WEBVTT 00:01.249 --> 00:03.667 >> In this section, we'll start to talk 00:03.667 --> 00:05.549 >> about cryptography. 00:05.549 --> 00:08.625 >> I think cryptography is really interesting, 00:08.625 --> 00:11.370 but it's also a topic that people get nervous about. 00:11.370 --> 00:13.260 But if you take it step-by-step, 00:13.260 --> 00:16.500 bit-by-bit, you'll find that cryptography makes sense. 00:16.500 --> 00:19.565 You may have to hear some of it multiple times. 00:19.565 --> 00:21.810 I think the questions you find on the test for 00:21.810 --> 00:23.040 cryptography are 00:23.040 --> 00:24.975 actually more straightforward than others. 00:24.975 --> 00:27.780 I hope cryptography will click for you. 00:27.780 --> 00:30.915 Even if it doesn't the first time, stick with it. 00:30.915 --> 00:32.730 The beauty of these videos is that 00:32.730 --> 00:35.200 you can play them multiple times. 00:35.810 --> 00:38.940 Now, we'll start talking about the basics. 00:38.940 --> 00:40.820 I tried to teach this topic as though 00:40.820 --> 00:43.750 my students have absolutely no experience with it. 00:43.750 --> 00:47.195 Now, I know some of you may have experience with it, 00:47.195 --> 00:48.770 but I find a lot of people only know 00:48.770 --> 00:50.555 the parts that they'd been exposed to, 00:50.555 --> 00:51.650 and maybe they don't have 00:51.650 --> 00:53.890 the full foundational understanding. 00:53.890 --> 00:56.045 We're going to start right at the beginning 00:56.045 --> 00:57.875 and define some of these terms: 00:57.875 --> 01:01.939 algorithms, keys, initialization vectors, 01:01.939 --> 01:03.665 seeds, and salts, 01:03.665 --> 01:05.210 and what they mean, and how they help 01:05.210 --> 01:07.220 us protect sensitive info. 01:07.220 --> 01:10.220 From there, we will build on those ideas and look at 01:10.220 --> 01:11.840 practical implementations through 01:11.840 --> 01:14.180 symmetric and asymmetric cryptography. 01:14.180 --> 01:18.335 There's two ways to provide obfuscation for our data, 01:18.335 --> 01:20.815 which means making our data unreadable. 01:20.815 --> 01:22.790 But each of them have different methods 01:22.790 --> 01:25.695 and different purposes, so we need to understand 01:25.695 --> 01:27.349 >> the difference between those. 01:27.349 --> 01:29.765 >> Then just like many other things, 01:29.765 --> 01:31.790 the best is right there in the middle. 01:31.790 --> 01:33.395 If we take the good things about 01:33.395 --> 01:35.225 >> symmetric cryptography and combine them 01:35.225 --> 01:37.414 >> with the good things about asymmetric cryptography, 01:37.414 --> 01:39.125 >> we have a hybrid cryptography, 01:39.125 --> 01:40.736 which is what most applications 01:40.736 --> 01:43.200 >> and secure protocols use. 01:44.229 --> 01:48.290 >> Then we're going to move on to talking about integrity. 01:48.290 --> 01:51.410 One of the ways we get integrity is through hashing. 01:51.410 --> 01:55.055 Hashing will create a digital representation of a file. 01:55.055 --> 01:57.110 You can also take that hash and add 01:57.110 --> 02:00.290 authenticity to it and get non-repudiation. 02:00.290 --> 02:02.930 Non-repudiation is a combination of 02:02.930 --> 02:05.555 authenticity and integrity together. 02:05.555 --> 02:07.760 If we think about that with an email, 02:07.760 --> 02:09.440 the sender can't dispute having sent 02:09.440 --> 02:12.925 the message nor the content of the message. 02:12.925 --> 02:16.410 Then you'll find out that a hash is very limited. 02:16.410 --> 02:18.260 A public key infrastructure is 02:18.260 --> 02:20.840 needed to support non-repudiation. 02:20.840 --> 02:23.095 That takes a lot of support. 02:23.095 --> 02:26.240 We may decide to use message authentication codes 02:26.240 --> 02:29.075 or MACs to solve the problem instead. 02:29.075 --> 02:32.090 MACs provide more security than hash. 02:32.090 --> 02:33.560 You don't require as much support 02:33.560 --> 02:36.300 and infrastructure as non-repudiation. 02:36.300 --> 02:38.330 Now, Mac is one of 02:38.330 --> 02:39.890 the most fun acronyms that is going 02:39.890 --> 02:41.450 to mean something different every day. 02:41.450 --> 02:43.220 But for this module, 02:43.220 --> 02:46.465 the meaning is message authentication code. 02:46.465 --> 02:48.980 Last but not least, we're going to 02:48.980 --> 02:51.335 talk about some email cryptosystems. 02:51.335 --> 02:53.120 We'll talk about PGP, 02:53.120 --> 02:55.640 which is proprietary cryptosystem. 02:55.640 --> 02:58.240 Then we'll talk about S/MIME. 02:58.240 --> 03:00.260 This is a long chapter and I 03:00.260 --> 03:02.905 hope you find it as interesting as I do. 03:02.905 --> 03:06.345 Now, starting with the basics as promised, 03:06.345 --> 03:08.390 the first thing I want to talk about is 03:08.390 --> 03:10.325 what cryptography does for us. 03:10.325 --> 03:12.709 Most people would say that we need cryptography 03:12.709 --> 03:14.072 because we need privacy and 03:14.072 --> 03:15.759 >> we want to protect our data. 03:15.759 --> 03:17.689 >> But in addition to privacy, 03:17.689 --> 03:19.956 we also get authenticity, integrity, 03:19.956 --> 03:21.909 >> and non-repudiation. 03:21.909 --> 03:23.780 >> Here's a quick overview of 03:23.780 --> 03:26.315 the services that cryptography provides. 03:26.315 --> 03:28.355 Privacy: Prevents 03:28.355 --> 03:30.755 unauthorized disclosure of information. 03:30.755 --> 03:34.315 Authenticity: Verifies the claimed identity. 03:34.315 --> 03:38.044 Integrity: Detects modification of corruption. 03:38.044 --> 03:41.810 Non-repudiation: Combines authenticity and integrity. 03:41.810 --> 03:43.490 A sender can't dispute having sent 03:43.490 --> 03:46.090 a message nor its contents. 03:46.090 --> 03:48.140 If in doubt and you can't think of 03:48.140 --> 03:50.375 all the services that cryptography provides, 03:50.375 --> 03:52.790 think of PAIN: privacy, 03:52.790 --> 03:56.700 authenticity, integrity, non-repudiation.