Time
5 hours 49 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Transcription

00:01
Hello, everybody. And welcome to the I T Security Episode Number 20 Asymmetric Algorithms. My name is on HMS Regina and I'll be instructor for today's session.
00:13
Learning our objectives is to understand and be able to identify the main concept off asymmetric algorithms.
00:23
Well, here we have again, Bob and Alice,
00:31
Uh, this time they also want Thio interchange, you know, exchange a message, you know,
00:38
but wants to say hello.
00:45
The problem is that hacking. We exchanged that. You know, if we already said that symmetric kiss I did, I did.
00:55
I didn't need to have a key right here in the exact same key right here.
01:00
How can we distribute that over the Internet securely? That's a challenge. And that's a problem. And what will happen if there's an alley stirs up Jennifer, there's I don't know anyone else, you know, a rough. You know, Josh, Josh, Joseph
01:19
and all the names you can think of.
01:22
And there's 500 police. We already did the math with 50 employees, and the keys were neat because needed for that were over 1000 over 1000 case needed for that. So
01:36
this becomes impractical off course. So this is where asymmetric kids comes into play and comes to save the day
01:44
s human asymmetric ease. You need a pair of kisses or a keeper as well as we know it. We have a public ing
01:53
which is known, but everybody in the world I don't care who knows this key. In fact, most business
02:01
pulling this keys publicly are even sending over their personal e mails. Or, you know, they put that in the web page because people needs to have this in order to decrypt the information. And we have the private key
02:21
and this key, this is the key. You, me too safe.
02:24
This G needs to be known on Lee. And when I say on Lee, I really mean on Lee by you but yourself, If this key is compromised the private key, the entire concept goes down. If this case compromised again, confidentially cannot be longer guaranteed
02:44
because, you know, we'll see right now.
02:46
So as we said this this is a keeper
02:53
and in for this scenario, Bob has a full icky
03:01
and in private key.
03:05
And all is also has a different pulling key
03:10
and a different brother Qi,
03:14
meaning that they both her. They will have different keepers.
03:19
Okay, it's not the same in any case.
03:24
Okay, having said that, how do you things?
03:29
We can use this to communicate if we have different kiss. So as well as I told you the beginning. One key is used to encrypt, and one key is used to decrypt, since we cannot share any information or the private key itself with anybody,
03:46
weaken douceur pulling the public is. So
03:51
what about us here is that it sends in a clear decks. It doesn't matter that playing email an encryption to share this holy cave. And this is where the magic of asymmetric Ace Metal case comes into play. Because, as we said before,
04:06
with one of the problems with symmetric case, was that How can I? Sure,
04:11
Mikey securely with anybody you know over the Internet, and I can freely send my pulling key
04:21
too. Well, Bob sense it's bullock it to two olives and in return, Ali's sense hair polic e to Bob without any issues. It doesn't matter. It's for Kiefer. The malicious guy we saw before is here in the middle.
04:39
No, angry is always.
04:42
It doesn't matter if it's still the data here or the data here? It doesn't matter. I don't care why. Because at the end, uh,
04:51
if I need to communicate with both securely, I, for example,
04:57
in this case, bumps need to send hello to all this. Okay, so but we'll use the pulley key
05:03
that I was sure. And he will send a message encrypt once I create the hello message
05:12
with Alice is pulling key.
05:15
And I have a result in our ABC.
05:19
So we see
05:20
12 tree. Once it becomes encrypted, the only way to decrypt it is with Alice is private Keefe.
05:30
Meaning that as I told you at the beginning, I can not sure in this case with anybody else. So once I send this message to Alice, all this can use her private key and decrypted into hello again.
05:44
So as you can see, it doesn't matter that this guy right here intercepted this message and this message because he doesn't have the private key. And what in since that it doesn't have the private key cannot decrypt that message. And that's the magic and beauty off off symmetric kiss.
06:01
And as you can imagine as well, I don't need to that formula, which you know to calculate how many keys
06:08
we're needing. The formula, remember, for symmetric is work and multiply. But by and mine's one all this debate of it too and these, you know, increase exponentially. And that was problem for us right now if I have, ah, enough again the example. 50 employees.
06:27
I just need to multiply this by two,
06:30
and I have the answer. I need 10 years. I'm sorry, 100 kids to communicate, to imprint information between 50 employees. That's another advantage off Sim entry, asymmetric is
06:46
and the main disadvantage off symmetric kiss as well.
06:50
His performance.
06:51
Remember that this was the bandage off. Symmetric is well, it happens to
06:58
Well, it happens that this is the disadvantage of asymmetric kiss.
07:03
So
07:05
as you can see
07:08
what it would be, what what is actually an advantage off of this of this Metro kiss is the disadvantage of the asymmetric case. And what is that disadvantage? Asymmetric kiss is an advantage of symmetry kids, so you know there's a way we can actually use both, and we'll see that
07:26
in the upcoming modules.
07:29
But that's the point.
07:30
Asymmetric is came to save the day and how we can sure tha keys among the user's. I mean, we don't need to worry about because we already have a pool. Keep
07:42
there. And since Thea other, the other person did ensure it's for his private key. With anybody else, we can be sure that the information will remain confident, confidential, Since, you know, as I encrypted the key with the receivers totally key,
07:59
the receiver can actually decrypting would only by using its private key,
08:03
which wasn't sure with anybody else. It also reduces the number of kids needed to communicate in the large organizations are large
08:13
amount of users. You know the problem with that performance, which is has a poor performance compared with the symmetric kiss? You know we have. We have those two options. We need to decide which one to use. Depending on the scenario we're dealing with
08:31
how many asymmetric gifts are needed in business with some 155 employees will remember that the form that was really simple, which was an multiply by two.
08:43
So we have, um,
08:45
some 155 employees just moved it blind out, and you will have the answer
08:50
what's the best advantage of using asymmetric kiss? Well, way have. We don't need to worry about the keys quantity because we already know that
09:01
it will be sure. I mean, compare, of course, with this metric kiss. So that's the one of the best that just the other advantages that we don't need to worry about, how we will share the the keys amongst the user's because we can, freely, without any worries, assure the public key
09:20
with anybody. We can actually even bows it on enough to be or http server.
09:24
It doesn't matter.
09:28
Name this advantage using asymmetric kiss. All the performance is really poor, especially if the size is huge to that. That's the disadvantage. Asymmetric kiss
09:41
all in today's beautiful reflection. We talk about the main concepts off asymmetric kiss
09:50
again. The fence publication. Nothing new here. Just go and you will see a lot of information off the cryptographic algorithm.
09:58
Uh, the next video will cover the cryptographic. Hash is functions. Well, that's it for today, folks. Thank you for watching and talk to you soon.

Up Next

IoT Security

This IoT Security training is designed to help IT professionals strengthen their knowledge about the Internet of Things (IoT) and the security platforms related to it. You’ll also be able to identify the security, privacy and safety concerns related to the implementation of an IoT infrastructure.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor