WEBVTT 1 00:00:00.040 --> 00:00:03.439 Hey everyone, and welcome back for another deep dive. Today, 2 00:00:04.639 --> 00:00:08.599 we're going to be cracking the code on cryptography. Ooh, 3 00:00:08.839 --> 00:00:11.720 I like that, you know, and not just like what 4 00:00:11.759 --> 00:00:14.480 it is, but you know, really like why it matters, 5 00:00:14.839 --> 00:00:17.480 especially in our digital world today, and how it all works. 6 00:00:17.800 --> 00:00:19.679 And to help us out with this dive, we're using 7 00:00:19.679 --> 00:00:23.039 a leading textbook on cryptography and believe me, it's a 8 00:00:23.039 --> 00:00:25.839 fascinating read and you just might learn a thing or 9 00:00:25.879 --> 00:00:28.199 two to impress your friends at your next you know, 10 00:00:28.280 --> 00:00:30.800 game night. For example. Did you know that there's this 11 00:00:30.839 --> 00:00:33.320 whole new field called post quantum cryptography. 12 00:00:33.439 --> 00:00:36.280 Oh, it's true, it's true, and it's like exploding right now. 13 00:00:36.280 --> 00:00:39.320 I mean, it's all about preparing for a future where 14 00:00:39.439 --> 00:00:42.880 quantum computers could like crack the codes that we use 15 00:00:42.920 --> 00:00:45.759 for everything like online banking and secure messaging. 16 00:00:45.320 --> 00:00:47.520 Like all that quantum computers. Those things sound like they're 17 00:00:47.520 --> 00:00:49.719 straight out of science fiction. So are they really like 18 00:00:49.799 --> 00:00:52.439 that powerful? And what makes them such a game changer 19 00:00:52.479 --> 00:00:53.200 for cryptography? 20 00:00:53.280 --> 00:00:56.240 Yeah? Will they operate on completely different principles than our 21 00:00:56.280 --> 00:00:59.960 everyday computers. Think of it this way. A traditional computer 22 00:01:00.359 --> 00:01:02.280 is like a coin. It can be heads or tails, right, 23 00:01:02.759 --> 00:01:05.359 But a quantum computer is like a spinning coin. It 24 00:01:05.359 --> 00:01:07.840 can be heads, tails or both at the same time, 25 00:01:08.280 --> 00:01:10.680 and this lets them perform calculations in ways that we 26 00:01:10.760 --> 00:01:12.159 just couldn't imagine before. 27 00:01:12.680 --> 00:01:15.760 So they can solve those super complex math problems that 28 00:01:15.840 --> 00:01:18.159 like protect our data, the ones that would normally take 29 00:01:18.239 --> 00:01:19.519 years for a regular. 30 00:01:19.200 --> 00:01:22.079 Computer to solve exactly. And that's why researchers are like 31 00:01:22.319 --> 00:01:25.879 scrambling to develop new cryptographic methods, ones that can withstand 32 00:01:25.920 --> 00:01:29.040 the power of quantum computers. It's a whole new arms race, 33 00:01:29.280 --> 00:01:29.480 you know. 34 00:01:29.719 --> 00:01:31.879 Wow, it's like we're trying to stay one step ahead 35 00:01:31.879 --> 00:01:34.760 of a technological tidal way. But okay, let's take a 36 00:01:34.760 --> 00:01:38.400 step back for a second. The textbook mentions something called 37 00:01:38.519 --> 00:01:41.239 hybrid cryptography. What is that all about? 38 00:01:41.480 --> 00:01:45.319 So hypercryptography is all about efficiency and security. Imagine you 39 00:01:45.319 --> 00:01:47.640 want to send like a huge file, like a video 40 00:01:47.760 --> 00:01:51.040 to a friend securely. Now, public key encryption, which is 41 00:01:51.040 --> 00:01:53.719 great for small things like sharing keys, that'd be way 42 00:01:53.719 --> 00:01:55.000 too slow for something that big. 43 00:01:55.200 --> 00:01:58.280 Okay, So how does hybrid cryptography solve this problem? 44 00:01:58.760 --> 00:02:01.879 It combines the best of worlds, so it uses fast 45 00:02:01.959 --> 00:02:05.319 secret key encryption to scramble the entire file and then 46 00:02:05.359 --> 00:02:07.840 it uses a public key system to encrypt just the 47 00:02:07.840 --> 00:02:11.479 secret key itself. This encrypted secret key is much smaller 48 00:02:11.680 --> 00:02:13.759 and it can be sent quickly to your friend and 49 00:02:13.800 --> 00:02:16.960 then they use their private key to decrypt the secret key, 50 00:02:17.280 --> 00:02:18.919 which then unlocks the whole file. 51 00:02:19.120 --> 00:02:21.479 It's pretty clever. It's like sending a secret message along 52 00:02:21.520 --> 00:02:23.960 with like a tiny locked box containing the key. 53 00:02:24.520 --> 00:02:27.039 But who are we actually trying to protect this data from? 54 00:02:27.080 --> 00:02:29.000 Are there like different types of bad guys in the 55 00:02:29.039 --> 00:02:29.879 cryptography world? 