WEBVTT

00:00.420 --> 00:06.000
One of the big challenges to using asymmetric encryption is the fact that well if you're going to do

00:06.000 --> 00:11.820
a symmetric encryption you're going to generate a public public he says will be read this time and a

00:11.850 --> 00:14.400
private key so you're going to generate this key pair.

00:14.440 --> 00:22.670
Now in this particular example let's say that I'm a web server and I own a company called Total seminars

00:23.120 --> 00:28.450
and the Web site is W.W. that totals them dot com and I want people to be able to buy stuff on my web

00:28.450 --> 00:28.890
site.

00:29.000 --> 00:35.930
So I want to set up a secure web server so in the most simple world what I would do is I would generate

00:35.930 --> 00:42.620
the public and private key pair and any time anybody logged into my website I would automatically just

00:42.620 --> 00:49.180
send them this public key and then that way we could start asymmetric encryption Well that's a problem

00:49.240 --> 00:51.500
and it's a big problem.

00:51.610 --> 00:57.940
The problem with asymmetric encryption is the public key if you get a public key from somebody and by

00:57.940 --> 01:05.260
the way when you log into a secure Web site when you type in the DP s colon backslash www.youtube.com

01:05.500 --> 01:10.470
you automatically get the public key sent from that web site straight to your system.

01:10.540 --> 01:11.110
OK.

01:11.260 --> 01:16.230
So it's not like e-mail where we have to send it via e-mail or anything like that.

01:16.310 --> 01:23.900
But the problem is is do you as a person who is running a little web client do you know that this public

01:23.900 --> 01:27.080
key is for www.youtube.com.

01:27.110 --> 01:30.050
It may say it up on the screen but there's ways to get around that.

01:30.050 --> 01:36.320
So the problem with asymmetric encryption is not the public private key that that works pretty much

01:36.320 --> 01:37.160
perfectly.

01:37.160 --> 01:44.490
The problem is in the key exchange How do you know a where did this public key come from and B is it

01:44.510 --> 01:46.480
the person that you think it is.

01:46.640 --> 01:48.840
So there's two problems here.

01:48.860 --> 01:52.680
So in order to get around this there's actually something really cool I want to tell you about.

01:52.770 --> 01:58.610
Hey remember we've said in previous episodes that you always encrypt with the public key and you decrypt

01:58.610 --> 01:59.750
with the private key.

01:59.750 --> 02:00.620
And that's true.

02:00.650 --> 02:02.580
But I will let you in on a little secret.

02:02.720 --> 02:05.180
There is no difference between a public and a private key.

02:05.180 --> 02:09.480
I mean there are different numbers that are just binary strings and they're different binary strings.

02:09.680 --> 02:13.070
But there's nothing special about the public key that it can only encrypt.

02:13.190 --> 02:18.440
There's nothing special about the private key that could only decrypt when you generate a public private

02:18.440 --> 02:24.040
key payer either one of these could be the public key just by convention we pick a particular one.

02:24.200 --> 02:29.900
So again the public and private key are just a string of ones and zeros they're different strings but

02:29.900 --> 02:31.520
they're just strings of ones and zeros.

02:31.520 --> 02:36.740
Anything you encrypt with this can be decrypted with this anything you encrypted with this can be decrypted

02:36.740 --> 02:37.600
with this.

02:37.610 --> 02:38.750
Now we never do that.

02:38.840 --> 02:40.930
We never never ever do that.

02:40.940 --> 02:47.720
The reason we don't do it is because if we started to encrypt with both sides of this there are ways

02:47.720 --> 02:51.980
that it can be hacked and naughty things happen we don't want to ever do that.

02:51.980 --> 02:53.990
However there are some cool things we can do.

02:53.990 --> 02:55.250
Let me give you one example.

02:55.460 --> 03:01.440
So again I'm going to go back to WWE total CENTCOM I generate a public and private key you log into

03:01.460 --> 03:02.790
my website.

03:02.810 --> 03:04.100
Got it.

03:04.100 --> 03:09.470
Now what I'm going to do is I'm going to send you the public key but I'm not going to send you the public

03:09.470 --> 03:11.030
key by itself.

03:11.270 --> 03:15.620
What I'm going to do is I'm going to take the web page that you're on right now whatever that web page

03:15.620 --> 03:23.630
is and I'm going to encrypt it encrypted with my private key and then I'm going to send you a hash of

03:23.630 --> 03:24.470
that web page.

