WEBVTT 1 00:00:00.080 --> 00:00:03.799 I want you to picture something you do probably every 2 00:00:03.839 --> 00:00:06.559 single day, maybe twenty thirty even one hundred times. 3 00:00:06.440 --> 00:00:08.080 A day, Yeah, easily one hundred times. 4 00:00:08.160 --> 00:00:10.960 Right, You open your browser, you type in a URL. 5 00:00:11.160 --> 00:00:13.560 Maybe it's your bank, maybe it's your email, maybe it's 6 00:00:13.759 --> 00:00:16.160 I don't know, that embarrassing medical question you don't really 7 00:00:16.199 --> 00:00:17.519 want to ask a doctor in person. 8 00:00:17.600 --> 00:00:18.960 We've all been there, exactly. 9 00:00:19.679 --> 00:00:22.719 And you look up and you see that little padlock 10 00:00:22.960 --> 00:00:27.719 icon in the corner, you see the letters HTTPS, and 11 00:00:27.760 --> 00:00:28.559 you just kind of relax. 12 00:00:28.640 --> 00:00:29.320 You feel safe. 13 00:00:29.399 --> 00:00:31.760 You feel safe. You type in your credit card number, 14 00:00:31.839 --> 00:00:35.240 your social Security number, you know your darkest secrets. You 15 00:00:35.320 --> 00:00:39.479 just trust it implicitly. But here's the question that really 16 00:00:39.600 --> 00:00:42.600 kept nagging me while reading our source material for today's 17 00:00:42.640 --> 00:00:46.200 deep dive. Why do we trust it? Like? What is 18 00:00:46.280 --> 00:00:50.320 actually happening behind that little icon to justify all that trust? 19 00:00:50.439 --> 00:00:53.200 It is arguably the single most important click we make 20 00:00:53.240 --> 00:00:55.719 in the modern world, and for most people, I mean, 21 00:00:55.719 --> 00:00:58.880 it's just magic. It's a binary state, right, it's locked 22 00:00:58.960 --> 00:01:01.159 or it's unlocked. Yeah, But as we're going to find 23 00:01:01.159 --> 00:01:04.599 out today exploring this, it is definitely not magic. It's 24 00:01:04.879 --> 00:01:05.959 basically a war zone. 25 00:01:06.280 --> 00:01:08.959 A war zone is an incredibly vivid way to put it. 26 00:01:09.560 --> 00:01:13.000 Welcome back to the Deep Dive Today we are tackling 27 00:01:13.079 --> 00:01:16.400 an absolute beast of a topic. We're engaging with TLS 28 00:01:16.439 --> 00:01:20.799 Cryptography in Depth by doctor Paul Dupless and doctor Roland Schmidz. Now, 29 00:01:20.840 --> 00:01:22.239 I have to be honest with you. When I first 30 00:01:22.280 --> 00:01:23.920 saw the title, I thought, Okay, this is going to 31 00:01:23.920 --> 00:01:24.239 be dry. 32 00:01:24.319 --> 00:01:25.120 It sounds a bit heavy. 33 00:01:25.319 --> 00:01:29.359 It does transport layer security doesn't exactly screen betreat. I 34 00:01:29.400 --> 00:01:33.280 was fully expecting pages and pages of just impossible math. Right. 35 00:01:33.319 --> 00:01:36.040 It sounds incredibly dense, and look, the math inside the 36 00:01:36.040 --> 00:01:38.599 protocol is dense. It kind of has to be. But 37 00:01:38.640 --> 00:01:40.719 if you peel back the layers as we're going to do, 38 00:01:40.879 --> 00:01:42.640 this isn't really a math book. It's a book about 39 00:01:42.680 --> 00:01:46.000 high stake strategy. It is the story of the invisible 40 00:01:46.120 --> 00:01:49.799 armor that keeps the global economy from effectively collapsing overnight 41 00:01:50.480 --> 00:01:52.920 because without TLS, the Internet as we know it simply 42 00:01:52.920 --> 00:01:55.480 stops functioning. That's totally the vibe I got once I 43 00:01:55.519 --> 00:01:58.519 actually started reading. The mission for this deep dive is 44 00:01:58.560 --> 00:02:02.319 to try and move past the complex equations. Will leave 45 00:02:02.359 --> 00:02:05.560 the capulus to the computers and get at the core 46 00:02:05.719 --> 00:02:09.280 question the authors are posing, how do two people who 47 00:02:09.280 --> 00:02:12.879 have literally never met share a secret in a crowded 48 00:02:12.919 --> 00:02:14.520 room without anyone else hearing. 49 00:02:14.719 --> 00:02:16.800 That's the golden question because looking at. 50 00:02:16.680 --> 00:02:20.520 The source material, the answer involves everything from Cold War 51 00:02:20.520 --> 00:02:23.280 spies to well, actual lava lamps. 