56 00:02:29.919 --> 00:02:33.319 Oh? Absolutely. We have the passive adversaries. Those are the 57 00:02:33.360 --> 00:02:35.800 ones who are just eavesdropping, like someone snooping on your 58 00:02:35.840 --> 00:02:38.919 Wi Fi, you know. And then there are the active adversaries. 59 00:02:38.919 --> 00:02:41.000 Those are the ones who not only want to read 60 00:02:41.039 --> 00:02:43.439 your data but also potentially change it without you knowe Oh, 61 00:02:43.479 --> 00:02:45.719 that's a bit unsettling to think about. Like what if 62 00:02:45.719 --> 00:02:48.520 someone intercepts a bank transfer and changes the amount or 63 00:02:48.560 --> 00:02:52.120 the recipient. Scary stuff. And the book mentions how much 64 00:02:52.159 --> 00:02:54.800 faster computers have gotten since the seventies. Doesn't that make 65 00:02:54.840 --> 00:02:58.039 cryptography like a moving target, always having to adapt. 66 00:02:58.240 --> 00:03:00.759 Yeah, it's like a constant game of cat and mouse, 67 00:03:00.879 --> 00:03:04.520 you know. As computers become more powerful, those complex mathematical 68 00:03:04.560 --> 00:03:08.199 problems that protect our data. While they become slightly easier 69 00:03:08.240 --> 00:03:12.039 to solve, Cryptographers have to constantly develop new algorithms and 70 00:03:12.159 --> 00:03:14.319 larger key sizes to stay ahead of the games. 71 00:03:14.439 --> 00:03:16.759 So what are some of the core mathematical concepts that 72 00:03:16.840 --> 00:03:20.240 like make cryptography work. The textbook mentioned something called the 73 00:03:20.319 --> 00:03:23.560 factoring problem and the discrete logarithm problem. 74 00:03:23.719 --> 00:03:26.479 Yeah, these problems are like the unsolvable riddles at the 75 00:03:26.479 --> 00:03:29.360 heart of many cryptosystems. So the factoring problem, as you 76 00:03:29.400 --> 00:03:33.520 might guess, involves finding the prime numbers that multiply together 77 00:03:33.680 --> 00:03:36.400 to equal a given number. Sounds easy, right, but when 78 00:03:36.439 --> 00:03:40.400 you're dealing with massive numbers, it becomes incredibly difficult, even 79 00:03:40.479 --> 00:03:42.159 for super powerful computers. 80 00:03:42.479 --> 00:03:45.120 And the discrete logarithm problem, what's that one all about? 81 00:03:45.400 --> 00:03:47.960 That one's a tough one to crack. Two. It involves 82 00:03:48.000 --> 00:03:51.439 finding an exponent that, when a specific number is raised 83 00:03:51.520 --> 00:03:55.520 to that power, results in another specific number. Again, it 84 00:03:55.639 --> 00:03:59.120 sounds simple, but in practice it can be incredibly challenging. 85 00:03:59.639 --> 00:04:02.360 Okay, but I've seen enough movies to know that sometimes 86 00:04:02.400 --> 00:04:05.719 it's not about like brute forcing the math. It's about 87 00:04:06.240 --> 00:04:10.400 finding clever ways to exploit weaknesses in the system. What 88 00:04:10.479 --> 00:04:11.879 about those side channel attacks. 89 00:04:12.439 --> 00:04:16.240 Uh, you're thinking like a true codebreaker. So side channel 90 00:04:16.240 --> 00:04:18.680 attacks they don't target the math directly. They look for 91 00:04:18.839 --> 00:04:23.199 unintentional information leaks from the way a cryptosystem is actually implemented, 92 00:04:23.600 --> 00:04:26.319 for example, by measuring the time it takes a device 93 00:04:26.399 --> 00:04:29.439 to perform a cryptographic operation, or even the power it 94 00:04:29.480 --> 00:04:30.759 consumes during the process. 95 00:04:30.839 --> 00:04:34.040 So even if the algorithm is like theoretically unbreakable, the 96 00:04:34.040 --> 00:04:37.160 way it's implemented in the real world can create vulnerabilities. 97 00:04:37.199 --> 00:04:39.600 Precisely, it's like having a super strong lock on your 98 00:04:39.639 --> 00:04:42.639 door but leaving a window open. Attackers are always looking 99 00:04:42.639 --> 00:04:43.519 for those weaknesses. 100 00:04:43.639 --> 00:04:46.240 So let's talk about some like real world examples of 101 00:04:46.240 --> 00:04:48.680 these ciphers. What's it actually like to use them? The 102 00:04:48.720 --> 00:04:52.519 textbook mentions the Hill cipher, which uses matrices for encryption. 