WEBVTT

00:00.710 --> 00:07.700
Symmetric block mode encryption is the cornerstone of pretty much everything we do in terms of encryption

00:07.970 --> 00:08.920
on the Internet.

00:08.960 --> 00:15.380
And it works really well and it's very very robust but block encryption has a problem.

00:15.380 --> 00:20.120
Now what I'm going to use is a E-S encryption as an example here.

00:20.120 --> 00:26.420
But what we're going to do is set up a a little diagram and I want to show you one little problem with

00:26.420 --> 00:27.610
block encryption.

00:27.860 --> 00:32.540
So let's start off by setting up a little encryption machine.

00:32.540 --> 00:36.170
So I want to start off our diagram here is in the upper right hand corner.

00:36.200 --> 00:41.140
Let's make like a little conveyor belt of ones and zeros that are coming out to be encrypted.

00:41.150 --> 00:47.660
Remember the whole idea of block mode is that it's going to take a chunk of ones and zeros and it's

00:47.660 --> 00:52.090
going to drop it into this encryption block where we apply the key.

00:52.340 --> 00:55.600
And then it is output as encrypted text.

00:55.670 --> 00:59.290
And I'm going to make another little conveyor belt here as we show each block.

00:59.300 --> 01:01.110
Now I want you to look very closely here.

01:01.220 --> 01:07.850
So as this runs you're going to see that we're only grabbing eight ones and zeros at a time.

01:07.850 --> 01:14.000
Now if you've been watching in other episodes you know that we don't do anything a little 8 bit chunks.

01:14.090 --> 01:20.210
Today's powerful symmetric block encryptions like abs are going to be working in an absolute minimum

01:20.270 --> 01:22.190
at 64 bit chunks.

01:22.190 --> 01:26.780
The reason I'm doing little 8 bit chunks is just to make the diagram a little bit easier for you to

01:26.780 --> 01:28.100
understand.

01:28.100 --> 01:34.220
So the bottom line is is that with any form of symmetric block mode if you grab that chunk and you drop

01:34.220 --> 01:41.060
it through your encryptor with the key and you output it every time you grab a 64 bit chunk or whatever

01:41.060 --> 01:48.820
the chunk size is and you keep encrypting it with the same key you're always going to get the same output.

01:48.830 --> 01:56.480
So this mode which we call electronic codebook is a bit of a problem in that we run into situations

01:56.570 --> 01:58.280
where patterns can appear.

01:58.280 --> 02:00.400
Let me give you a great example.

02:00.500 --> 02:04.000
This cute kid right here is my little grand niece Mattie.

02:04.100 --> 02:08.250
Now what I want to do is take this image and I want to encrypt it.

02:08.450 --> 02:15.410
So the problem we run into is that the individual pixels of most images are going to be of a particular

02:15.410 --> 02:20.770
size and it depends on the type of file format jpeg or whatever you might have.

02:20.870 --> 02:26.810
But what will start happening is if we encrypt this in ECB mode it's going to end up looking something

02:26.810 --> 02:27.870
like this.

02:29.120 --> 02:29.690
Yeah.

02:29.750 --> 02:34.460
All the individual pixels are encrypted but because they're encrypted with the same block size with

02:34.460 --> 02:40.640
the same key they keep coming out absolutely identical so it may not be a black pixel it might be a

02:40.640 --> 02:45.340
yellow pixel but the bottom line is I can still make out Miss Mattie there.

02:45.710 --> 02:49.280
So we've got a problem with symmetric block encryption.

02:49.280 --> 02:54.920
The problem is is that we can generate patterns that can actually give away our data.

02:54.920 --> 02:59.880
Now in that example I just showed you we're using a photograph that's pretty easy to make that out.

02:59.960 --> 03:05.110
But we can run into the same types of problems with voice with databases with all kinds of stuff.

03:05.150 --> 03:10.010
The patterns aren't as easy to show in a video but the same problems exist.

03:10.010 --> 03:15.750
So what we do is we don't use ECB mode with our symmetric encryptions.

03:15.830 --> 03:23.000
What we do instead is we use different types of what are known as block modes to obfuscate the data

03:23.000 --> 03:23.800
better.

03:23.840 --> 03:26.960
So there are a number of block modes that are on the exam.

03:26.960 --> 03:29.600
So what I want to do is go through each one of them.

03:29.660 --> 03:36.290
The basic trick to all of these different block mood's is that we're going to encrypt something and

03:36.290 --> 03:39.780
then we're going to use that encryption to help encrypt the next one.