52 00:02:23.400 --> 00:02:27.080 The lava answer honestly my favorite part of the whole infrastructure. 53 00:02:27.120 --> 00:02:28.280 We will definitely get to those. 54 00:02:28.439 --> 00:02:30.520 Yeah, it really covers the full spectrum. It spans the 55 00:02:30.560 --> 00:02:32.919 history of the Internet, from the early days where everyone 56 00:02:32.960 --> 00:02:36.280 just trusted everyone to the modern zero trust environment we 57 00:02:36.319 --> 00:02:37.240 have to live in right now. 58 00:02:37.639 --> 00:02:40.159 So let's unpack this. The book starts by setting the 59 00:02:40.159 --> 00:02:42.599 stage with a bit of history. We usually think of 60 00:02:42.599 --> 00:02:47.439 cryptography as this military thing, right Enigma machines, guys in 61 00:02:47.520 --> 00:02:51.879 trench coats, meeting on foggy bridges, submarines exchanging coded messages. 62 00:02:52.120 --> 00:02:55.240 Historically, that's exactly what it was. For thousands of years. 63 00:02:55.240 --> 00:03:00.159 Cryptography was exclusively for generals, diplomats, and spies. Right. If 64 00:03:00.199 --> 00:03:03.719 you were just a regular person in say nineteen fifty, 65 00:03:04.000 --> 00:03:06.560 you didn't need to encrypt your grocery list or your 66 00:03:06.639 --> 00:03:09.840 letter to Gramma. No one cared exactly. But the source 67 00:03:09.879 --> 00:03:13.319 material makes a crucial point here the shifts wasn't just 68 00:03:13.360 --> 00:03:18.719 about technology improving, It was about necessity. Two massive forces 69 00:03:18.759 --> 00:03:23.879 collided to make cryptography essential for every single person on Earth, 70 00:03:24.479 --> 00:03:27.039 and those are connectivity and complexity. 71 00:03:27.199 --> 00:03:30.840 Let's start with connectivity. Because on the surface, connecting everything 72 00:03:30.879 --> 00:03:33.599 seems great. My toaster talks to my phone, my car 73 00:03:33.639 --> 00:03:35.759 talks to the traffic lights. I can see who is 74 00:03:35.800 --> 00:03:38.039 at my front door while I'm on vacation. It all 75 00:03:38.039 --> 00:03:41.080 feels like progress. But the authors argue this created a 76 00:03:41.120 --> 00:03:41.960 massive problem. 77 00:03:42.080 --> 00:03:44.599 It created the problem of the attack surface. Think about 78 00:03:44.599 --> 00:03:46.360 it this way. When you connect to toothbrush or a 79 00:03:46.439 --> 00:03:49.039 cart to the Internet, you are opening a door. You 80 00:03:49.120 --> 00:03:50.400 were creating an entry point. 81 00:03:50.520 --> 00:03:51.000 Yeah. 82 00:03:51.039 --> 00:03:53.479 And the scary part, which the authors highlight beautifully is 83 00:03:53.520 --> 00:03:57.159 the concept of zero marginal cost. This is an economic 84 00:03:57.240 --> 00:04:00.000 term that has terrifying implications for cybersecurity. 85 00:04:00.360 --> 00:04:03.639 Zero marginal cost. I actually circled that phrase in my notes. 86 00:04:03.680 --> 00:04:06.560 It sounds a bit like business school jargon. But break 87 00:04:06.560 --> 00:04:08.319 that down for us. How does that apply to hacking? 88 00:04:08.560 --> 00:04:11.479 Okay, so imagine you want to break into houses in 89 00:04:11.520 --> 00:04:15.039 a physical neighborhood. To break into one house takes time, 90 00:04:15.400 --> 00:04:18.040 it takes effort and risk. I have to pick the lock, 91 00:04:18.199 --> 00:04:21.040 check for dogs, avoid the police, maybe jump a fence. 92 00:04:21.240 --> 00:04:23.160 Sounds exhausting right now. 93 00:04:23.279 --> 00:04:27.000 To break into six hundred thousand houses that would take lifetimes. 94 00:04:27.279 --> 00:04:29.439 It is physically impossible for one person to. 95 00:04:29.399 --> 00:04:31.399 Do that because the physics of the real world slow 96 00:04:31.480 --> 00:04:33.160 you down. You can only be in one place at 97 00:04:33.160 --> 00:04:34.160 one time exactly. 98 00:04:34.360 --> 00:04:36.920 But in the digital world, physics doesn't apply in the 99 00:04:36.959 --> 00:04:40.079 same way. Once an attacker writes a script to hack 100 00:04:40.120 --> 00:04:43.920 one specific device, say a specific model of webcam with 101 00:04:44.040 --> 00:04:47.000 a known security flaw, the cost to hack one hundred 102 00:04:47.040 --> 00:04:50.120 thousand of those webcams is essentially zero. Wow, it costs 103 00:04:50.120 --> 00:04:52.439 them nothing to scale up. You just press enter and 104 00:04:52.519 --> 00:04:54.439 the script runs against the entire Internet. 