103 00:04:52.759 --> 00:04:54.800 Yeah, the Hill cipher is a classic example of how 104 00:04:54.800 --> 00:04:58.959 seemingly simple mathematical concepts can be used for cryptography. So 105 00:04:59.000 --> 00:05:02.439 you're basically converting the message into numbers and then using 106 00:05:02.480 --> 00:05:07.000 matrix multiplication to transform those numbers into ciphertext matrices. 107 00:05:07.480 --> 00:05:10.399 Oh man, I'm having flashbacks to high school math class. 108 00:05:11.040 --> 00:05:12.319 But it's kind of cool to see how it can 109 00:05:12.360 --> 00:05:14.120 be applied to something like cryptography. 110 00:05:14.319 --> 00:05:17.439 It is. It's a great example of how cryptography draws 111 00:05:17.439 --> 00:05:20.519 from different areas of mathematics. And while the hell cipher 112 00:05:20.600 --> 00:05:24.600 itself isn't widely used today, it demonstrates the core principles 113 00:05:24.680 --> 00:05:29.480 of substitution and permutation that underpin many classical ciphers. 114 00:05:29.480 --> 00:05:32.560 So we're talking about like rearranging and substituting elements of 115 00:05:32.560 --> 00:05:35.439 the message to make it unreadable without the key. But 116 00:05:35.519 --> 00:05:38.000 what about more modern encryption methods. I've heard of the 117 00:05:38.040 --> 00:05:41.399 Data Encryption Standard or DIES. What's the story with that one? 118 00:05:41.560 --> 00:05:43.800 DIES was a big deal, it really was. It was 119 00:05:43.839 --> 00:05:47.000 the gold standard for encryption for decades. It was adopted 120 00:05:47.040 --> 00:05:49.360 by the US government and used worldwide. It was a 121 00:05:49.399 --> 00:05:52.720 block cipher, meaning it encrypted data in fixed sized blocks, 122 00:05:53.000 --> 00:05:56.000 and it relied on a series of complex permutations and 123 00:05:56.120 --> 00:05:58.079 substitutions to scramble the data. 124 00:05:58.399 --> 00:05:59.319 Sounds pretty secure. 125 00:05:59.399 --> 00:06:03.240 So what happened to des Well, Like all things in technology, 126 00:06:03.279 --> 00:06:06.600 it eventually became outdated. You see, its key size, which 127 00:06:06.639 --> 00:06:09.839 was considered secure at the time, became vulnerable to brute 128 00:06:09.839 --> 00:06:13.600 force attacks as computing power increased. It's a reminder that 129 00:06:13.600 --> 00:06:18.040 cryptography is constantly evolving. What's considered secure today might be 130 00:06:18.120 --> 00:06:19.199 vulnerable tomorrow. 131 00:06:19.800 --> 00:06:23.240 Makes sense. So what replaced DES? The textbook mentions the 132 00:06:23.639 --> 00:06:25.600 Advanced Encryption Standard or AES. 133 00:06:25.720 --> 00:06:29.720 Ah. Yes, so AES emerged from a worldwide competition. The 134 00:06:29.759 --> 00:06:32.639 best minds in cryptography battled it out to create a new, 135 00:06:32.879 --> 00:06:37.399 more secure encryption standard. It's a more sophisticated block cipher 136 00:06:37.439 --> 00:06:40.040 than DES, with a larger key size and a more 137 00:06:40.040 --> 00:06:40.920 complex structure. 138 00:06:41.000 --> 00:06:44.079 A global cryptography showdown. That sounds intense. I bet there 139 00:06:44.160 --> 00:06:46.120 was a lot of coffee consumed during that competition. 140 00:06:46.240 --> 00:06:49.040 I'm sure there was. But the result was a robust 141 00:06:49.079 --> 00:06:52.560 and widely used encryption standard that's still considered secure today. 142 00:06:52.920 --> 00:06:55.879 AES is used in everything from securing Wi Fi networks 143 00:06:55.879 --> 00:06:58.959 to protecting sensitive government data. It's a testament to the 144 00:06:59.000 --> 00:07:02.040 power of collaboration and innovation in the field of cryptography. 145 00:07:02.439 --> 00:07:05.519 Okay, so we've covered how to encrypt data in blocks, 146 00:07:06.000 --> 00:07:08.800 but what about messages that are transmitted over time, like 147 00:07:09.040 --> 00:07:12.720 streaming video or audio. How do you encrypt a continuous 148 00:07:12.759 --> 00:07:16.319 flow of data? The textbook mentioned stream ciphers. What are 149 00:07:16.360 --> 00:07:17.000 those all about? 150 00:07:17.160 --> 00:07:20.279 So stream ciphers are designed to encrypt data bit by 151 00:07:20.319 --> 00:07:22.519 bit as it's being transmitted. Think of it like a 152 00:07:22.560 --> 00:07:25.839 constantly flowing stream of random bits that gets mixed with 153 00:07:25.920 --> 00:07:29.480 your message to scramble it. One common method is called CFB. 154 00:07:29.959 --> 00:07:32.879 It uses a chain reaction of encryption, where each bit 155 00:07:32.920 --> 00:07:36.399 of ciphertext influences the encryption of the next bit. It's 156 00:07:36.439 --> 00:07:39.399 like a constantly evolving code. It makes it very difficult 157 00:07:39.439 --> 00:07:40.600 for attackers to break in. 158 00:07:40.759 --> 00:07:43.639 So it's like adding a constantly shifting layer of camouflage 159 00:07:43.680 --> 00:07:45.800 to the data as it's being sent exactly. 160 00:07:45.839 --> 00:07:48.439 And this makes string ciphers particularly well suited for real 161 00:07:48.480 --> 00:07:51.720 time applications like video conferencing, where you can't afford to 162 00:07:51.759 --> 00:07:53.959 wait for an entire block of data to be encrypted 163 00:07:54.120 --> 00:07:55.000 before sending it. 164 00:07:55.199 --> 00:07:57.439 Okay, that makes sense, But in the textbook I came 165 00:07:57.480 --> 00:08:01.759 across something called a linear feedback shift register or LFSR, 166 00:08:02.240 --> 00:08:05.319 and it seems surprisingly simple for something used in cryptography. 167 00:08:05.920 --> 00:08:09.439 How does something that basic contribute to something as complex 168 00:08:09.480 --> 00:08:10.120 as encryption. 169 00:08:11.480 --> 00:08:14.519 LFSRs are fascinating, they really are. They're like these little 170 00:08:14.519 --> 00:08:17.639 circuits that shift bits around based on a specific pattern, 171 00:08:17.920 --> 00:08:21.439 and while they look simple, they're surprisingly good at generating 172 00:08:21.480 --> 00:08:25.120 those random looking key streams that are used in stream ciphers, 173 00:08:25.319 --> 00:08:25.800 So it's. 174 00:08:25.680 --> 00:08:28.839 Like a predictable machine generating unpredictable output. 175 00:08:28.959 --> 00:08:31.040 That's a great way to put it. Of course, attackers 176 00:08:31.120 --> 00:08:34.279 are aware of LFSRs and try to analyze their output 177 00:08:34.320 --> 00:08:36.799 to like fitture at the initial state and predict the keystream. 178 00:08:36.879 --> 00:08:39.799 So cryptographers have to get creative, you know. They use 179 00:08:39.840 --> 00:08:42.919 clever techniques to mask the output of LFSRs and make 180 00:08:42.960 --> 00:08:43.679 them more secure. 181 00:08:43.759 --> 00:08:46.159 It's that cat and mouse game again. It seems like 182 00:08:46.200 --> 00:08:48.240 there's always someone trying to find a way to break 183 00:08:48.279 --> 00:08:51.519 the code. Speaking of which, the textbook mentions some pretty 184 00:08:51.519 --> 00:08:57.279 intimidating sounding techniques like linear and differential cryptanalysis. What makes 185 00:08:57.320 --> 00:08:58.080 these so effective? 186 00:08:58.360 --> 00:09:00.840 Those are powerful techniques, no doubt about it. They're like 187 00:09:00.879 --> 00:09:04.200 statistical detectives looking for subtle patterns and biases in the 188 00:09:04.240 --> 00:09:07.240 way ciphers operate. Imagine you have a large set of 189 00:09:07.320 --> 00:09:11.960 plaintext and ciphertext pairs. These attacks analyze those pairs to 190 00:09:12.000 --> 00:09:15.840 try and find relationships between the input and output, hoping 191 00:09:15.840 --> 00:09:18.080 to glean information about the secret key. 192 00:09:18.320 --> 00:09:20.159 So it's like looking for those tiny cracks in the 193 00:09:20.240 --> 00:09:21.559 encryption armor exactly. 194 00:09:21.600 --> 00:09:24.759 It's all about finding those subtle weaknesses that might not 195 00:09:24.799 --> 00:09:27.000 be a parent at first glance, and this is where 196 00:09:27.000 --> 00:09:29.639 the concept of confusion and diffusion comes into play. 197 00:09:29.759 --> 00:09:32.399 Confusion and diffusion those sound intriguing. 198 00:09:32.639 --> 00:09:35.919 They are. These principles are fundamental to good cipher design. 199 00:09:36.240 --> 00:09:39.320 Confusion is all about making the relationship between the plaintext, 200 00:09:39.440 --> 00:09:43.600 the ciphertext, and the key as complex as possible. It's 201 00:09:43.600 --> 00:09:46.440 like scrambling the message so thoroughly that even if an 202 00:09:46.480 --> 00:09:49.919 attacker has some information about the ciphertext, they can't figure 203 00:09:49.919 --> 00:09:53.039 out anything meaningful about the original message or the key. 204 00:09:53.360 --> 00:09:56.200 So it's like creating a tangled web of relationships to 205 00:09:56.240 --> 00:09:59.679 make it hard for attackers to unravel the secrets exactly. 206 00:10:00.039 --> 00:10:02.879 Diffusion, on the other hand, aims to spread the influence 207 00:10:02.919 --> 00:10:06.159 of each bit of the plaintext over many bits of 208 00:10:06.159 --> 00:10:09.759 the ciphertext. This means that even a small change to 209 00:10:09.799 --> 00:10:12.879 the original message will result in a big change to 210 00:10:12.919 --> 00:10:16.799 the encrypted message, making it hard for attackers to track patterns. 211 00:10:17.039 --> 00:10:20.799 It's like those butterfly effects scenarios where a small change 212 00:10:20.840 --> 00:10:23.120 can have big, unpredictable consequences. 213 00:10:23.240 --> 00:10:26.240 You got it. Confusion and diffusion. They work together to 214 00:10:26.320 --> 00:10:30.559 create cryptosystems that are much more resistant to those statistical attacks. 215 00:10:30.600 --> 00:10:32.720 We were talking about. It's like building a fortress with 216 00:10:32.799 --> 00:10:34.200 multiple layers of defense. 217 00:10:34.360 --> 00:10:36.559 That's impressive. But this is a lot to take in. 218 00:10:36.639 --> 00:10:39.240 Are there any like key takeaways about cryptography that you 219 00:10:39.279 --> 00:10:42.840 think everyone should understand, even if they're not aspiring code breakers. 220 00:10:43.000 --> 00:10:47.399 Absolutely. One fundamental principle is Kirkhoff's principle, which states that 221 00:10:47.440 --> 00:10:50.159 the security of a cryptosystem should depend only on the 222 00:10:50.200 --> 00:10:52.879 secrecy of the key, not on the secrecy of the 223 00:10:52.879 --> 00:10:56.720 algorithm itself. In fact, making the algorithm public allows for 224 00:10:56.759 --> 00:11:00.600 more scrutiny from the cryptography community, which actually improved security. 225 00:11:00.720 --> 00:11:03.399 So it's like open source software. The more eyes on 226 00:11:03.440 --> 00:11:06.120 the code, the more likely someone is to spot and 227 00:11:06.200 --> 00:11:07.799 fix potential vulnerabilities. 228 00:11:07.840 --> 00:11:11.039 Exactly. It's a key concept in modern cryptography. And another 229 00:11:11.080 --> 00:11:16.240 important takeaway is that cryptography is constantly evolving. As technology advances, 230 00:11:16.399 --> 00:11:19.039 new threats emerge and new solutions are needed. 231 00:11:19.240 --> 00:11:21.080 It's like that arms race we were talking about earlier. 232 00:11:21.159 --> 00:11:22.960 So what's next on our cryptography journey. 233 00:11:23.240 --> 00:11:26.960 Let's move on to another critical element of cryptography, hash functions. 234 00:11:27.200 --> 00:11:31.159 They're essential for ensuring data integrity and are used in 235 00:11:31.200 --> 00:11:35.159 a wide range of applications, from password storage to digital signatures. 236 00:11:35.200 --> 00:11:37.639 Okay, let's hash it out. So hash functions, they sound 237 00:11:37.720 --> 00:11:40.360 kind of like a mathematical blender. What exactly are we 238 00:11:40.399 --> 00:11:40.960 blending here? 239 00:11:41.080 --> 00:11:43.440 Think of a hash function as a special kind of 240 00:11:43.480 --> 00:11:46.919 mathematical function that takes any input, no matter how large, 241 00:11:47.159 --> 00:11:50.600 and produces a unique, fixed size output. We call this 242 00:11:50.639 --> 00:11:52.759 a hash value. It's like a digital fingerprint for a 243 00:11:52.759 --> 00:11:53.360 piece of data. 244 00:11:53.440 --> 00:11:56.080 Okay, so if we change even like one tiny bit 245 00:11:56.080 --> 00:11:58.919 of the input data, we get a completely different fingerprint. 246 00:11:58.720 --> 00:12:01.840 Exactly, And that's what makes them so valuable for ensuring 247 00:12:02.000 --> 00:12:06.279 data integrity. Let's say you download a software update. You 248 00:12:06.320 --> 00:12:09.360 can use a hash function to generate a hash value 249 00:12:09.440 --> 00:12:12.279 for that downloaded file and compare it to the hash 250 00:12:12.360 --> 00:12:16.000 value provided by the software developer. If they match, you 251 00:12:16.039 --> 00:12:18.440 can be confident that the file hasn't been tampered with. 252 00:12:18.559 --> 00:12:22.080 That's reassuring them more worrying about downloading corrupted files. But 253 00:12:22.440 --> 00:12:25.679 how does this digital fingerprinting actually work? What's going on 254 00:12:25.759 --> 00:12:27.240 inside that mathematical blender. 