Hi. Welcome back to the course. In the last video, we talked about some different cryptography tools. So things like advanced encryption package 2017 and then also like, BC texting coder.
So in this video, we're gonna talk about public, he infrastructure, email, encryption and then also disc encryption. So we're gonna cover things like pretty good privacy or PGP as well.
So public key infrastructure. So basically, this is these are the rules, policies and procedures that are needed to create, manage, distribute you store gets and then also manage public key encryption. So basically, it's a way to bind a particular public key to a specific entity. So if you think about when you, like, download a piece of software like I want to say, like malware bites, right? So anti malware
you download Dad, you go to install it
on Microsoft Windows. And let's say you have user account control in place. So you get that little pop up saying, Hey, do you want to install the software
in their little pop up? You should also see something that might say, like show publishers certificated or show you no information about the certificate. If you click on that, that's gonna be able to show you how that ties it to our bites as the verified
company that that's doing that software. So, for example, and we'll talk about that. I've got a little brief kind of lab video just shown you that right after we got to get done with this lecture and then we'll actually jump into our next section after that. But we'll talk about that in that video right after this one.
So we've got, like, two certificate authority, the basically certifies like, Okay, you know, this is you know who they say they are. The registration authority, the web of trust. So many easy council official material. You'll probably see something about maybe self sign is what they're basically they normally call it in there. But that's the Web, a trust. So essentially, I
you know, let's say that you and I know each other. We grew up together. We're best friends, right?
So I kind of I kind of I can vouch for you. I know you are right. And so that's a similar process here. So I you know, you sell signing certificate, but then I may be some other friends that knew you growing up, we say, Yeah, that's him, You know, that's that's Bob or whatever And that's that's all, really. The weather trust is it's
It's not a specific, like individual authority saying Hey,
we verified through documents and everything that this is the entity. It's kind of everyone else saying the Yeah, this is the entity based on what we know.
So here's an example of a publicly infrastructure in place. So, for example, and I'm visiting a website and, you know, you're you're telling me Yeah, this is me. And then I basically verify the certificate. So the registration authority, they basically go, they go to you
and they say, Okay, you know, we we need to verify who you are, so they do now and then The certificate of authority issues this certificate for you on. Then you've got the route certificate that issues a certificate to the sort of certificate authority, so that portion there will make a little more sense when we do the lab video after this
on again, it's not really a lab. It's just me showing you what that looks like.
So email encryption. So we've got a couple things and email encryption. Now, when I do want to point out that S s l really isn't in use anymore that's been taken out. And we've got till last using Web browsers now to go to different websites. But anyways, digital signature we should we talked about earlier. So a d s a digital signature algorithm.
SSL secure sockets layer again. That used to be a protocol in use
until that attack called poodle came out and where they were able to ah, basically attacked the block ciphers on on a CSL,
um, and then transport layer security. So that's kind of what's out now. And you've got you've got T l s 1.3 out. But most
most providers are still allowing Teel Teel less more point to you. So backwards compatible. There's some issues with compatibility and stuff like that. But T l s is kind of the new one out there to use.
So as I mentioned t l s. And that's kind of the one we're focused on. 1.2 gives you shot 2 56 then it also removed backwards compatibility for the secure sockets layer.
And then now, with T l s 1.3 removed support for some weaker things like MD five and shot 2 24 for the hashing. And it also removed the weaker elliptical curves
PGP or pretty good privacy. Now, now, probably for your exam. You just need to know, you know, general general information about what it is and what that stands for when you if you see, like, PGP out there anyway, so it gives you and end encryption and email, and that's kind of the primary use for it. But you've also got the open Petey PGP standards. What follows
and the latest RC on that The size of the filming
is our C 48 80. So good Read that if you want to
hashing, it covers hashing. And so basically it gives you multiple things. So you hashing they need to data compression uses a symmetric key. So again, that's that same key for encrypting and decrypting. And then also it does asymmetric, where we have a public and private key
so open SSL is a tool and that we can use for
encryption essentially so it could be used for email encryption as well. That's a free tool so you could go to this website and check it out.
Then you've also got keys are which here's a *** have paid for that as well. Just another tool for cryptography. And then also the semantic or other vendors offer various tools for encrypting and point or endpoint security.
We've also got for the pretty good privacy aspect of it. We've got a free tool that's out there. The G m you privacy guard, So definitely go check that out as well. That's another free tool out there, and they're awesome. Paid things as well. Like semantic A swell.
So Diskant option. Full disk encryption is kind of the term you'll hear thrown out there. And generally, if you work at a corporation, the laptops were gonna have disc unclipped in on them. And depending on whatever tool they happen to be using, I think some people using bit locker most most places I know are using, like, very cryptic stuff like that.
So basically it's giving every single bit of data is gonna be encrypted, not won't think, with most of the tools out there at least a majority that I've seen. I mean, there are some tools that offer like,
you know, total encrypting of the master book record or equivalent area. But most many of the tools out there don't actually encrypt those particular areas, so they encrypt like all your actual data. But the Master Bruce Records stuff are not encrypted.
So as I mentioned, ofher crypt is one encryption tool. And then also, we have a semantic drive encryption, which is a pay tool so very crept. Here's the website for that. You can just go check it out there again. It's free, and it's ah, it works pretty decent.
And of course, I mentioned a semantic drive encryption as well. That's that's part of, like, they're endpoint security suite or whatever. So it is paid and you see the U. S. Price right there as the has in the filming of this video.
So in the next video, as I mentioned, I'm gonna just kind of show you a little example of ah p k i r. Or at least in the concept of looking at security certificate from a Web page and just talk about some of the different areas, and then following that, we're gonna jump into a crypt analysis lecture
along with some of the different taps on cryptography,
and then, after that video will move into our actual lab.