WEBVTT

00:00.000 --> 00:03.030
>> Hello. Now we're going to

00:03.030 --> 00:04.410
talk about some of the terms

00:04.410 --> 00:06.674
>> we use within cryptography.

00:06.674 --> 00:08.580
>> We'll start out by looking at

00:08.580 --> 00:10.890
encryption for the
purpose of privacy.

00:10.890 --> 00:12.960
We start out with plain texts

00:12.960 --> 00:15.270
and that's the data
we want to protect.

00:15.270 --> 00:17.460
Ultimately, what we want to do

00:17.460 --> 00:20.025
is confine that to
the ciphertext.

00:20.025 --> 00:22.545
If anyone is able to access it,

00:22.545 --> 00:25.500
they won't be able to
read it or find meaning.

00:25.500 --> 00:27.645
If we start with plain text,

00:27.645 --> 00:29.535
use an initialization vector,

00:29.535 --> 00:31.230
an algorithm and a key,

00:31.230 --> 00:33.930
that's what takes us from
plain to ciphertext.

00:33.930 --> 00:37.395
We want to talk about what
an initialization vector,

00:37.395 --> 00:40.240
an algorithm, and a key.

00:42.920 --> 00:46.340
Let's talk about an
initialization vector.

00:46.340 --> 00:48.680
The job in the
initialization vector

00:48.680 --> 00:49.910
is to add randomness to

00:49.910 --> 00:53.355
the encryption process.
Randomness is good.

00:53.355 --> 00:55.340
We want our ciphertext as far

00:55.340 --> 00:57.940
removed from the plain
texts as possible.

00:57.940 --> 01:00.470
Even though the encryption
process is going to

01:00.470 --> 01:02.750
change our data from
plain text to cipher,

01:02.750 --> 01:04.735
by adding additional randomness,

01:04.735 --> 01:06.754
we'll make the
process more complex

01:06.754 --> 01:09.555
and that makes it more
difficult to reverse.

01:09.555 --> 01:11.750
For instance, think about

01:11.750 --> 01:14.605
your digital music collection
and digital music player.

01:14.605 --> 01:17.960
Onetime l lend a friend
of mine my iPod and she

01:17.960 --> 01:21.170
downloaded the sound
tracks to the [inaudible].

01:21.170 --> 01:23.195
Now, I know I can erase that,

01:23.195 --> 01:26.020
but I never think about
it until it's too late.

01:26.020 --> 01:29.210
I pull up to stop play
and I'm feeling cool and

01:29.210 --> 01:30.500
playing the music
that was popular

01:30.500 --> 01:31.865
when I was in high school.

01:31.865 --> 01:33.260
Then next thing you know,

01:33.260 --> 01:34.880
the song, The Sun Will
Come Out Tomorrow,

01:34.880 --> 01:37.685
starts playing on my
stereo and I'm thinking,

01:37.685 --> 01:39.145
got to be kidding me.

01:39.145 --> 01:40.970
My question is this,

01:40.970 --> 01:43.460
I've got over a thousand
songs on my iPod,

01:43.460 --> 01:45.680
why does the same
song keep coming up

01:45.680 --> 01:48.590
time and time again when I'm
playing it in random mode?

01:48.590 --> 01:51.530
I do find that there are a
handful songs that you can't

01:51.530 --> 01:55.080
count on hearing when I put
my music player on random.

01:55.670 --> 01:57.830
Well, if you look
at what I have on

01:57.830 --> 01:59.945
the screen, in the
second bullet,

01:59.945 --> 02:01.850
I just came up with
some random numbers

02:01.850 --> 02:04.150
and I came up with
some random math.

02:04.150 --> 02:05.360
But even though I've got

02:05.360 --> 02:07.024
>> random numbers
and random math,

02:07.024 --> 02:10.160
>> the question becomes,
do I have to randomness?

02:10.160 --> 02:13.460
Well, if I always start
at the track zero and I

02:13.460 --> 02:14.720
jump to the fifth track

02:14.720 --> 02:16.670
and jump three
tracks and so forth,

02:16.670 --> 02:18.920
I really don't get
randomness because it

02:18.920 --> 02:21.880
keeps starting at the
beginning of the zero track,

02:21.880 --> 02:24.665
but if I can randomize
the beginning point,

02:24.665 --> 02:27.380
then I add more randomness
to the process.

02:27.380 --> 02:30.005
Now the thing about the
initialization vector

02:30.005 --> 02:31.505
is that it needs
to be long enough,

02:31.505 --> 02:33.095
just like everything else.

02:33.095 --> 02:35.660
But you can't have an
initialization vector that is

02:35.660 --> 02:38.000
too long because when
you use security,

02:38.000 --> 02:40.100
you often trade performance.

02:40.100 --> 02:42.440
You want an initialization
vector that is

02:42.440 --> 02:44.605
just long enough,
but not too long.

02:44.605 --> 02:47.720
Let's go back to what we
talked about with WEP.

