Common Asymmetric Algorithms

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Now that we've talked about
00:00
how asymmetric algorithms work,
00:00
let's talk a little bit more about some of
00:00
the specific asymmetric algorithms
00:00
and how we're going to use them.
00:00
I had mentioned earlier we'd seen
00:00
a list of the common symmetric algorithms.
00:00
Certainly, those are not
00:00
the only symmetric algorithms in the world,
00:00
and these are not the only
00:00
asymmetric algorithms in the world.
00:00
But these would be the ones that I would
00:00
expect would come up on the exam.
00:00
We have DSA, RSA,
00:00
ECC, El Gamal,
00:00
Diffie-Hellman, and Knapsack.
00:00
What I would expect you to be able to
00:00
do is to look at a list of
00:00
algorithms and pick these six
00:00
out and say those are asymmetric.
00:00
That can be tricky because they were like 10,
00:00
15 symmetric algorithms to memorize.
00:00
Here, an additional six that are asymmetric.
00:00
Let me show you just a little trick.
00:00
What I would do is I would
00:00
memorize the algorithms that are asymmetric.
00:00
If they're not asymmetric,
00:00
then they're probably symmetric.
00:00
Don't forget, you still have
00:00
to know your hashing algorithms
00:00
like MD5 and SHA1, but that's okay.
00:00
Those are Message Digest 5,
00:00
Secure Hash Algorithm, SHA1.
00:00
Those are okay, you can remember those as hashing.
00:00
But if you'll remember the list of
00:00
asymmetric algorithms and the algorithm
00:00
you're being quizzed with isn't there,
00:00
then assume it's symmetric.
00:00
The way I would remember
00:00
which algorithms are asymmetric,
00:00
and this is totally ridiculous,
00:00
but I would use the buddy system.
00:00
Here's what I mean by that.
00:00
Before you start your test,
00:00
one of the things that I would recommend you just
00:00
jotting down on a sheet of scrap paper is,
00:00
which algorithms are asymmetric?
00:00
Then again, if it's not there, it's symmetric.
00:00
To remember which algorithms are symmetric,
00:00
each algorithm has a buddy,
00:00
each algorithm has a friend.
00:00
The first two buddies are the SA brothers, RSA and DSA.
00:00
Those are your first two buddies,
00:00
RSA, DSA, SA brothers.
00:00
Your next two buddies both start with E. You
00:00
have ECC and El Gamal.
00:00
El Gamal and ECC,
00:00
they both start with E. That's my second group.
00:00
The last two asymmetric algorithms
00:00
you need to remember, are Diffie-Hellman and Knapsack.
00:00
It may seem a little odd that those two are buddies.
00:00
But Diffie-Hellman is frequently abbreviated DH.
00:00
When you see DH, it's almost
00:00
assuredly talking about the Diffie-Hellman algorithm.
00:00
An old friend of mine used to refer to
00:00
that algorithm as the Doogie Howser algorithm.
00:00
For those of you that have missed this fine piece of
00:00
quality American television programming,
00:00
Doogie Howser was a series in the,
00:00
I can't remember, '80s or '90s,
00:00
something where Neil Patrick Harris
00:00
starred as a 13-year-old brain surgeon.
00:00
His name was Doogie Howser.
00:00
I don't know which would be more offensive to
00:00
me as having a 13-year-old surgeon,
00:00
come in and introduce himself
00:00
or him telling me his name is Doogie.
00:00
I think that would be a problem also.
00:00
But anyway, so Neil Patrick Harris,
00:00
13-year-old brain surgeon's name was Doogie Howser.
00:00
At the beginning of each show,
00:00
during the opening credits,
00:00
he would come in and he would have his backpack or
00:00
his knapsack that he put into his locker.
00:00
Doogie Howser has knapsack and
00:00
that's how you remember those two are buddies.
00:00
As ridiculous as it is, just close your eyes.
00:00
Humor me. Close your eyes.
00:00
Who are my first two buddies?
00:00
They are the SA brothers,
00:00
RSA and DSA. Who are the next two?
00:00
ECC and El Gamal,
00:00
they both start with Es.
00:00
Who are my last two buddies?
00:00
You will never forget,
00:00
Doogie Howser and his knapsack,
00:00
also known as Diffie-Hellman and his Knapsack.
00:00
Now we're going to talk about what
00:00
these algorithms do because
00:00
each one has a different function, in just a second.
00:00
But for now, just being
00:00
able to put those on a sheet of paper.
00:00
Let me ask you, once you do that,
00:00
is AES symmetric or asymmetric?
00:00
Once not on this list,
00:00
it must be symmetric.
00:00
What about IDEA?
00:00
Not on this list, must be symmetric.
00:00
What about ECC? That's on this list.
00:00
That's an asymmetric algorithm.
00:00
What about Skipjack?