105 00:04:54.519 --> 00:04:57.480 That is a terrifying thought, scaling a crime instantly, and 106 00:04:57.560 --> 00:05:00.720 the source gives a really concrete, really just diructive example 107 00:05:00.720 --> 00:05:02.879 of this the Mirri botnet from twenty sixteen. 108 00:05:03.079 --> 00:05:05.319 This is a classic case study in the book. Mira 109 00:05:05.600 --> 00:05:08.279 was a piece of malware that honestly wasn't even that 110 00:05:08.319 --> 00:05:11.639 sophisticated code wise. It was actually quite simple. Really yeah. 111 00:05:11.680 --> 00:05:15.480 It just scanned the Internet for IoT devices, cameras, routers, 112 00:05:15.519 --> 00:05:19.399 baby monitors that were still using factory default passwords. Because 113 00:05:19.720 --> 00:05:22.560 let's be honest, how often do users plug these things 114 00:05:22.600 --> 00:05:24.439 in and actually change the admin settings? 115 00:05:24.759 --> 00:05:27.519 Almost never. I'm guilty of it. You get the new gadget, 116 00:05:27.560 --> 00:05:29.360 you just want it to work, you plug it in, 117 00:05:29.439 --> 00:05:30.839 and you completely forget about it. 118 00:05:30.879 --> 00:05:33.079 We all are, Yeah, And the speed of this infection 119 00:05:33.319 --> 00:05:36.800 was insane. The source notes that at its peak, Mira 120 00:05:37.079 --> 00:05:40.720 was infecting devices within minutes of them going online. Metz 121 00:05:40.800 --> 00:05:44.560 it amassed an army of six hundred thousand bots, and 122 00:05:44.639 --> 00:05:47.720 it did this because of that connectivity. You couldn't physically 123 00:05:47.720 --> 00:05:52.199 recruit six hundred thousand soldiers that fast, but digitally it 124 00:05:52.240 --> 00:05:54.759 took moments. And then they used those six hundred thousand 125 00:05:54.759 --> 00:05:57.319 devices to launch attacks that took down major parts of 126 00:05:57.319 --> 00:05:57.879 the Internet. 127 00:05:58.120 --> 00:06:01.000 So that's connectivity. We've connected every thing, so everything is 128 00:06:01.040 --> 00:06:04.199 vulnerable to these mass scale attacks. But then we have 129 00:06:04.240 --> 00:06:07.439 the second driver, which is complexity. The authors have this 130 00:06:07.560 --> 00:06:11.160 quote that I underline three times complexity is the worst 131 00:06:11.319 --> 00:06:12.399 enemy of security. 132 00:06:12.839 --> 00:06:15.959 It's a bold statement, but it holds up under scrutiny. 133 00:06:16.759 --> 00:06:20.000 The logic is simple. The more complex a system is, 134 00:06:20.319 --> 00:06:23.639 the more moving parts it has, and more moving parts 135 00:06:23.639 --> 00:06:27.240 means more mistakes. Software is written by humans, and humans 136 00:06:27.279 --> 00:06:28.040 make mistakes. 137 00:06:28.639 --> 00:06:31.399 They use the Linux kernel as an example here to 138 00:06:31.480 --> 00:06:34.120 illustrate just how big these systems have gotten. 139 00:06:34.319 --> 00:06:36.959 Right, The Linux kernel is the core of so many 140 00:06:37.000 --> 00:06:40.519 operating systems, including Android, and a huge chunk of the 141 00:06:40.519 --> 00:06:43.240 web's infrastructure is something like thirty million lines. 142 00:06:43.040 --> 00:06:44.519 Of code thirty millionar. 143 00:06:44.680 --> 00:06:46.759 Now, think about human error. Even if you are the 144 00:06:46.800 --> 00:06:49.439 absolute best programmer in the world, you are going to 145 00:06:49.480 --> 00:06:52.120 make typos. You're going to make logic errors. Even if 146 00:06:52.160 --> 00:06:54.680 you only have one bug for every ten thousand lines 147 00:06:54.680 --> 00:06:57.560 of code, which would be an incredibly low air rate. 148 00:06:58.160 --> 00:07:01.759 A system that size is satistically guaranteed to have thousands 149 00:07:01.759 --> 00:07:02.720 of vulnerabilities. 