# Algorithms and Keys

Video Activity

Join over 3 million cybersecurity professionals advancing their career

Sign up with

Required fields are marked with an *

or

Already have an account? Sign In »

Time

15 hours 43 minutes

Difficulty

Advanced

CEU/CPE

16

Video Transcription

00:00

>> In continuing on exploring

00:00

the elements of that conceptual formula

00:00

I gave you a little bit ago,

00:00

where we said plain text plus an

00:00

initialization vector and algorithm and a key,

00:00

will give you ciphertext.

00:00

In the last section, we talked about

00:00

initialization vector.

00:00

Let's go ahead and take a look at

00:00

the algorithms and the key.

00:00

Two separate pieces here,

00:00

the algorithm itself and then

00:00

the key that's going to help us

00:00

figure out how to use the algorithm.

00:00

Now, if you take a look at this particular screen,

00:00

I have some math functions

00:00

here in the middle of the screen.

00:00

Now I don't know if I've mentioned to you all,

00:00

but I grew up in North Carolina,

00:00

which means a Greensboro, North Carolina specifically,

00:00

which means I am the proud product

00:00

of the North Carolina Public

00:00

School System,36 then the nation baby,

00:00

that is our claim to fame, go North Carolina.

00:00

What that means is out of

00:00

all my years in the North Carolina Public School System,

00:00

what you see on the screen, these functions,

00:00

this is the only math I've learned.

00:00

It's the only math I can perform.

00:00

I can take any number and add two,

00:00

I can take any number and subtract two.

00:00

I can take any number and multiply

00:00

by two, divide by two.

00:00

I can raise to the power of two,

00:00

or I can take the square root of,

00:00

but there is nothing else I can do.

00:00

These are the math functions I can perform.

00:00

That is Kelly's algorithm.

00:00

Kelly's algorithm contains a set

00:00

of math and when you think about it,

00:00

everything that we do with our computer systems

00:00

all comes down to numbers, ones and zeros.

00:00

Many algorithms will take

00:00

these ones and zeros, these numbers,

00:00

chunk them into sets called block and

00:00

each block is put through a series of

00:00

math functions or substitution happens.

00:00

I take this value and I raise it to the power of two,

00:00

I get a new value to replace, to substitute with.

00:00

Basically, this stream of characters,

00:00

all of these ones and zeros chunked into blocks.

00:00

Each of these math functions is usually

00:00

referred to as an S box,

00:00

not an X box,

00:00

but an S box substitution box.

00:00

That at each substitution box,

00:00

some math function is performed.

00:00

With my algorithms,

00:00

algorithms should be strong and complex.

00:00

If for instance, if you look at the screen,

00:00

my math function is not strong,

00:00

not a lot of complexity there.

00:00

Kelly's algorithm would be broken in

00:00

a matter of seconds if even that long,

00:00

I need good, strong math.

00:00

I need complexity in my math.

00:00

As a matter of fact,

00:00

there was a gentleman named

00:00

Kirchhoff, I forget what his first name is,

00:00

but there's Kirchhoff's principle that says,

00:00

make your algorithms open.

00:00

You know why? Because maybe somebody that

00:00

wasn't from the North Carolina Public School System

00:00

could come in and say,

00:00

this is weak map.

00:00

Let's make it a little stronger.

00:00

Let's add these variables and let's increase

00:00

the complexity by adding

00:00

these functions and these features.

00:00

Kirchhoff's principle says, if

00:00

you make your algorithms open,

00:00

you get peer review.

00:00

You get the strength of the cryptographic community.

00:00

Not only can they break your algorithms,

00:00

but they'll put it back together much

00:00

stronger and that's desirable.

00:00

Remember, ISC square favors openness on the exam.

00:00

I think what you'll see is a real trend on

00:00

the exam that if you have to choose between

00:00

a proprietary algorithm where the vendor

00:00

hides the math versus an open algorithm,

00:00

they're almost always going to choose the open algorithm

00:00

as being the desirable option.

00:00

The math functions, that's your algorithm.

00:00

Now, which math function to use?

00:00

In what order?

00:00

How many math functions to use?

00:00

That's all determined by the key.

00:00

Go to function 1, then function 3,

00:00

then function 6,

00:00

then function 5, then function 1.

00:00

That's what the key indicates.

00:00

Now we have to make sure our key is

00:00

random and it can't just be function 1.

00:00

Our key has to be protected because that's the secrecy.

00:00

Earlier when we talked about secrets being exchanged,

00:00

we were really talking about the key.

00:00

The key is the secret on how to use

00:00

the math and especially

00:00

with Kirchhoff's principle in place.

00:00

Remember Kirchhoff said, let the algorithm be made known.

00:00

Well, if the algorithm is known,

00:00

then you absolutely better secure the key.

00:00

The key should be protected and the key should be long.

00:00

But how long? Long enough,

00:00

meaning the key should be long enough to

00:00

provide the adequate security

00:00

that you need based on the value of the asset.

00:00

But it also has to be weighed against

00:00

the hits to performance because the longer your key,

00:00

the slower the algorithm or

00:00

the longer the encryption process will take.

00:00

Just like everything, it's that

00:00

balance security versus performance.

00:00

Your key should be long enough.

00:00

In this section, just to review again,

00:00

we talked about starting with plain text.

00:00

Last video covered initialization vector.

00:00

This one covered algorithms and keys.

00:00

We focused on how they all work

00:00

together to provide us with encryption.

00:00

Make sure you're solid with

00:00

those terms because as we move forward into

00:00

the next set of sections of next set of videos,

00:00

we're going to continue to use

00:00

these terms and just build on them.

Up Next

Instructed By

Similar Content