255 00:12:27.600 --> 00:12:29.960 There are different ways to construct hash functions, but they 256 00:12:30.000 --> 00:12:33.600 generally involve a series of mathematical operations that mix and 257 00:12:33.679 --> 00:12:37.080 scramble the input data in a very specific way. They're 258 00:12:37.120 --> 00:12:40.559 designed to be one way functions, meaning it's incredibly difficult 259 00:12:40.600 --> 00:12:42.799 to reverse the process and get the original data back 260 00:12:42.799 --> 00:12:44.679 from the hash value, So you can't put. 261 00:12:44.480 --> 00:12:45.720 The blended ingredients back in. 262 00:12:45.639 --> 00:12:48.399 Their original form precisely. And that's what makes them so 263 00:12:48.519 --> 00:12:52.519 useful for things like password storage. Websites don't actually store 264 00:12:52.559 --> 00:12:55.360 your password, they store its hash value. When you log in, 265 00:12:55.639 --> 00:12:57.679 they hash the password you enter it and compare it 266 00:12:57.679 --> 00:12:59.440 to the stored hash If they match. 267 00:12:59.240 --> 00:13:02.559 Your in that's really clever. So even if hackers got 268 00:13:02.559 --> 00:13:04.840 their hands on the database of hash values, they can't 269 00:13:04.879 --> 00:13:06.559 get the actual passwords. 270 00:13:06.039 --> 00:13:08.799 From it exactly. That's assuming the hash function is strong 271 00:13:08.799 --> 00:13:12.159 and hasn't been compromised. There are three key properties that 272 00:13:12.200 --> 00:13:16.320 make a hash function secure. Collision resistance, pre image resistance, 273 00:13:16.679 --> 00:13:18.240 and second pre image resistance. 274 00:13:18.360 --> 00:13:21.679 Okay, those sound like some serious security measures, breakdos down 275 00:13:21.679 --> 00:13:21.879 for me. 276 00:13:22.039 --> 00:13:25.519 Sure, collision resistance means it's incredibly difficult to find two 277 00:13:25.600 --> 00:13:30.000 different inputs that produce the same hash value. Pre image 278 00:13:30.000 --> 00:13:33.159 resistance means that given a hash value, it's practically impossible 279 00:13:33.159 --> 00:13:35.919 to find the original input that produced it, And second, 280 00:13:36.000 --> 00:13:38.720 pre image resistance means that given one input and its 281 00:13:38.720 --> 00:13:41.919 hash value, it's very hard to find a different input 282 00:13:41.960 --> 00:13:43.159 that produces the same hash. 283 00:13:43.320 --> 00:13:45.480 So it's like trying to find a needle in a haystack, 284 00:13:46.039 --> 00:13:49.120 but the haystack is filled with digital needles and you're blindfolded. 285 00:13:49.240 --> 00:13:51.840 That's a pretty accurate analogy. Now, to achieve these properties, 286 00:13:51.879 --> 00:13:55.120 there are different ways to design hash functions. Iterated hash 287 00:13:55.159 --> 00:13:58.639 functions like those used in SAHA one and SOHA two 288 00:13:58.720 --> 00:14:02.279 process data and blocks repeatedly applying a compression function to 289 00:14:02.360 --> 00:14:04.480 squeeze the data into a fixed size hash. 290 00:14:04.679 --> 00:14:06.639 So it's like putting the data through a series of 291 00:14:06.639 --> 00:14:11.720 mathematical ringers, squeezing out all the excess until you're left 292 00:14:11.720 --> 00:14:13.080 with a concentrated essence. 293 00:14:13.320 --> 00:14:16.000 I like that analogy, and SAHA one and SAHA two 294 00:14:16.080 --> 00:14:18.960 those are like the industry standard hash functions, right, yeah, 295 00:14:19.320 --> 00:14:21.759 they were for a long time. Unfortunately, SAHA one has 296 00:14:21.799 --> 00:14:25.120 been shown to have vulnerabilities, meaning collisions have been found, 297 00:14:25.279 --> 00:14:28.080 but SAHA two is still widely used and considered secure, 298 00:14:28.080 --> 00:14:30.440 at least for now. And then we have SAHA three, 299 00:14:30.480 --> 00:14:33.559 which uses a fascinating design called the sponge construction. 300 00:14:33.919 --> 00:14:36.240 A sponge construction that sounds absorbent. 