150 00:07:02.920 --> 00:07:05.600 So we are essentially building systems that are just too 151 00:07:05.720 --> 00:07:09.319 big to ever be fully bug free. We're building skyscrapers 152 00:07:09.399 --> 00:07:12.000 knowing there are cracks in the foundation simply because the 153 00:07:12.040 --> 00:07:15.240 skyscraper is too big to inspect every single inch of 154 00:07:15.279 --> 00:07:16.399 concrete precisely. 155 00:07:16.680 --> 00:07:18.759 And that is the fundamental argument for why we need 156 00:07:18.759 --> 00:07:22.720 cryptography and protocols like TLS. We can't fix every bug 157 00:07:22.720 --> 00:07:26.079 in the software. It's impossible, So we wrap the communication 158 00:07:26.240 --> 00:07:29.199 in this invisible armor to protect it, even when the 159 00:07:29.240 --> 00:07:32.680 system itself might be vulnerable. We assume the network is 160 00:07:32.720 --> 00:07:34.519 hostile and we armor the data. 161 00:07:35.040 --> 00:07:37.759 Okay, so that's the why we're living in a glasshouse 162 00:07:37.759 --> 00:07:41.079 of complexity and connectivity. Now, let's talk about the how 163 00:07:41.399 --> 00:07:43.600 the book introduces us to a cast of characters to 164 00:07:43.639 --> 00:07:45.759 explain how this armour works. If you've ever read anything 165 00:07:45.800 --> 00:07:48.480 about crypto, you know these names. We've got Alice and Bob, 166 00:07:48.600 --> 00:07:49.319 the famous duo. 167 00:07:49.720 --> 00:07:52.399 Alice is usually the center, Bob is the receiver. They 168 00:07:52.399 --> 00:07:55.279 are just placeholders for point A and point B. But 169 00:07:55.399 --> 00:07:58.680 in a security context, we have to introduce the villains 170 00:07:58.720 --> 00:08:03.319 to really understand the stakes. You have Eve Eve the evesdropper. Correct, 171 00:08:03.680 --> 00:08:06.279 she just listens, She sits on the wire. She wants 172 00:08:06.319 --> 00:08:08.800 to steal your credit card number or read your emails, 173 00:08:08.839 --> 00:08:12.000 but she doesn't actually touch the data. She's passive. She's 174 00:08:12.040 --> 00:08:14.240 the spy in the corner booth with the newspaper cutout. 175 00:08:14.360 --> 00:08:17.120 And then there's the nastier one, Mallorie. 176 00:08:17.560 --> 00:08:21.800 Mallory is the active attacker. She's malicious. She doesn't just listen. 177 00:08:22.199 --> 00:08:24.680 She intercepts the message and changes it. She takes a 178 00:08:24.680 --> 00:08:27.480 message like paid Bob ten dollars and changes it to 179 00:08:27.519 --> 00:08:30.360 pay Mallory ten thousand, dollars before passing. 180 00:08:30.000 --> 00:08:33.159 It along to stop even Mallory. The book introduces this 181 00:08:33.240 --> 00:08:36.240 framework called the CIA triad, and I have to clarify 182 00:08:36.320 --> 00:08:38.960 for everyone listening, this is not the Spy Agency, no. 183 00:08:39.200 --> 00:08:42.200 Although I'm sure the agency cares deeply about this concept too. 184 00:08:42.639 --> 00:08:48.480 CIA in this context stands for confidentiality, integrity, and authentication. 185 00:08:48.960 --> 00:08:51.399 These are the three pillars of a secure channel. If 186 00:08:51.440 --> 00:08:54.440 you are missing even one, you aren't safe. You need 187 00:08:54.480 --> 00:08:56.200 all three to actually trust the connection. 188 00:08:56.440 --> 00:08:58.240 Let's take them one by one to see how they 189 00:08:58.279 --> 00:09:02.080 actually work in the wild. Starting confidentiality, this is what 190 00:09:02.240 --> 00:09:04.399 most of us think of when we hear the word encryption, 191 00:09:05.000 --> 00:09:06.679 Keeping secret secret right. 192 00:09:07.080 --> 00:09:10.879 This is the primary defense against EVE. Only Alice Babob 193 00:09:10.919 --> 00:09:13.679 should be able to read the message. If EVE intercepts it, 194 00:09:13.679 --> 00:09:18.080 it should just look like garbage data, pure static. But 195 00:09:18.120 --> 00:09:20.399 the source gives a great example of what happens when 196 00:09:20.440 --> 00:09:21.799 confidentiality fails. 