03:24.470 --> 03:25.630
Got the idea.

03:25.940 --> 03:31.720
So when I send you my public key I'm not just sending you the public key.

03:31.720 --> 03:36.890
I'm going to literally take the entire web page encrypted with my private key and then I'm going to

03:36.890 --> 03:42.680
make a hash out of it and I'm going to send you not only my public key but a hash of the page that you're

03:42.680 --> 03:43.840
on right now.

03:43.970 --> 03:48.140
What you can do is because you're getting that web page to is with your public key.

03:48.140 --> 03:56.300
You can encrypt that entire web page at the exact same page hash it and compare the hash that I sent

03:56.300 --> 04:03.520
you with the hash that you've generated and you now know without any question whatsoever that whoever

04:03.530 --> 04:07.930
is associated with this private key has sent you the public key.

04:07.940 --> 04:09.630
Do you understand the power of that.

04:09.650 --> 04:12.780
It gives us a little bit of the tool that says Yep.

04:12.800 --> 04:20.900
Whoever has this private key has sent me this public key and we call that a digital signature a digital

04:20.900 --> 04:22.190
signature is just a hash.

04:22.190 --> 04:23.210
That's all it is.

04:23.210 --> 04:27.830
So if it's a web page we hash we encrypt and hash the web page.

04:27.830 --> 04:34.010
If I'm sending you a public key for email encryption whatever e-mail that I'm sending you at that moment

04:34.040 --> 04:39.200
I'm going to go ahead and encrypt it and hash it and whatever it is we have now generated a digital

04:39.200 --> 04:45.230
signature and the digital signature is nothing more than a hash of whatever chunk of data that you happen

04:45.230 --> 04:51.540
to be looking at encrypted chunk of data that says this had to have come from this private key.

04:52.800 --> 04:54.670
Well that's great but it's not complete.

04:54.720 --> 05:00.590
See the problem that we run into now is that again let's go back to my WW total seven dotcom.

05:00.740 --> 05:06.480
And so you go on that totals dotcom and you go and you want to start buying stuff and it kicks over

05:06.480 --> 05:08.310
into a secure web page.

05:08.310 --> 05:15.840
So boom comes down the public the boom comes down my digital signature did really come from tolls and

05:15.860 --> 05:16.300
outcome.

05:16.320 --> 05:20.240
I mean sure it says W.W. totals and dot com but I can beat that.

05:20.250 --> 05:23.920
There are ways that I can spoof those addresses and for you.

05:24.090 --> 05:25.860
Or what if I stole somebody else's certificate.

05:25.860 --> 05:31.750
What if I stole a certificate from w w w dot Intel dot com and pass that down.

05:31.770 --> 05:40.860
The problem you have now is that you can't say for sure that I Mike Meyers and the person or I yto told

05:40.860 --> 05:41.420
them that.

05:41.480 --> 05:45.370
And the person from which this public private key payer was generated.

05:45.750 --> 05:53.350
So to get around that what we're going to do is you and I are going to shake hands and before we start

05:53.350 --> 05:59.500
doing any business we're going to agree on a third party let's say you and I both know my buddy Ginnell.

05:59.530 --> 06:00.300
All right.

06:00.430 --> 06:05.650
So what I'm going to do is I'm going to go to Ginnell and I'm going to say hey Janell I would like you

06:05.950 --> 06:09.230
because you and I know each other we've been friends for 30 years.

06:09.280 --> 06:10.160
I want you.

06:10.180 --> 06:14.770
And by the way you have one of my public keys I have your public key whatever what I need you to do

06:14.980 --> 06:19.650
is generate your own digital signature not based on this relationship.

06:19.690 --> 06:27.190
But based on your and my relationship and what I'd like to do is attach that digital signature to my

06:27.190 --> 06:30.120
public key along with my digital signature.

06:30.130 --> 06:38.640
So what we've done now is we have a public key and this public key says well this my my public key that

06:38.650 --> 06:44.410
we have a digital signature which guarantees that whoever actually owns that private key is associated

06:44.410 --> 06:51.730
that public key and then we have a third party that says yep I guarantee as much as money and law will

06:51.730 --> 06:52.870
allow that.