301 00:14:36.600 --> 00:14:39.519 It is imagine a sponge that absorbs data and then 302 00:14:39.559 --> 00:14:42.639 squeezes out the hash value. Data is absorbed into the sponge, 303 00:14:42.720 --> 00:14:45.039 changing its internal state, and then the hash value is 304 00:14:45.080 --> 00:14:47.960 squeezed out. It's a more flexible and efficient way to 305 00:14:47.960 --> 00:14:51.039 build hash functions, and it's believed to be more resistant 306 00:14:51.039 --> 00:14:53.840 to attacks, even from those quantum computers we discussed earlier. 307 00:14:54.000 --> 00:14:56.559 So it's like a super secure digital sponge that can 308 00:14:56.600 --> 00:14:57.799 handle anything you throw at it. 309 00:14:58.120 --> 00:15:00.399 You got it. And now. Closely related to hash functions 310 00:15:00.440 --> 00:15:03.960 are message authentication codes or pics. They provide a way 311 00:15:03.960 --> 00:15:07.519 to verify both the integrity and the authenticity of a message, so. 312 00:15:07.440 --> 00:15:09.679 It's not just about ensuring that the message hasn't been 313 00:15:09.679 --> 00:15:13.679 tampered with, but also about verifying who it came from exactly. 314 00:15:14.159 --> 00:15:16.559 Imagine you receive an email that appears to be from 315 00:15:16.600 --> 00:15:20.080 your bank, but you're suspicious. A MAC can be used 316 00:15:20.120 --> 00:15:23.039 to confirm that the message really did originate from your 317 00:15:23.080 --> 00:15:25.480 bank and hasn't been modified in transit. 318 00:15:25.679 --> 00:15:28.600 That's a relief, no more falling for phishing scams. So 319 00:15:28.600 --> 00:15:30.200 how do empuxis actually work. 320 00:15:30.559 --> 00:15:33.799 They rely on a shared secret key between the sender 321 00:15:33.840 --> 00:15:36.679 and the receiver and often use hash functions as a 322 00:15:36.720 --> 00:15:40.039 core component. The sender uses the secret key and a 323 00:15:40.039 --> 00:15:43.080 hash function to generate a MACTAG which is attached to 324 00:15:43.120 --> 00:15:46.000 the message. The receiver, who also knows the secret key, 325 00:15:46.279 --> 00:15:48.799 can then use the same hash function to verify that 326 00:15:48.879 --> 00:15:51.320 the tag is valid, meaning the message is authentic and 327 00:15:51.360 --> 00:15:52.200 hasn't been altered. 328 00:15:52.320 --> 00:15:55.000 It's like a secret handshake that proves both the identity 329 00:15:55.000 --> 00:15:58.759 of the sender and the integrity of the message. Pretty clever. Well, 330 00:15:58.759 --> 00:16:01.639 with all this talk about quantum computers potentially breaking our 331 00:16:01.639 --> 00:16:05.559 current codes, or even these advanced hash functions and ms 332 00:16:05.799 --> 00:16:08.080 save from their code cracking abilities. 333 00:16:07.799 --> 00:16:10.480 That's a question that keeps cryptographers up at night. While 334 00:16:10.519 --> 00:16:13.720 some hash functions are believed to be quantum resistant, others 335 00:16:13.759 --> 00:16:17.080 are not. That's why the research into post quantum cryptography 336 00:16:17.120 --> 00:16:19.919 is so important. We need to develop new algorithms that 337 00:16:19.960 --> 00:16:22.440 can withstand the power of these future computers. 338 00:16:22.759 --> 00:16:25.919 So it's like cryptography is preparing for a quantum leap forward. 339 00:16:26.240 --> 00:16:28.639 Exactly. We need to be ready for a future where 340 00:16:28.720 --> 00:16:31.559 quantum computers are a reality, and that's what makes this 341 00:16:31.720 --> 00:16:34.840 field so exciting. It's a constant race to stay ahead 342 00:16:34.840 --> 00:16:37.480 of the curve to develop new and innovative solutions to 343 00:16:37.559 --> 00:16:41.360 protect our digital lives. Speaking of staying ahead of the curve. 344 00:16:41.879 --> 00:16:45.320 The textbook delves into the RSA cryptosystem, which is a 345 00:16:45.360 --> 00:16:48.679 classic example of public key cryptography. It's been around for 346 00:16:48.759 --> 00:16:51.360 decades and is widely used. What makes it so popular, 347 00:16:51.840 --> 00:16:54.799 RSA is a legend in the cryptography world. Its security 348 00:16:54.919 --> 00:16:57.440 is based on the difficulty of factoring large numbers, a 349 00:16:57.480 --> 00:17:00.240 problem that's been a challenge for mathematicians for central. 350 00:17:00.519 --> 00:17:03.080 Factoring that takes me back to high school math class. 