197 00:09:22.279 --> 00:09:26.240 The we hack oh early Wi Fi security. I remember 198 00:09:26.279 --> 00:09:29.480 this being notoriously bad, but I never actually understood why. 199 00:09:29.519 --> 00:09:31.399 I just knew I was supposed to switch my router 200 00:09:31.519 --> 00:09:32.279 to WPA. 201 00:09:32.519 --> 00:09:37.960 It was awful. WEP stands for wired equivalent privacy. The 202 00:09:38.039 --> 00:09:40.240 goal was to make Wi Fi as safe as plugging 203 00:09:40.240 --> 00:09:43.519 in a physical cable, but the math was fundamentally flawed. 204 00:09:43.840 --> 00:09:48.159 The source explains that WEP reused its keys way too often, 205 00:09:48.320 --> 00:09:48.639 so it. 206 00:09:48.600 --> 00:09:51.240 Was repetitive, like using the same password. 207 00:09:50.759 --> 00:09:53.200 Over and over in a way. Yeah, imagine a codebook 208 00:09:53.200 --> 00:09:55.120 where you eventually have to start back at page one. 209 00:09:55.240 --> 00:09:57.519 An attacker could just sit outside your house in a car, 210 00:09:57.840 --> 00:09:59.840 listen to the noise of your network traffic, and because 211 00:09:59.879 --> 00:10:03.360 the patterns eventually repeated, they could mathematically recover the password 212 00:10:03.360 --> 00:10:04.679 without ever knocking on your door. 213 00:10:04.759 --> 00:10:06.159 How long are we talking hours? 214 00:10:06.320 --> 00:10:07.639 Days with it? About one minute? 215 00:10:07.679 --> 00:10:09.080 One minute. That's not even enough time to make a 216 00:10:09.080 --> 00:10:09.799 cup of coffee. 217 00:10:09.919 --> 00:10:13.600 Nope, you just drive by and steal the network. So 218 00:10:13.720 --> 00:10:17.000 confidentiality is eve can't read my stuff. But that's only 219 00:10:17.039 --> 00:10:20.679 step one. Next up is integrity. This is the one 220 00:10:20.720 --> 00:10:22.120 I think people overlook the most. 221 00:10:22.279 --> 00:10:25.240 I definitely did before reading this. Integrity means knowing that 222 00:10:25.279 --> 00:10:29.039 the message wasn't changed in transit. It's the defense against Mallory. 223 00:10:29.240 --> 00:10:32.360 It is because secrecy isn't enough. If I send an 224 00:10:32.440 --> 00:10:36.519 encrypted message to the bank saying Paybob, and Mallory scrambles 225 00:10:36.519 --> 00:10:39.120 the encrypted bits so that when the bank decrypts it, 226 00:10:39.120 --> 00:10:42.240 it says pay Mallory. It doesn't matter that it was encrypted. 227 00:10:42.279 --> 00:10:44.720 The instruction got changed. The system failed. 228 00:10:44.799 --> 00:10:48.440 And the scariest, most Hollywood style example of an integrity 229 00:10:48.440 --> 00:10:52.399 attack and the source material has to be stucksnet. 230 00:10:51.440 --> 00:10:54.600 The famous worm that hit the Iranian nuclear facilities. That 231 00:10:54.759 --> 00:10:56.639 is the ultimate integrity case study. 232 00:10:56.679 --> 00:10:58.960 This story always blows my mind. Walk us through the 233 00:10:59.000 --> 00:11:01.639 integrity failure there. How did it actually trick them? So? 234 00:11:01.679 --> 00:11:05.559 Stucksnent was sophisticated for many reasons, but the integrity aspect 235 00:11:05.639 --> 00:11:10.080 is fascinating. It attacked the centrifuges, the machinery used to 236 00:11:10.200 --> 00:11:14.039 enrich uranium. It didn't just shut them down, It manipulated 237 00:11:14.039 --> 00:11:17.360 the commands to make the centrifuges spin too fast and 238 00:11:17.440 --> 00:11:18.919 literally destroy themselves. 239 00:11:19.480 --> 00:11:22.600 But the operators were sitting in a control room monitoring this. 240 00:11:23.039 --> 00:11:25.480 Why didn't they see the machines spinning out of control 241 00:11:25.519 --> 00:11:26.399 on their screens. 242 00:11:26.639 --> 00:11:29.559 That's the genius and the horror of the attack. While 243 00:11:29.559 --> 00:11:32.759 it was destroying the machines, stucksnet was sending fake data 244 00:11:32.840 --> 00:11:35.639 back to the control room. It had recorded normal operations 245 00:11:35.679 --> 00:11:37.840 prior to the attack and was playing that loop back 246 00:11:37.879 --> 00:11:38.720 to the screens, So. 247 00:11:38.720 --> 00:11:42.080 The operators are looking at their monitors seeing system normal, 248 00:11:42.240 --> 00:11:44.919 sipping their tee, while the reality in the next room 249 00:11:44.960 --> 00:11:48.720 is system critical and centrifuges are tearing themselves apart. 250 00:11:49.000 --> 00:11:52.120 That is the integrity breach. The data they were receiving 251 00:11:52.240 --> 00:11:55.320 was a lie. It had lost its integrity, and that 252 00:11:55.440 --> 00:11:59.840 failure caused physical destruction. It shows that digital security is 253 00:12:00.240 --> 00:12:02.840 just about data. It's about the physical world too. 254 00:12:03.200 --> 00:12:06.200 That really drives it home. It's not just about stealing data, 255 00:12:06.360 --> 00:12:10.039 it's about trusting what you see, which leads us to 256 00:12:10.080 --> 00:12:13.440 the third pillar, authentication. 257 00:12:13.639 --> 00:12:17.240 The A and the triad, proving you are who you 258 00:12:17.320 --> 00:12:20.000 say you are. This is arguably the most critical one 259 00:12:20.039 --> 00:12:23.960 because you can have a perfectly encrypted, integrity protected connection 260 00:12:24.200 --> 00:12:27.120 straight to a hacker exactly if you don't know who 261 00:12:27.159 --> 00:12:29.200 is on the other end of the line, the encryption 262 00:12:29.240 --> 00:12:31.759 doesn't matter. And this brings us to the g Pack 263 00:12:31.840 --> 00:12:34.799 of twenty fifteen, a huge moment, a watershed moment in 264 00:12:34.840 --> 00:12:38.559 IoT security. This changed how the auto industry thought about 265 00:12:38.600 --> 00:12:39.559 software entirely. 266 00:12:40.120 --> 00:12:43.639 Two researchers, Charlie Miller and Chris Baalisek, managed to remotely 267 00:12:43.679 --> 00:12:46.120 take control of a jeep Cherokee. And we aren't talking 268 00:12:46.159 --> 00:12:49.000 about changing the radio station or rolling down the windows. 269 00:12:49.039 --> 00:12:52.720 We were talking steering, brakes, transmission right. 270 00:12:52.919 --> 00:12:54.840 And the scary part was where they were doing it from. 271 00:12:55.240 --> 00:12:57.240 They weren't in the back seat with the laptop plugged 272 00:12:57.240 --> 00:13:00.200 into the dashboard. They were sitting on a couch miles away. 273 00:13:00.679 --> 00:13:04.879 They exploited the car's infotainment system. You connect via the 274 00:13:04.919 --> 00:13:06.000 cellular network, but. 275 00:13:06.000 --> 00:13:07.799 How does the radio let you cut the brakes? That 276 00:13:07.840 --> 00:13:09.440 seems like a massive design flaw. 277 00:13:09.720 --> 00:13:12.840 It is. Once they got into the infotainment system, they 278 00:13:12.840 --> 00:13:15.519 found a component called the d bus. This is like 279 00:13:15.559 --> 00:13:18.039 the internal nervous system of the car. It connects the 280 00:13:18.120 --> 00:13:21.679 radio to the engine, the brakes, the steering. Yeah, and 281 00:13:21.759 --> 00:13:25.879 here is where authentication failed. The d bus didn't ask 282 00:13:25.960 --> 00:13:26.360 for ID. 283 00:13:26.600 --> 00:13:28.600 It just trusted the commands completely. 284 00:13:29.000 --> 00:13:31.480 It assumed that if you were connected to the internal network, 285 00:13:31.639 --> 00:13:35.039 you must be safe. It didn't authenticate the commands at all. 286 00:13:35.159 --> 00:13:37.879 So the researchers could send a command like engage brakes, 287 00:13:38.120 --> 00:13:40.480 and the car just obeyed. It didn't ask are you 288 00:13:40.519 --> 00:13:43.480 the driver or are you a mechanic? It just said okay. 289 00:13:43.960 --> 00:13:46.720 That is terrifying. It's like walking into a bank vault 290 00:13:46.720 --> 00:13:48.679 just because the front door was unlocked, and the vault 291 00:13:48.720 --> 00:13:50.159 just opens because you're standing there. 292 00:13:50.320 --> 00:13:53.039 Another great example of authentication failure in the book is 293 00:13:53.399 --> 00:13:55.759 the false base station or stingray attack. 294 00:13:55.879 --> 00:13:57.799 This is with mobile phones, right, I've heard about these 295 00:13:57.840 --> 00:13:59.039 being used in cities. 296 00:13:59.200 --> 00:14:03.320 Yes, your phone constantly looks for a cell tower, but 297 00:14:03.399 --> 00:14:06.320 in early two G networks and even some setups today, 298 00:14:07.320 --> 00:14:10.120 the phone didn't require the tower to prove its identity. 