00:00
Symmetric. What about Blowfish?
00:00
Symmetric. What about Twofish?
00:00
Symmetric. What about Triple DES?
00:00
Symmetric. If you can just
00:00
get down on a sheet of paper
00:00
these six asymmetric algorithms,
00:00
well, then you're going to have a leg
00:00
up on questions that are
00:00
going to require you to know whether
00:00
an algorithm is symmetric or asymmetric.
00:00
If it's not in this list, then it's symmetric.
00:00
But let's just talk about a couple of these
00:00
because they have specific interest for us.
00:00
RSA is the first one that we're going to talk about.
00:00
It's named for the gentlemen
00:00
that worked together to create this algorithm.
00:00
Ron Rivest, and we have Adleman and
00:00
Shamir and they came together
00:00
to develop this algorithm called RSA.
00:00
It replaced an older algorithm called DSA,
00:00
which was the Digital Signature Algorithm.
00:00
For today,
00:00
the current standard for digital signatures is RSA.
00:00
When we talk about that piece of a digital signature,
00:00
where the hash is encrypted with
00:00
the sender's private key,
00:00
it's RSA that's providing that encryption.
00:00
Really important. RSA is your guy
00:00
>> for digital signatures.
00:00
>> The other thing that's important or
00:00
relevant to us about RSA is,
00:00
it uses a unique trap-door
00:00
>> feature called factorization.
00:00
>> The relationship between the public
00:00
>> and private keys with
00:00
>> RSA is based on the idea that
00:00
it's very easy to take
00:00
two huge prime numbers and multiply them together.
00:00
If I gave you a calculator right now,
00:00
you can take those numbers and multiply them together.
00:00
However, when you look at the result,
00:00
it is incredibly difficult to figure out what
00:00
two prime numbers were multiplied
00:00
together to get that result.
00:00
It's easy to multiply them together,
00:00
but to look at the result and
00:00
factor out the possibilities,
00:00
that is incredibly time-consuming.
00:00
That's the secret of the relationship between the keys.
00:00
The big things to remember for RSA,
00:00
digital signatures and that it uses factorization.
00:00
Diffie-Hellman, a.k.a, Doogie Howser,
00:00
is important because it was
00:00
our first asymmetric algorithm and
00:00
came out in the late '70s, I believe.
00:00
Here's the phrase about Diffie-Hellman;
00:00
secure key-agreement without pre-shared secrets.
00:00
What is Diffie-Hellman for?
00:00
Diffie-Hellman helps two communicating parties
00:00
agree upon a key.
00:00
The key that they agree upon will
00:00
be their symmetric key that
00:00
>> they use for data encryption.
00:00
>> What's actually going to happen here is
00:00
Diffie-Hellman is going to come out
00:00
and do asymmetric key-agreement,
00:00
once the key's agreed upon,
00:00
then symmetric data encryption can happen.
00:00
That's a little spoiler for
00:00
later because that's what we want.
00:00
We're going to use asymmetric cryptography to make sure
00:00
both communicating parties have the same symmetric key.
00:00
Because remember, with symmetric cryptography,
00:00
key exchange is the hard part.
00:00
If we use an asymmetric algorithm
00:00
to go out and get the keys distributed,
00:00
then we can communicate with
00:00
that good fast symmetric cryptography
00:00
that we want to use in the first place.
00:00
Diffie-Hellman was the first algorithm
00:00
that did that for us.
00:00
It gives us secure key-agreement
00:00
without having to send anything
00:00
sensitive across the network.
00:00
We also have our friend, ECC,
00:00
which stands for Elliptical Curve Cryptography.
00:00
Its math is based on plotting points along the curve.
00:00
It is a really efficient algorithm
00:00
and it can provide good,
00:00
strong security, but only for
00:00
>> very small amounts of data.
00:00
>> This might be used for encryption of keys.
00:00
Just like we saw, Diffie-Hellman can be used
00:00
for key exchange or key-agreement,
00:00
this can be used for key exchange,
00:00
can be used for digital signatures as well.
00:00
But I want you to primarily focus on using ECC as being
00:00
the algorithm for use with
00:00
handheld devices like our smart phones,
00:00
our smart watches,
00:00
these devices that need encryption,
00:00
but don't have the same degree of
00:00
processing capability that you would have on a desktop,
00:00
or a server, or a larger scale computer.
00:00
That's the big testable piece about ECC,
00:00
is elliptical curve cryptography algorithms
00:00
are used for devices that don't
00:00
have a lot of power capabilities.
00:00
We talked about asymmetric cryptography
00:00
and figured out how all the pieces work together,
00:00
and then we talked about how we get privacy,
00:00
authenticity, integrity, and non-repudiation.
00:00
Last but not least,
00:00
we looked at some of the common asymmetric algorithms,
00:00
and just wrapped up with the function of each of those.
Up Next