# Common Asymmetric Algorithms

Video Activity
Join over 3 million cybersecurity professionals advancing their career
or

Difficulty
Video Transcription
00:00
>> Now that we've talked about
00:00
how asymmetric algorithms work,
00:00
let's talk a little bit more about some of
00:00
the specific asymmetric algorithms
00:00
and how we're going to use them.
00:00
I had mentioned earlier we'd seen
00:00
a list of the common symmetric algorithms.
00:00
Certainly, those are not
00:00
the only symmetric algorithms in the world,
00:00
and these are not the only
00:00
asymmetric algorithms in the world.
00:00
But these would be the ones that I would
00:00
expect would come up on the exam.
00:00
We have DSA, RSA,
00:00
ECC, El Gamal,
00:00
Diffie-Hellman, and Knapsack.
00:00
What I would expect you to be able to
00:00
do is to look at a list of
00:00
algorithms and pick these six
00:00
out and say those are asymmetric.
00:00
That can be tricky because they were like 10,
00:00
15 symmetric algorithms to memorize.
00:00
Here, an additional six that are asymmetric.
00:00
Let me show you just a little trick.
00:00
What I would do is I would
00:00
memorize the algorithms that are asymmetric.
00:00
If they're not asymmetric,
00:00
then they're probably symmetric.
00:00
Don't forget, you still have
00:00
00:00
like MD5 and SHA1, but that's okay.
00:00
Those are Message Digest 5,
00:00
Secure Hash Algorithm, SHA1.
00:00
Those are okay, you can remember those as hashing.
00:00
But if you'll remember the list of
00:00
asymmetric algorithms and the algorithm
00:00
you're being quizzed with isn't there,
00:00
then assume it's symmetric.
00:00
The way I would remember
00:00
which algorithms are asymmetric,
00:00
and this is totally ridiculous,
00:00
but I would use the buddy system.
00:00
Here's what I mean by that.
00:00
00:00
one of the things that I would recommend you just
00:00
jotting down on a sheet of scrap paper is,
00:00
which algorithms are asymmetric?
00:00
Then again, if it's not there, it's symmetric.
00:00
To remember which algorithms are symmetric,
00:00
each algorithm has a buddy,
00:00
each algorithm has a friend.
00:00
The first two buddies are the SA brothers, RSA and DSA.
00:00
Those are your first two buddies,
00:00
RSA, DSA, SA brothers.
00:00
00:00
have ECC and El Gamal.
00:00
El Gamal and ECC,
00:00
00:00
The last two asymmetric algorithms
00:00
you need to remember, are Diffie-Hellman and Knapsack.
00:00
It may seem a little odd that those two are buddies.
00:00
But Diffie-Hellman is frequently abbreviated DH.
00:00
When you see DH, it's almost
00:00
assuredly talking about the Diffie-Hellman algorithm.
00:00
An old friend of mine used to refer to
00:00
that algorithm as the Doogie Howser algorithm.
00:00
For those of you that have missed this fine piece of
00:00
quality American television programming,
00:00
Doogie Howser was a series in the,
00:00
I can't remember, '80s or '90s,
00:00
something where Neil Patrick Harris
00:00
starred as a 13-year-old brain surgeon.
00:00
His name was Doogie Howser.
00:00
I don't know which would be more offensive to
00:00
me as having a 13-year-old surgeon,
00:00
come in and introduce himself
00:00
or him telling me his name is Doogie.
00:00
I think that would be a problem also.
00:00
But anyway, so Neil Patrick Harris,
00:00
13-year-old brain surgeon's name was Doogie Howser.
00:00
At the beginning of each show,
00:00
during the opening credits,
00:00
he would come in and he would have his backpack or
00:00
his knapsack that he put into his locker.
00:00
Doogie Howser has knapsack and
00:00
that's how you remember those two are buddies.
00:00
As ridiculous as it is, just close your eyes.
00:00
00:00
Who are my first two buddies?
00:00
They are the SA brothers,
00:00
RSA and DSA. Who are the next two?
00:00
ECC and El Gamal,
00:00
00:00
Who are my last two buddies?
00:00
You will never forget,
00:00
Doogie Howser and his knapsack,
00:00
also known as Diffie-Hellman and his Knapsack.
00:00
Now we're going to talk about what
00:00
these algorithms do because
00:00
each one has a different function, in just a second.
00:00
But for now, just being
00:00
able to put those on a sheet of paper.
00:00
Let me ask you, once you do that,
00:00
is AES symmetric or asymmetric?
00:00
Once not on this list,
00:00
it must be symmetric.
00:00
00:00
Not on this list, must be symmetric.
00:00
What about ECC? That's on this list.
00:00
That's an asymmetric algorithm.