06:52.870 --> 07:01.950
This is Mike Myers and that's the WWE that totals them website and it is OK so this all sounds pretty

07:01.950 --> 07:02.730
good.

07:02.950 --> 07:08.740
But we don't ever send public keys by themselves.

07:08.740 --> 07:14.440
We don't send piles of keys with all these digital signatures I guess with e-mail we could make three

07:14.440 --> 07:15.860
attachments or something.

07:15.910 --> 07:21.730
What we do instead is we generate something called a digital certificate a digital certificate is a

07:21.730 --> 07:23.560
document like a Word document.

07:23.620 --> 07:27.900
It's like a halfway filled in Word document and then you fill in the blank spots.

07:28.000 --> 07:33.990
And if you send any body a public key you don't send a public key by itself.

07:33.990 --> 07:35.020
It's never done.

07:35.050 --> 07:41.010
You send a certificate and inside that certificate is going to be my public key.

07:41.050 --> 07:45.100
It's going to have to make sure you get the right one is going to have my digital signature knowing

07:45.100 --> 07:46.700
that it came from my key pair.

07:47.320 --> 07:54.670
And it's going to have the third party that you and I trust that says yep this is really Mike Meyers.

07:54.970 --> 08:01.960
Now what's important is that you and I don't generate our own certificates we can we'll talk about that

08:01.960 --> 08:02.850
in the next episode.

08:02.860 --> 08:11.470
But what we normally do is we go to a third party and we go would you create me a certificate and that

08:11.470 --> 08:13.760
person knows us in some fashion.

08:13.800 --> 08:15.010
We have met with them.

08:15.010 --> 08:19.930
They know my company whatever it is and they will and they already have my public key.

08:20.140 --> 08:25.810
So if they don't I can get it to him give my a public key give them my digital signature and then they

08:25.810 --> 08:27.550
will generate a certificate.

08:27.550 --> 08:31.600
It's the actual process of generating certificate is trivially easy.

08:31.600 --> 08:37.260
You can do it any copy of Linux any copy of Microsoft Windows and you can generate the certificate.

08:37.300 --> 08:38.640
They'll generate the certificate.

08:38.650 --> 08:45.370
But what they do that makes it important and good and amazing is that they add their third party digital

08:45.370 --> 08:48.070
signature that says Good.

08:48.730 --> 08:50.130
And that's where the challenge comes in.

08:50.140 --> 08:53.050
Oh and by the way once I had the certificate I can pass it out to anybody.

08:53.050 --> 08:55.290
I can take the certificate put it into my web server.

08:55.450 --> 08:59.230
And anytime anybody logs into my web server and wants to go secure and boom they automatically get a

08:59.230 --> 09:05.740
copy I can if I want to do this for e-mail I can take the certificate embedded into any email not an

09:05.740 --> 09:09.220
encrypted e-mail just a regular e-mail go hey here's my certificate.

09:09.220 --> 09:14.700
We pass out certificates like crazy because this is how we move public keys.

09:14.770 --> 09:15.940
OK.

09:16.870 --> 09:20.400
The trick here is who do you trust.

09:20.620 --> 09:26.640
Because the whole power of a certificate is that we have people that we trust.

09:26.730 --> 09:32.140
Well that the two sides of this equation trust and say yep this is somebody I'm going to trust and do

09:32.140 --> 09:33.370
business with.

09:33.370 --> 09:35.760
So there's really three ways to do trust.

09:35.800 --> 09:39.430
The first way to do trust is to generate a certificate on your own.

09:39.430 --> 09:43.400
Forget the third party just make your own certificates easy enough to do.

09:43.540 --> 09:48.470
And that's called an unsigned certificate unsigned certificates are fantastic.

09:48.760 --> 09:54.550
As long as both people understand that there is no third party vouching for you we use unsigned certificates

09:54.550 --> 09:55.510
here total seminars.

09:55.510 --> 09:59.610
I have some in-house web servers and people want to access them.

09:59.650 --> 10:03.940
We all know each other I mean you can't even get to this web server unless you're an employee of mine.

10:04.000 --> 10:10.870
So unsigned web servers there are very common and they work fine but only if you have some other form

10:10.870 --> 10:13.530
of trust like you work for me.

10:13.580 --> 10:15.640
Other than that you've got two other choices.

10:15.680 --> 10:18.590
Web of trust and TKI.

10:18.620 --> 10:20.360
So let's start with web of trust.

10:20.360 --> 10:23.790
I got a little graphic for you to show you how that works.

10:23.810 --> 10:31.680
So here's me and I want to get a certificate now in order for me to get a certificate.

10:32.060 --> 10:38.030
In this particular situation this web of trust we don't have a particular authorities want to do is

10:38.030 --> 10:41.060
find other people who are using this type of certificate.

10:41.060 --> 10:47.510
So here's a couple of people I know and I can get them to sign my certificate.

10:47.510 --> 10:52.520
Now depending on how this is done and you see this with e-mail a lot of times you will never see is

10:52.550 --> 10:54.040
on web browsers.

10:54.080 --> 10:58.090
What will happen is that I will have to probably call this person on the phone.

10:58.190 --> 11:03.290
I might have to send him a photocopy of my driver's license it really just depends on how rigorous a

11:03.290 --> 11:05.070
particular web of trust is.

11:05.090 --> 11:08.360
And now these Web trust can grow so let's make this a little bit bigger.

11:09.300 --> 11:15.840
And over time with a web of trust you end up having a fairly complicated setup where you have a lot

11:15.840 --> 11:23.510
of people who trust each other web of trust works beautifully as a trust model for certificates.

11:23.510 --> 11:25.340
But it has some problems.

11:25.340 --> 11:31.790
The big problem the web of trust is that it requires a lot of people doing a lot of work to administer

11:31.820 --> 11:33.140
and make this happen.

11:33.140 --> 11:36.080
There's very little to web of trust that's in essence automated.

11:36.080 --> 11:39.450
You've got to work hard to keep it up and going.

11:39.560 --> 11:45.780
That's why web of trust is never really taken off it's had its moments for email certificates.

11:45.920 --> 11:49.670
It's had its moments for Believe it or not.

11:49.700 --> 11:52.930
Even hard drives encryption and stuff like that.

11:52.940 --> 12:01.900
But if you really want to do trust with certificates the right way you do something called public key

12:01.990 --> 12:09.250
infrastructure public key infrastructure is a hierarchial method that starts off with root servers up

12:09.250 --> 12:14.230
at the top intermediate servers and goes down to users so there's always a boss at the top.

12:14.230 --> 12:20.910
Let me show you how this works public key infrastructure is based on the idea of a hierarchy at the

12:20.910 --> 12:27.870
top of this hierarchy are what we call the certificate authorities a certificate authority is an organization

12:27.900 --> 12:31.500
that pretty much just issues certificates.

12:31.500 --> 12:33.800
These are usually big companies.

12:33.840 --> 12:38.640
Probably the most famous is sign but thought he would be another name that comes to mind.

12:38.790 --> 12:45.180
There's just a few hundred of these and these organizations simply based on the full faith and credit

12:45.240 --> 12:54.600
of your and my trust in them generate certificates that everybody knows and recognizes now if we have

12:54.660 --> 13:00.690
a lot of people who are going to these certificate authorities the challenge we run into is that they

13:00.690 --> 13:01.980
can be kind of busy.

13:01.980 --> 13:07.860
So normally what we'll do is between us users of those certificates and the certificate authorities

13:08.160 --> 13:14.400
our intermediate certificate authorities who are only there to take the load off of the certificate

13:14.400 --> 13:15.840
authority themselves.

13:15.840 --> 13:23.580
So basically we have a nice little hierarchy like this TKI is the way we do the Internet.

13:23.580 --> 13:28.980
If you're going to be dealing with certificates on the Internet particularly in a e-commerce way you're

13:28.980 --> 13:30.600
going to be dealing with Piquet's.

13:30.710 --> 13:36.630
And anybody who's ever set up a Web site that actually uses a CBS realizes that you've got to go to

13:36.630 --> 13:40.170
people sign and wate and folks like that.

13:40.290 --> 13:45.840
In fact the whole idea is pretty complicated it's fascinating.

13:45.840 --> 13:47.620
But we need to get some more depth to it.

13:47.670 --> 13:52.680
And in order for us to really really understand and wrap our minds around TKI I'm going to save it for

13:52.680 --> 13:53.760
the next episode.

13:53.760 --> 13:54.310
See you there

13:54.940 --> 14:14.940
in.