351 00:17:03.639 --> 00:17:06.519 It's basically finding the prime numbers that multiply together to 352 00:17:06.519 --> 00:17:08.200 get a specific number, right, you've got. 353 00:17:08.279 --> 00:17:11.559 RSA uses two large prime numbers to generate the public 354 00:17:11.599 --> 00:17:13.920 and private keys. The public key can be given to 355 00:17:13.960 --> 00:17:17.240 anyone and used to encrypt messages, but only the person 356 00:17:17.279 --> 00:17:20.359 with the private key can decrypt them. The security of 357 00:17:20.359 --> 00:17:22.960 the system relies on the fact that it's computationally and 358 00:17:23.000 --> 00:17:25.960 feasible to factor the product of those two large prime 359 00:17:26.039 --> 00:17:28.039 numbers and recover the private key. 360 00:17:28.240 --> 00:17:31.400 So even if you know the product, it's practically impossible 361 00:17:31.440 --> 00:17:33.240 to find those original prime numbers exactly. 362 00:17:33.240 --> 00:17:35.559 It's like trying to solve a giant jigsaw puzzle where 363 00:17:35.599 --> 00:17:37.839 the pieces are all prime numbers. And to make things 364 00:17:37.880 --> 00:17:41.680 even more secure, there's a clever trick called primality testing. 365 00:17:41.880 --> 00:17:43.559 Primality testing, what's that all about. 366 00:17:43.839 --> 00:17:46.480 It's a way to efficiently determine if a large random 367 00:17:46.559 --> 00:17:51.079 number is likely prime. Remember RSA needs those large prime 368 00:17:51.160 --> 00:17:54.519 numbers as building blocks. The Miller Raven test is a 369 00:17:54.519 --> 00:17:57.680 popular method for primality testing. It's like a probabilistic filter 370 00:17:57.799 --> 00:18:00.599 that can quickly weed out numbers that are deaf not prime, 371 00:18:00.640 --> 00:18:01.839 saving a lot of time and effort. 372 00:18:02.000 --> 00:18:05.039 So it's like a quality control check for those prime ingredients. 373 00:18:05.440 --> 00:18:07.559 Exactly. You want to be sure you're using the best 374 00:18:07.559 --> 00:18:11.000 possible primes for your RSA cryptosystem. But of course, as 375 00:18:11.000 --> 00:18:14.319 with any cryptographic system, there are potential weaknesses. 376 00:18:14.640 --> 00:18:16.000 Oh no, what kind of weaknesses. 377 00:18:16.319 --> 00:18:19.759 Well, as computers get faster, factoring gets slightly easier. So 378 00:18:19.799 --> 00:18:23.839 to keep RSA secure, cryptographers have to constantly increase the 379 00:18:23.920 --> 00:18:27.000 key sizes. It's that arms race we're talking about. 380 00:18:27.079 --> 00:18:28.960 It's a good thing we have those brilliant minds working 381 00:18:29.000 --> 00:18:32.279 on keeping our data secure. So how do attackers actually 382 00:18:32.319 --> 00:18:37.279 try to crack RSA? The textbook mentions things like Pollard's 383 00:18:37.400 --> 00:18:40.640 row algorithm and the index calculus algorithm. 384 00:18:40.960 --> 00:18:44.480 Those are just two examples of the many techniques attackers use. 385 00:18:45.279 --> 00:18:48.119 Pollard's row algorithm is a clever method that exploits the 386 00:18:48.160 --> 00:18:50.880 birthday paradox. It's based on the idea that if you 387 00:18:50.920 --> 00:18:53.359 have enough random numbers, you're more likely to find two 388 00:18:53.480 --> 00:18:56.240 that have the same remainder when divided by a specific number, 389 00:18:56.519 --> 00:18:58.880 and this can be used to find factors of large numbers, 390 00:18:58.880 --> 00:18:59.960 potentially cracking ours. 391 00:19:00.599 --> 00:19:02.960 So it's like looking for collisions and hash functions, but 392 00:19:03.039 --> 00:19:04.759 for factorization exactly. 393 00:19:04.799 --> 00:19:08.480 It's all about finding those unexpected relationships and patterns that 394 00:19:08.519 --> 00:19:12.119 can be exploited. The index calculus algorithm is another powerful 395 00:19:12.160 --> 00:19:16.440 method that uses a more systematic approach to solve discrete 396 00:19:16.480 --> 00:19:19.559 logarithm problems, which can also be used to attack RSA. 397 00:19:19.880 --> 00:19:22.880 It sounds like breaking RSA is a real challenge, which 398 00:19:22.920 --> 00:19:24.359 is a good thing for those of us who rely 399 00:19:24.480 --> 00:19:25.400 on it for security. 400 00:19:25.759 --> 00:19:28.079 It is a challenge, but that doesn't mean it's impossible. 401 00:19:28.200 --> 00:19:31.440