00:00
00:00
00:00
00:00
00:00
Symmetric. If you can just
00:00
get down on a sheet of paper
00:00
these six asymmetric algorithms,
00:00
well, then you're going to have a leg
00:00
up on questions that are
00:00
going to require you to know whether
00:00
an algorithm is symmetric or asymmetric.
00:00
If it's not in this list, then it's symmetric.
00:00
But let's just talk about a couple of these
00:00
because they have specific interest for us.
00:00
RSA is the first one that we're going to talk about.
00:00
It's named for the gentlemen
00:00
that worked together to create this algorithm.
00:00
Ron Rivest, and we have Adleman and
00:00
Shamir and they came together
00:00
to develop this algorithm called RSA.
00:00
It replaced an older algorithm called DSA,
00:00
which was the Digital Signature Algorithm.
00:00
For today,
00:00
the current standard for digital signatures is RSA.
00:00
When we talk about that piece of a digital signature,
00:00
where the hash is encrypted with
00:00
the sender's private key,
00:00
it's RSA that's providing that encryption.
00:00
Really important. RSA is your guy
00:00
>> for digital signatures.
00:00
>> The other thing that's important or
00:00
relevant to us about RSA is,
00:00
it uses a unique trap-door
00:00
>> feature called factorization.
00:00
>> The relationship between the public
00:00
>> and private keys with
00:00
>> RSA is based on the idea that
00:00
it's very easy to take
00:00
two huge prime numbers and multiply them together.
00:00
If I gave you a calculator right now,
00:00
you can take those numbers and multiply them together.
00:00
However, when you look at the result,
00:00
it is incredibly difficult to figure out what
00:00
two prime numbers were multiplied
00:00
together to get that result.
00:00
It's easy to multiply them together,
00:00
but to look at the result and
00:00
factor out the possibilities,
00:00
that is incredibly time-consuming.
00:00
That's the secret of the relationship between the keys.
00:00
The big things to remember for RSA,
00:00
digital signatures and that it uses factorization.
00:00
Diffie-Hellman, a.k.a, Doogie Howser,
00:00
is important because it was
00:00
our first asymmetric algorithm and
00:00
came out in the late '70s, I believe.
00:00
00:00
secure key-agreement without pre-shared secrets.
00:00
What is Diffie-Hellman for?
00:00
Diffie-Hellman helps two communicating parties
00:00
agree upon a key.
00:00
The key that they agree upon will
00:00
be their symmetric key that
00:00
>> they use for data encryption.
00:00
>> What's actually going to happen here is
00:00
Diffie-Hellman is going to come out
00:00
and do asymmetric key-agreement,
00:00
once the key's agreed upon,
00:00
then symmetric data encryption can happen.
00:00
That's a little spoiler for
00:00
later because that's what we want.
00:00
We're going to use asymmetric cryptography to make sure
00:00
both communicating parties have the same symmetric key.
00:00
Because remember, with symmetric cryptography,
00:00
key exchange is the hard part.
00:00
If we use an asymmetric algorithm
00:00
to go out and get the keys distributed,
00:00
then we can communicate with
00:00
that good fast symmetric cryptography
00:00
that we want to use in the first place.
00:00
Diffie-Hellman was the first algorithm
00:00
that did that for us.
00:00
It gives us secure key-agreement
00:00
without having to send anything
00:00
sensitive across the network.
00:00
We also have our friend, ECC,
00:00
which stands for Elliptical Curve Cryptography.
00:00
Its math is based on plotting points along the curve.
00:00
It is a really efficient algorithm
00:00
and it can provide good,
00:00
strong security, but only for
00:00
>> very small amounts of data.
00:00
>> This might be used for encryption of keys.
00:00
Just like we saw, Diffie-Hellman can be used
00:00
for key exchange or key-agreement,
00:00
this can be used for key exchange,
00:00
can be used for digital signatures as well.
00:00
But I want you to primarily focus on using ECC as being
00:00
the algorithm for use with
00:00
handheld devices like our smart phones,
00:00
our smart watches,
00:00
these devices that need encryption,
00:00
but don't have the same degree of
00:00
processing capability that you would have on a desktop,
00:00
or a server, or a larger scale computer.
00:00
That's the big testable piece about ECC,
00:00
is elliptical curve cryptography algorithms
00:00
are used for devices that don't
00:00
have a lot of power capabilities.
00:00
00:00
and figured out how all the pieces work together,
00:00
and then we talked about how we get privacy,
00:00
authenticity, integrity, and non-repudiation.
00:00
Last but not least,
00:00
we looked at some of the common asymmetric algorithms,
00:00
and just wrapped up with the function of each of those.
Up Next
Symmetric vs. Asymmetric Review
Hybrid Cryptography
Public Key Infrastructure
MACs (Message Authentication Codes)
How It All Fits Together