and 00:11:41.100 --> 00:11:49.200 then sends both the data and the signature onto Bob receives the data and the digital signature 00:11:49.920 --> 00:11:55.800 he can generate his own hash using the same hashing algorithm he then decrypts the signature 00:11:55.800 --> 00:12:01.140 he was sent using Alice's public key and compares the hash value to see if they are the same 00:12:01.920 --> 00:12:07.980 if so then that proves that Alice must have sent the message note that Alice's public key 00:12:07.980 --> 00:12:14.700 is used to decrypt the signature this means that anyone can see the hash value but as the hash is a 00:12:14.700 --> 00:12:20.100 one-way function it is not possible to know what the original message is just from the signature 00:12:25.560 --> 00:12:30.540 this video has covered the theory of a number of different cryptographic methods including 00:12:30.540 --> 00:12:35.160 the importance of keys in Secure encryption algorithms and the difference between symmetric 00:12:35.160 --> 00:12:41.220 and asymmetric key based algorithms also explained about how hashes can be used to prove that a 00:12:41.220 --> 00:12:46.080 document hasn't been tampered with and digital signatures can be used to provide non-repudiation 00:12:47.880 --> 00:12:53.520 this has now provided the basis for some practical examples which I'll be showing in future videos if 00:12:53.520 --> 00:12:57.480 you've learned something new then please give this video a like and help YouTube to share it with 00:12:57.480 --> 00:13:03.960 others if you haven't already subscribed please do so and click the notification icon to get notified 00:13:03.960 --> 00:13:09.180 about my future videos thanks for watching I look forward to seeing you in a future video