299 00:14:10.159 --> 00:14:11.919 It just connected to the strongest signal. 300 00:14:12.399 --> 00:14:15.679 It's just looking for the loudest voice in the room exactly. 301 00:14:15.919 --> 00:14:19.080 So police or attackers could set up a fake tower, 302 00:14:19.480 --> 00:14:23.480 a stingray that blasts a really strong signal. Your phone says, oh, 303 00:14:23.519 --> 00:14:26.639 a great signal, and connects to it instead of the real. 304 00:14:26.440 --> 00:14:28.879 Tower, and now all your calls and data are going 305 00:14:28.879 --> 00:14:29.879 through them because. 306 00:14:29.639 --> 00:14:32.639 The network failed to authenticate itself to the phone. The 307 00:14:32.720 --> 00:14:34.720 two way street, you need to know the bank is 308 00:14:34.759 --> 00:14:37.039 the bank, and the bank needs to know you Are 309 00:14:37.120 --> 00:14:37.799 you okay? 310 00:14:37.799 --> 00:14:43.080 So we have the triad confidentiality, integrity, authentication. But here 311 00:14:43.120 --> 00:14:46.559 is the million dollar question that the book raises. If 312 00:14:46.600 --> 00:14:49.039 the bad guys know all this, if they know the math, 313 00:14:49.120 --> 00:14:51.840 they know the protocols, they know the triad. How do 314 00:14:51.879 --> 00:14:55.360 we keep anything safe? Doesn't the enemy knowing the system 315 00:14:55.559 --> 00:14:58.240 make it weak? If I tell a Burgling exactly what 316 00:14:58.320 --> 00:15:00.559 brand of lock I have on my front door, isn't 317 00:15:00.600 --> 00:15:01.399 that a bad idea? 318 00:15:01.679 --> 00:15:04.600 That is the paradox, but in cryptography it's actually the 319 00:15:04.639 --> 00:15:07.279 exact opposite. This is known as Kirkos principle. 320 00:15:07.480 --> 00:15:09.159 The enemy knows the system or. 321 00:15:09.159 --> 00:15:12.480 Gus Kirkhofs back in the nineteenth century argued that you 322 00:15:12.519 --> 00:15:16.200 should never rely on security by obscurity. You shouldn't rely 323 00:15:16.279 --> 00:15:20.120 on hiding how your system works, because eventually a manual 324 00:15:20.159 --> 00:15:24.759 gets lost, or a disgruntled employee leaks the blueprints, or 325 00:15:25.039 --> 00:15:26.440 someone reverse engineers it. 326 00:15:26.480 --> 00:15:29.360 So if the blueprints are public, where is the secret 327 00:15:29.480 --> 00:15:30.399 the key? 328 00:15:30.440 --> 00:15:32.399 The only thing that should be secret is the key. 329 00:15:33.440 --> 00:15:36.519 The lock design can be totally public. In fact, it 330 00:15:36.559 --> 00:15:39.200 should be public so that thousands of experts can try 331 00:15:39.200 --> 00:15:42.919 to piket and find flaws, but the key, that specific 332 00:15:42.960 --> 00:15:45.600 string of data, must remain entirely private. 333 00:15:45.799 --> 00:15:48.440 It's like the lock on your front door. Everyone knows 334 00:15:48.440 --> 00:15:50.279 how a pin tumbler lock works. You can look it 335 00:15:50.320 --> 00:15:52.960 up on Wikipedia right now. But knowing how the lock 336 00:15:53.000 --> 00:15:55.159 works doesn't help you get into my house unless you 337 00:15:55.200 --> 00:15:57.279 have my specific key precisely. 338 00:15:57.759 --> 00:16:00.360 Open design leads to stronger security because it gets tested 339 00:16:00.360 --> 00:16:03.200 by the community and the source material goes deep into 340 00:16:03.240 --> 00:16:05.960 key management, because if the key is the only secret, 341 00:16:06.240 --> 00:16:09.279 you better protect it with your life. One major concept 342 00:16:09.320 --> 00:16:10.960 here is forward secrecy. 343 00:16:10.559 --> 00:16:13.840 Which sounds like time travel, but it's actually about damage control. 344 00:16:14.080 --> 00:16:17.360 It is imagine you use the same key for every 345 00:16:17.399 --> 00:16:19.840 email you sent for ten ms. If I steal that 346 00:16:19.919 --> 00:16:22.480 key today, I can go back and read everything you 347 00:16:22.480 --> 00:16:24.799 wrote in twenty fifteen total disaster. 348 00:16:24.960 --> 00:16:26.879 My entire history is exposed. 