Cryptography 101 - The Basics

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello I'm David Bromley I'm a professor at Carnegie Mellon University in this video we're going to look at cryptography 101 the basics and by basics I mean the absolute fundamentals I'm going to start out with a motivating example that describes a common scene where we want to use cryptography I'm going to use this to explain the basic vocabulary like what a cipher text is what plaintext is what our cryptographic keys and then I'm going to describe a little bit of what public key cryptography is and what private key cryptography is I want you to really just have an understanding of these terms so we start out with a following motivating example in this example there's two people Alice and Bob that want to talk and they want to pass notes back and forth and these notes are private for example Alice maybe is wanting to send a note that says I like you do you like me and of course Bob's replies also potentially private now they're going to pass these messages across a public forum for example the internet and the goal is to secure this communication and of course we have to be secure against someone and the way we model that is we come up with an adversary and we typically call this adversary or enemy Eve this is actually short for eavesdropping but in fact you can do much more than just eavesdrop for example even Eve may try to change the message for example instead of saying like maybe what Eve does is tries to flip the message to say hate that would be catastrophic so the goal of cryptography is to protect this communication to make it secure so in a sense we want to come up with this notion of a Kryptonian pipe where Alice stuffs messages in the Kryptonian pipe and Bob pulls messages out and they know that during transit Eve couldn't read couldn't tamper couldn't do anything to these messages so a classic definition of cryptography is cryptography is really the practice and study of techniques for securing communication and data in the presence of adversaries really it's the science coming up with this Kryptonian pipe but it's not just about securing communication and data in the way we normally think of it it can actually be much more for example cryptography is one of the backbone ingredients in a new internet currency called Bitcoin so it's not just securing communication it's actually creating a new opportunity for a new currency now in order to describe how we come up with this sort of Kryptonian pipe we come up with something called a crypto system and a crypto system consists of the different parts needed to communicate securely and so at the core of the crypto system is an encryption program and a decryption program and so the way a crypto system works is Alice encrypts her plaintext message which I have here represented by M by giving it to the encryption program and she also gives a key and I have here labeled ke to denote it's an encryption key so this plaintext message the original message is fed into the encryption program at outcomes a ciphertext and it's the ciphertext that goes across the public forum and in fact it's this ciphertext that Eve has access to so Eve may try to eavesdrop or change the ciphertext or whatnot so at the end of the public forum comes out another ciphertext and I've denoted this by C prime to indicate we hope it's the same thing as C but Eve may have tampered with it so if Eve is tampered with it it's not quite the same thing this ciphertext we receive Bob decrypts with his decryption program and his decryption 3kd and what will come out is the original plaintext message M or an error and in particular this error is very important error is the way Bob knows that C was not equal to C Prime and so error is in a sense what tells us if Eve has tampered with the message now there are some important things to note here first in modern cryptography the security of the system purely relies upon keeping the encryption and potentially decryption key secret so the security relies upon the secrecy of the keys and nothing more in particular we assume the encryption and decryption programs are public they're well known why well history has shown that trying to keep the program's themselves secret is really actually dangerous and doesn't work out very well so we try to reduce security to the smallest thing which is really just this key the second thing I want to note here is that I've said there's two keys there's an encryption key and a decryption key and in fact in many classic crypto systems these two keys are exactly the same thing for example this may be a shared password we call this private key communication or another word that you may hear is symmetric encryption of course it's symmetric because both parties have the same key it's also private and one of the challenges with private key crypto systems is the fact that both Alice and Bob know the same key so either one of them by exposing the key can break the security of the crypto system in a sense both Alice and Bob have to keep these keys well protected one of the cool things that happened in the last few years is there's been crypto systems where ke the encryption key is not equal to the decryption key and we call these public or sometimes asymmetric crypto systems now by asymmetric I mean that both parties don't share the same key in fact for example if Alice wants to send an encrypted message to Bob and one way of doing a public key cryptography scheme KD is private but Bob publishes a public encryption key to everyone now Alice would use this public encryption key to encrypt something to Bob and know that only Bob can decrypt it because of certain mathematical properties that that make it so that only the holder of the private he can decrypt those messages so this really took off around 1974 when a variety of different people were studying this problem with really Ralph Merkle was probably the earliest but there are other people like Diffie and Hellman and RSA and even G hcq which is a British spy agency so in real life of course we use both we don't just use public we don't use private we actually use both public and private and probably the most readily available example is HTTPS which stands for hypertext Transfer Protocol with secure sockets it's the protocol we use when we're communicate communicating securely with our web browser with a remote site so if you see this little green lock here what that means is that we've encrypted our communications with a server and in particular we've used public key cryptography and often it's something called like elliptic curve diffie-hellman the actual name here is unimportant to remember but we're using public key cryptography to help set up a cryptographic session and then we switch over to private key cryptography to do the bulk of the encryption and that's that has to do with certain properties of encryption schemes in particular things like public for example tend to be more computationally expensive than private key cryptography but the important point here is we use both we use both every day and a great example is you know just secure communication with our web browser between a remote server so in summary in this video we covered the basic ideas in cryptography we covered this basic setting where Alice and Bob want to communicate securely and there's an adversary Eve who's going to try to thwart this we talked about cypher text plain text and keys and I told you how there's two different cryptographic two different types of cryptographic schemes out there that are distinguished by how they use the keys in public key cryptography remember the encryption key and decryption key need not be the same while in private key cryptography they are the same so with that never stop hacking all see you next time
Info
Channel: Pico Cetef
Views: 317,037
Rating: 4.9056602 out of 5
Keywords:
Id: fNC3jCCGJ0o
Channel Id: undefined
Length: 8min 56sec (536 seconds)
Published: Thu Apr 25 2013
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.