03:39.890 --> 03:44.420
So we end up there really kind of like a chain and they're actually very interesting they're on the

03:44.420 --> 03:45.080
exam.

03:45.140 --> 03:49.860
So let's go through each and every one of these because you're going to see it you're ready.

03:49.940 --> 03:54.990
The first black vote I want to show you is called Sipher block chaining or CBC.

03:55.010 --> 04:01.520
So we've got our encryption methodology here we've got our plain text at the top we've got our output

04:01.520 --> 04:05.120
text which is going to be we'll start loading there at the bottom.

04:05.120 --> 04:08.590
And here's our encryption but we're going to do something different this time.

04:08.600 --> 04:12.920
First of all we're going to add something called an initialization vector.

04:12.950 --> 04:14.720
So here's an initialization vector.

04:14.720 --> 04:17.630
It is the same size as the blocks themselves.

04:17.660 --> 04:23.030
And what we're going to do is before we encrypted we're going to take that first block and we're going

04:23.030 --> 04:28.850
to do an x or against this initialization vector then we're going to go ahead and encrypt it and put

04:28.850 --> 04:30.510
the encryption output down there.

04:30.530 --> 04:34.210
But we're also going to keep another copy.

04:34.430 --> 04:38.960
And this is going to be used for the next block in that way.

04:38.960 --> 04:44.570
What's happening is that we're not going to get the exact same data for every different key because

04:44.570 --> 04:47.240
we're actually changing it a little bit every time.

04:47.240 --> 04:53.680
Next is Sipher feedback now with Sipher feedback or CFB.

04:53.720 --> 04:58.040
You're going to see it's actually pretty similar to what we just looked at in this case though we're

04:58.040 --> 05:04.400
going to take that initialization vector and we're going to go ahead and encrypt we encrypt the initialization

05:04.400 --> 05:11.500
vector and then we take the output of that encryption and we x or it to the first block.

05:11.510 --> 05:12.760
So here we go ahead.

05:12.860 --> 05:17.710
Outputs and and it just gets X ored to that first block.

05:17.710 --> 05:18.770
So it comes in.

05:18.830 --> 05:26.150
We put one copy of the output down on to the ciphertext and then we go Hinze cycle that output and use

05:26.150 --> 05:26.530
that.

05:26.540 --> 05:29.250
And we go ahead and encrypt that for the next one.

05:29.300 --> 05:32.030
Third is output feedback.

05:32.120 --> 05:38.210
Now with output feedback what we're gonna do is we're going to take one initialization vector and we're

05:38.210 --> 05:43.120
going to go Edmond crypt that we're going to take the output of that encryption and we're going to X

05:43.120 --> 05:47.170
or it to that first block then we go ahead and put that output there.

05:47.180 --> 05:52.160
Now in this case what's actually kind of interesting is we just keep using that same initialization

05:52.160 --> 05:57.000
vector C-T our counter is a little bit different than the others.

05:57.140 --> 06:01.220
In this particular case what we're going to have is a non-SS Dahlia.

06:01.220 --> 06:08.000
Now in this particular example it's only four bits long but again in the real McCoys it's much bigger

06:08.000 --> 06:08.660
than this.

06:08.720 --> 06:12.670
And then the counter value that continues to increment in binary.

06:12.890 --> 06:17.780
So in this case what we're going to do is we're going to combine the non-SS and the counter we go ahead

06:17.780 --> 06:25.610
and encrypt that and then we take the first block of the plain text an X or it to create the first block

06:25.850 --> 06:33.140
of ciphertext the next time we do this all we do is we increment the counter so the counter gets incremented.

06:33.140 --> 06:38.000
We go ahead and concatenate that to the non-SS we encrypt all that.

06:38.180 --> 06:42.740
And then we go ahead and take that and output that to the second block.

06:42.950 --> 06:49.580
The power of these different forms of block modes is that they get around this limitation of symmetric

06:49.580 --> 06:51.030
block encryptions.

06:51.230 --> 06:56.090
So by using anything other than ECB we should be able to do something like this.

06:56.090 --> 07:01.240
So here's my cute little niece Mattie one more time and applying a good block mode to it.

07:01.280 --> 07:03.170
It should look something like this.

07:03.530 --> 07:05.480
Totally randomized data.

07:06.410 --> 07:07.590
For the exam.

07:07.640 --> 07:15.420
Make sure you're aware of the fact that number one nobody uses ECB anymore it's simply not done there

07:15.420 --> 07:21.120
are a number of different block moods out there and different types of cryptosystems will take advantage

07:21.120 --> 07:25.120
of them depending on what they need for their particular application.

07:25.920 --> 07:45.710
In.