349 00:16:27.080 --> 00:16:30.279 Forward secrecy means we change the keys constantly. We use 350 00:16:30.320 --> 00:16:33.639 session keys. We generate a key, use it for one conversation, 351 00:16:33.799 --> 00:16:34.720 and then destroy it. 352 00:16:34.679 --> 00:16:36.919 Like burning the diary after you write the entry. 353 00:16:37.080 --> 00:16:39.480 Exactly if I hack you today, I can't read the 354 00:16:39.519 --> 00:16:43.480 messages you sent yesterday because that key is gone. It 355 00:16:43.519 --> 00:16:44.559 doesn't exist anymore. 356 00:16:44.639 --> 00:16:47.360 It effectively locks the pass. I love that, but this 357 00:16:47.399 --> 00:16:50.039 brings up a technical problem that I found really interesting 358 00:16:50.080 --> 00:16:53.639 while reading. To generate all these keys, we need randomness. 359 00:16:53.679 --> 00:16:55.960 We need to pick numbers that no one can guess, 360 00:16:56.360 --> 00:16:59.759 and as the book points out, computers are actually terrible 361 00:16:59.799 --> 00:17:00.679 at being random. 362 00:17:00.840 --> 00:17:04.680 They are. Computers are logical machines. They follow strict instructions. 363 00:17:05.079 --> 00:17:07.279 If you tell a computer to pick a random number, 364 00:17:07.599 --> 00:17:10.759 it uses an algorithm. It's like flipping a coin. But 365 00:17:10.839 --> 00:17:13.160 if you knew the exact wind speed, the force of 366 00:17:13.200 --> 00:17:15.240 the thumb, and the weight of the coin, you could 367 00:17:15.279 --> 00:17:17.200 predict the outcome every single time. 368 00:17:17.519 --> 00:17:20.599 And if a hacker knows the algorithm and the starting 369 00:17:20.640 --> 00:17:23.880 point the seed, they can predict the number the computer 370 00:17:23.960 --> 00:17:24.720 will pick. 371 00:17:24.519 --> 00:17:27.519 Which defeats the whole purpose. If I can predict your key, 372 00:17:27.759 --> 00:17:30.480 I can unlock your door. This is where we get 373 00:17:30.519 --> 00:17:35.559 into entropy. In crypto, entropy basically means surprise or uncertainty. 374 00:17:35.640 --> 00:17:39.559 We need a source of data that is completely unpredictable. 375 00:17:38.920 --> 00:17:40.680 And this is where the lava lamps come in. I 376 00:17:40.839 --> 00:17:43.799 tease this at the very beginning. The source mentions cloud Flare, 377 00:17:43.960 --> 00:17:46.880 a massive web security company, tell us about the wall 378 00:17:46.920 --> 00:17:47.480 of entropy. 379 00:17:47.680 --> 00:17:50.400 It's brilliant. At their headquarters, they have a wall of 380 00:17:50.599 --> 00:17:54.000 actual physical lava lamps. They have a camera pointed right 381 00:17:54.039 --> 00:17:57.039 at them. The blobs of lax moving around are governed 382 00:17:57.079 --> 00:18:01.039 by fluid dynamics, heat chaos. It is fithysically impossible to 383 00:18:01.039 --> 00:18:04.160 predict exactly what shape those blobs will take next. 384 00:18:04.279 --> 00:18:06.319 So they use the video feed of the lava. 385 00:18:06.160 --> 00:18:07.440 Lamps as a source of randomness. 386 00:18:07.519 --> 00:18:08.279 Yes, wild. 387 00:18:08.319 --> 00:18:11.079 They digitize the visual noise of the lava lamps to 388 00:18:11.200 --> 00:18:15.359 generate true randomness. They mix that with the computer's mathematical 389 00:18:15.440 --> 00:18:19.079 randomness to create keys that are effectively impossible to predict. 390 00:18:19.319 --> 00:18:22.039 That is just so cool. You're securing the banking data 391 00:18:22.079 --> 00:18:25.680 of the world using groovy nineteen seventies room decre. 392 00:18:25.480 --> 00:18:27.720 It highlights the lengths we have to go to. We 393 00:18:27.799 --> 00:18:29.640 have to reach out into the physical world, into the 394 00:18:29.720 --> 00:18:34.160 chaos of reality to find true unpredictability because the digital 395 00:18:34.160 --> 00:18:35.559 world is just too orderly. 396 00:18:35.960 --> 00:18:38.400 So bringing it all together, we live in this world 397 00:18:38.440 --> 00:18:43.079 of infinite connectivity and zero cost attacks. To survive, we 398 00:18:43.119 --> 00:18:46.799 build these secure channels. We use the CIA triad to 399 00:18:46.960 --> 00:18:50.000 ensure no one is listening, nothing is changed, and we 400 00:18:50.119 --> 00:18:51.000 know who we're talking to. 401 00:18:51.240 --> 00:18:54.759