WEBVTT

00:00.000 --> 00:03.810
>> Hello. We've got an
initialization vector.

00:03.810 --> 00:05.220
We've got an algorithm,

00:05.220 --> 00:06.750
and we've got our keys.

00:06.750 --> 00:08.550
But it's probably
worth mentioning

00:08.550 --> 00:11.310
some desirable qualities
of these things.

00:11.310 --> 00:13.770
I don't have any
desirable qualities of

00:13.770 --> 00:15.795
an initialization
vector written here.

00:15.795 --> 00:17.730
But when we talked
about that earlier,

00:17.730 --> 00:21.385
we want our initialization
vectors to be long enough.

00:21.385 --> 00:23.655
That's true of keys as well.

00:23.655 --> 00:26.010
Long enough means that
based on the data,

00:26.010 --> 00:28.350
we provide adequate
security without training

00:28.350 --> 00:30.945
too much performance
or other costs.

00:30.945 --> 00:34.450
That decision is based
on risk management.

00:34.450 --> 00:38.090
For our algorithms, we
want the following.

00:38.090 --> 00:40.220
First of all, confusion,

00:40.220 --> 00:41.720
which means good, strong,

00:41.720 --> 00:43.865
complex math in substitution.

00:43.865 --> 00:46.240
That's what confusion is about.

00:46.240 --> 00:48.705
If you look at my
math functions,

00:48.705 --> 00:51.125
they are not the most
sophisticated functions,

00:51.125 --> 00:53.319
so we need confusion.

00:53.319 --> 00:55.635
Next is diffusion.

00:55.635 --> 00:58.450
This means that interspersed
with the ciphertext,

00:58.450 --> 01:00.320
we had plain texts
so that it's more

01:00.320 --> 01:02.960
difficult to reverse
and get an easy result.

01:02.960 --> 01:05.839
It just adds to the complexity.

01:05.839 --> 01:08.425
There's also something
called chaining.

01:08.425 --> 01:11.150
Sometimes you'll hear about
cipher block chaining.

01:11.150 --> 01:13.400
Chaining simply
means output from

01:13.400 --> 01:16.085
one function is used
to input to the next.

01:16.085 --> 01:18.814
But keep in mind that with
the chaining algorithm,

01:18.814 --> 01:21.380
you can have errors that
are cascading or propagated

01:21.380 --> 01:23.150
throughout because each output

01:23.150 --> 01:25.130
from one function
effects the next.

01:25.130 --> 01:29.345
[NOISE] If we go
back to our formula,

01:29.345 --> 01:31.730
plain tags plus
initialization factor

01:31.730 --> 01:34.535
plus algorithm plus
key equals ciphertext.

01:34.535 --> 01:36.350
Let's say that I
take the data of

01:36.350 --> 01:37.820
the plain text and I chunk

01:37.820 --> 01:41.065
the first block
into 256 bit block,

01:41.065 --> 01:42.860
and my ciphertext that gets

01:42.860 --> 01:45.610
produced is the
ciphertext for block 1.

01:45.610 --> 01:48.585
Now, we chunk data into block 2.

01:48.585 --> 01:50.450
But what is interesting
is that block

01:50.450 --> 01:52.864
2 is about to go through
this same process.

01:52.864 --> 01:55.750
But the initialization vector
that is used on block 2

01:55.750 --> 01:57.290
is actually the ciphertext

01:57.290 --> 01:59.140
that was produced from block 1.

01:59.140 --> 02:01.385
The output from the first block

02:01.385 --> 02:03.860
is used as input for
the second block.

02:03.860 --> 02:05.930
That produces
ciphertext from block

02:05.930 --> 02:08.645
2 that uses input for block 3.

02:08.645 --> 02:11.640
That is the chaining process.

02:12.610 --> 02:15.440
Another desirable
characteristic that

02:15.440 --> 02:18.260
helps with the complexity
is permutations.

02:18.260 --> 02:19.880
This is where you put the data

02:19.880 --> 02:22.175
through multiple
permutations arounds.

02:22.175 --> 02:24.170
DS, which we'll talk about

02:24.170 --> 02:27.190
later scenes for data
encryption standard.

02:27.190 --> 02:30.195
It would chunk data
into 64 bit blocks,

02:30.195 --> 02:31.460
and each block would go through

02:31.460 --> 02:34.105
the encryption process 16 times.

02:34.105 --> 02:37.820
When we say they're 16
permutations with DES,

02:37.820 --> 02:40.670
now DES was broken and it's

02:40.670 --> 02:44.425
actually used a 56 bit key
for its encryption process.