02:47.720 --> 02:52.145
Remember, WEP stands for
wired equivalent privacy

02:52.145 --> 02:53.780
and it was one of
the first means of

02:53.780 --> 02:57.115
encrypting Mi-Fi communication
for our local networks.

02:57.115 --> 03:01.490
With WEP, one of the starting
problems was that WEP had

03:01.490 --> 03:04.290
a very short
initialization vector

03:05.900 --> 03:09.240
and that IV was 24 bits.

03:09.240 --> 03:12.770
When WPA came along
to replace WEP,

03:12.770 --> 03:16.640
WPA increased the initialization
vector substantially.

03:16.640 --> 03:19.010
It went from a 24-bit IV to

03:19.010 --> 03:22.350
a 48-bit IV,
significantly better.

03:22.350 --> 03:26.315
WPA settled on the 48-bit
initialization vector

03:26.315 --> 03:29.090
and that gave us more security
than we had with WEP,

03:29.090 --> 03:32.820
but still performing it
enough to be acceptable.

03:33.020 --> 03:36.660
That 48-bit Initialization
vector continues

03:36.660 --> 03:40.990
today with WPA2 even WPA3.

03:41.410 --> 03:45.260
Now, a couple more things
to consider with IVs.

03:45.260 --> 03:48.305
First of all, have you heard
of the term seat insole?

03:48.305 --> 03:51.310
It's very comparable to
a initialization vector.

03:51.310 --> 03:53.570
We talk about
initialization vectors

03:53.570 --> 03:54.860
when we're encrypting data.

03:54.860 --> 03:56.720
But when we're
hashing passwords,

03:56.720 --> 03:59.615
it's a one-way mechanism
to protect our passwords.

03:59.615 --> 04:02.590
When we're hashing our
passwords, we add seeds.

04:02.590 --> 04:04.610
This adds randomness
is beginning.

04:04.610 --> 04:06.260
This makes passwords
more random,

04:06.260 --> 04:08.225
it makes them harder
to compromise.

04:08.225 --> 04:10.630
You could also hear
the term soul.

04:10.630 --> 04:12.240
A seed at the beginning of

04:12.240 --> 04:14.969
>> the process. A
soul is leader.

04:14.969 --> 04:17.160
>> All these things, seed, salt,

04:17.160 --> 04:21.070
and IV's have the same
purpose, to add randomness.

04:23.300 --> 04:26.450
Now, the second thing
to think about is how

04:26.450 --> 04:29.450
computers really aren't
good at true randomization.

04:29.450 --> 04:34.265
You and I can think of a
random number like 1,043,007,

04:34.265 --> 04:36.500
pretty easily on
top of our head,

04:36.500 --> 04:39.065
but computerized systems
are logic-based.

04:39.065 --> 04:40.915
There aren't very predictable.

04:40.915 --> 04:42.650
The challenge
becomes that we need

04:42.650 --> 04:45.050
randomness and allotting
incursion functions

04:45.050 --> 04:47.285
that we perform on
a day-to-day basis

04:47.285 --> 04:49.354
are dependent on randomness.

04:49.354 --> 04:51.230
Computers need something to base

04:51.230 --> 04:53.920
the randomness on in
order to come up with it.

04:53.920 --> 04:56.869
It could be based on
internal CPU cycles,

04:56.869 --> 04:59.435
temperature, date,
and time variables.

04:59.435 --> 05:01.400
There could be a million
different variables to

05:01.400 --> 05:03.440
come up with an
initialization vector.

05:03.440 --> 05:05.180
We just have to remember
that it's not truly

05:05.180 --> 05:08.100
random, it's pseudo-random.

05:08.540 --> 05:10.815
Something cool here.

05:10.815 --> 05:13.160
Have you heard of a
company called CloudFlare?

05:13.160 --> 05:15.975
They're an Internet
web organization.

05:15.975 --> 05:17.870
They provide
infrastructure support

05:17.870 --> 05:19.460
and security for
massive amounts of

05:19.460 --> 05:20.690
data and information and

05:20.690 --> 05:23.720
services at organizations
across the Internet.

05:23.720 --> 05:27.650
They use lava lamps as a
basis for the random numbers.

05:27.650 --> 05:30.335
They have a wall
of 100 lava lamps

05:30.335 --> 05:31.640
and they have a
camera that takes

05:31.640 --> 05:32.810
pictures of the lava lamps

05:32.810 --> 05:34.880
periodically and
sends those images

05:34.880 --> 05:36.230
to the servers that analyze

05:36.230 --> 05:38.540
the configuration
at any given time

05:38.540 --> 05:39.830
and it's always going to be

05:39.830 --> 05:41.649
>> different and unpredictable.

05:41.649 --> 05:44.360
>> They create a value for
the initialization vector

05:44.360 --> 05:45.830
based on the lava lamps.

05:45.830 --> 05:47.720
It's pretty fascinating.

05:47.720 --> 05:50.630
You can look it up and
read about how it works.

05:50.630 --> 05:52.655
It solves a problem.

05:52.655 --> 05:55.235
Real-life is more
random than computers,

05:55.235 --> 05:58.500
so we look to real
lives for solutions.