WEBVTT

00:00.000 --> 00:02.520
>> Hello. We talked about

00:02.520 --> 00:04.595
the basic elements
of cryptography,

00:04.595 --> 00:07.905
and in the last section we
talked about algorithms.

00:07.905 --> 00:09.500
We said that algorithms are

00:09.500 --> 00:11.400
the math functions that
are used to provide

00:11.400 --> 00:15.015
the substitution from
plaintext to ciphertext,

00:15.015 --> 00:16.800
and then we said an algorithm

00:16.800 --> 00:18.329
>> has to be used with the key

00:18.329 --> 00:19.950
>> because a key provides

00:19.950 --> 00:21.150
the instructions on how to

00:21.150 --> 00:23.490
use the mouth of the algorithm.

00:23.490 --> 00:26.370
Now we're going to talk
about two different types of

00:26.370 --> 00:29.640
cryptography: symmetric
and asymmetric.,

00:29.640 --> 00:32.545
and these terms refer to
the key that is used.

00:32.545 --> 00:35.015
It has to do with what key is,

00:35.015 --> 00:36.500
how you get the key, and how you

00:36.500 --> 00:39.060
use the key, and so forth.

00:40.460 --> 00:42.680
The first type
we're going to talk

00:42.680 --> 00:44.950
about is symmetric cryptography.

00:44.950 --> 00:47.150
With symmetric cryptography,

00:47.150 --> 00:49.460
the same key is used
by both parties.

00:49.460 --> 00:52.295
Encrypt data with that
key and when you get it,

00:52.295 --> 00:54.590
you have to decrypt
it with the same key.

00:54.590 --> 00:57.030
It's like your house
key you, use it to

00:57.030 --> 01:00.130
lock the door and
unlock the door.

01:00.250 --> 01:02.270
Now let's take a look at some of

01:02.270 --> 01:05.150
the drawbacks to
symmetric cryptography.

01:05.150 --> 01:08.210
It's really important with
symmetric cryptography that

01:08.210 --> 01:11.165
we find a way to securely
distribute the keys.

01:11.165 --> 01:13.730
Let's say I need a
person to watch my dogs

01:13.730 --> 01:16.340
this weekend and
you offer to do it.

01:16.340 --> 01:19.430
I have two puppies and
a 14-year-old dog.

01:19.430 --> 01:22.040
As you can imagine
the 14-year-old dog

01:22.040 --> 01:24.190
is not amused by
the puppies at all,

01:24.190 --> 01:26.660
but anyway the problem is that I

01:26.660 --> 01:29.165
need to find a way to
give my house key to you.

01:29.165 --> 01:31.220
I could hide it under
my little garden or

01:31.220 --> 01:34.580
my front porch, but
that's not secure.

01:34.580 --> 01:37.940
How can I get it to you
in a secure fashion?

01:37.940 --> 01:40.040
The most secure way is to walk

01:40.040 --> 01:41.855
over and give it
to you in-person,

01:41.855 --> 01:44.035
but that's not practical.

01:44.035 --> 01:45.950
Since I will be
giving you the key in

01:45.950 --> 01:48.545
a different environment that
are normal communications,

01:48.545 --> 01:51.755
we call this an out-of-band
key distribution.

01:51.755 --> 01:55.260
That's one of the downsides
of symmetric cryptography.

01:55.310 --> 01:57.830
Symmetric cryptography
is usually

01:57.830 --> 01:59.240
pretty easy to understand

01:59.240 --> 02:01.010
because most of the
logs we work with in

02:01.010 --> 02:03.410
our lives use symmetric
cryptography.

02:03.410 --> 02:06.095
The hardest thing about
symmetric cryptography

02:06.095 --> 02:08.585
is to remember all the
different names it can go by;

02:08.585 --> 02:11.015
secret key, private key,

02:11.015 --> 02:14.660
shared key, or in some
cases session key.

02:14.660 --> 02:18.590
Now going back to my need
for a dog walker, Let's see,

02:18.590 --> 02:20.795
I've chosen one person
to walk my dogs,

02:20.795 --> 02:22.550
and let's see that
I do find a way to

02:22.550 --> 02:24.650
get that person
the key security.

02:24.650 --> 02:28.175
As long as we're both
trustworthy, it can work.

02:28.175 --> 02:30.350
Next, let's say we decide

02:30.350 --> 02:32.210
we're going to join
in dogs and in club,

02:32.210 --> 02:34.310
and at any given moment
you could ask one of

02:34.310 --> 02:36.920
us to come over that
evening and walk your dogs.

02:36.920 --> 02:39.080
They would be able to
do it because we are

02:39.080 --> 02:41.785
all going to share
our house keys.

02:41.785 --> 02:44.535
Everyone would have
everyone's house key.

02:44.535 --> 02:46.010
Can you imagine how many

02:46.010 --> 02:47.615
keys we would have
to keep up with?

02:47.615 --> 02:50.900
That's just not
possible, that's crazy.

02:50.900 --> 02:52.400
Well, that's the second problem

02:52.400 --> 02:53.945
is symmetric cryptography.

02:53.945 --> 02:56.720
As your numbers increase
you need a key for

02:56.720 --> 02:58.550
each communication channel but

02:58.550 --> 03:02.210
also they need a key for
each communication channel,

03:02.210 --> 03:05.550
so this is not a solution
that scales well.

03:05.900 --> 03:07.950
Then the other problem with

03:07.950 --> 03:09.860
symmetric cryptography is that

03:09.860 --> 03:12.335
it does not provide
non repudiation.

03:12.335 --> 03:14.450
Remember when we
talked about pain and

03:14.450 --> 03:15.860
the security services
you want with

03:15.860 --> 03:17.945
cryptography: privacy,

03:17.945 --> 03:21.035
authenticity, integrity,
and non-repudiation,

03:21.035 --> 03:23.240
we said that those
are security systems

03:23.240 --> 03:25.025
that we want with cryptography.

03:25.025 --> 03:27.650
Well, the only one of those
services that you get

03:27.650 --> 03:30.380
with symmetric
cryptography is privacy.

03:30.380 --> 03:32.300
There is nothing that guarantees

03:32.300 --> 03:35.345
non-repudiation because
the key is shared.

03:35.345 --> 03:37.010
If you and I share a key to

03:37.010 --> 03:39.635
some data and that data
gets leaked to media,

03:39.635 --> 03:41.060
I can only say that you leaked

03:41.060 --> 03:43.715
it because we both
share the same key.

03:43.715 --> 03:45.860
Or as another example,

03:45.860 --> 03:47.060
if you and I share a locker

03:47.060 --> 03:48.379
>> in the back of the classroom

03:48.379 --> 03:49.970
>> and one of us leaves
a [inaudible] damage

03:49.970 --> 03:51.440
in the locker over the weekend,

03:51.440 --> 03:53.900
even though we all
know it was me I could

03:53.900 --> 03:57.025
see it was you because we
share the same logger.

03:57.025 --> 04:00.390
With all the issues in
symmetric cryptography,

04:00.390 --> 04:02.445
why do we even talk about it?

04:02.445 --> 04:04.275
Because it's fast.

04:04.275 --> 04:06.320
We want speed, so just put

04:06.320 --> 04:08.240
it in the back of your
mind for future use

04:08.240 --> 04:10.010
that we want to
send bulk data with

04:10.010 --> 04:13.260
symmetric cryptography
due to its speed.