02:44.425 --> 02:47.700
When that happened, we
went to Triple DES.

02:47.700 --> 02:49.560
Which Triple DES?

02:49.560 --> 02:52.385
That means instead
of 16 permutations,

02:52.385 --> 02:54.740
each block went through
40 permutations

02:54.740 --> 02:55.955
before it was encrypted,

02:55.955 --> 02:58.345
we moved on to the next block.

02:58.345 --> 03:02.770
In that case, Triple DES
was a processing hog.

03:02.770 --> 03:05.180
You wouldn't really
want to use triple DES

03:05.180 --> 03:06.770
normally because of the sheer

03:06.770 --> 03:08.449
>> overhead of the processing.

03:08.449 --> 03:10.910
>> That's why AES
became much more

03:10.910 --> 03:14.475
popular and so much less
resource intensive.

03:14.475 --> 03:17.525
But the number of permutations
as the complexity.

03:17.525 --> 03:20.330
You have to ask,
how much is enough?

03:20.330 --> 03:23.280
The answer is just enough.

03:23.300 --> 03:25.955
Then the last bullet point here,

03:25.955 --> 03:28.700
undesirable qualities of
an algorithm is that we

03:28.700 --> 03:29.900
want our algorithms to be

03:29.900 --> 03:32.670
an open source and
publicly known.

03:32.720 --> 03:35.540
There's a big discussion
in the privacy and

03:35.540 --> 03:38.270
software development community
about what is better,

03:38.270 --> 03:41.140
open source or closed source?

03:41.140 --> 03:43.890
Let's look at Unix
versus Windows.

03:43.890 --> 03:46.025
Unix is open source code.

03:46.025 --> 03:47.690
You can look at the
code and you can

03:47.690 --> 03:49.685
manipulate it to work
for your environment.

03:49.685 --> 03:52.780
You can test it.
There are no secrets.

03:52.780 --> 03:57.724
Why? Well, this way the
community can examine,

03:57.724 --> 04:00.500
tear it apart, and put it
back together stronger.

04:00.500 --> 04:03.529
With more people working to
create a better product,

04:03.529 --> 04:05.850
the better the product will be.

04:05.990 --> 04:09.020
Well, if you can
look at Microsoft,

04:09.020 --> 04:10.685
their philosophy is that if

04:10.685 --> 04:12.380
other people can't see the code,

04:12.380 --> 04:14.155
then they can't break the code.

04:14.155 --> 04:16.010
But obviously people have

04:16.010 --> 04:18.005
been able to break
the Microsoft code.

04:18.005 --> 04:20.885
It hasn't worked as well
as they probably intended.

04:20.885 --> 04:22.550
Their philosophy is one of

04:22.550 --> 04:24.820
the security through obscurity.

04:24.820 --> 04:27.380
If you can't see it,
you can't break it.

04:27.380 --> 04:29.420
But it doesn't work.

04:29.420 --> 04:31.760
Our preference on this exam and

04:31.760 --> 04:35.000
most other exams you might
take is to have openness.

04:35.000 --> 04:36.800
You should have a
publicly known,

04:36.800 --> 04:39.205
tried and true algorithm
as your choice.

04:39.205 --> 04:42.410
That is better than a
proprietary secret algorithm

04:42.410 --> 04:43.790
and is based on a principle

04:43.790 --> 04:45.504
>> called Kerckhoff's principle.

04:45.504 --> 04:47.000
>> I may not have had his name

04:47.000 --> 04:48.725
spelled exactly
right on the side.

04:48.725 --> 04:50.870
But that's what the
principle is called.

04:50.870 --> 04:53.630
The principles as the
algorithm he open.

04:53.630 --> 04:55.730
The cryptography
community will examine

04:55.730 --> 04:58.445
your algorithm and
make it better.

04:58.445 --> 05:00.590
Now the desirable qualities

05:00.590 --> 05:02.554
>> for keys are just as follows.

05:02.554 --> 05:04.385
>> We want them to be long,

05:04.385 --> 05:05.810
and that's just long enough.

05:05.810 --> 05:07.535
We want them to be random,

05:07.535 --> 05:09.590
and we want our
keys to be secret.

05:09.590 --> 05:11.750
If our algorithm is
going to be open,

05:11.750 --> 05:14.030
then the key has to be secret.

05:14.030 --> 05:15.845
Once we have all this,

05:15.845 --> 05:17.570
it's the basis upon
which will build

05:17.570 --> 05:20.580
everything that we'll do
in the rest of the class.