Time
10 hours 32 minutes
Difficulty
Beginner
CEU/CPE
11

Video Transcription

00:01
Welcome back. I'm wrong, Warner.
00:03
This is the second video in section 6.2 on explaining cryptographic algorithms and their basic characteristics.
00:12
In Part one, I talked about obfuscation, symmetric algorithms
00:16
and seif remote.
00:19
In this video we'll talk about asymmetric or public private key algorithms,
00:25
hashing algorithms and then key stretching algorithms.
00:30
Recall from section 6.1 videos where I talked about A S advanced encryption standards. Advanced encryption standard or A S uses two keys, one to encrypt and want to decrypt thes two keys are mathematically related explained how in this video,
00:48
use a public private key encryption were you encrypt a message with the recipients Public key on Lee. The recipient can decrypt it using his or her private key
01:03
because of the extra overhead generated by using two keys for encryption and decryption asymmetric algorithm. Algorithms require more resources than symmetric algorithms.
01:14
As a result, these algorithms are primarily used for digital signatures and for the secure exchange of a shared key that is used by symmetric algorithms
01:26
for security. Plus, you need to be aware of the different asymmetric algorithms in use.
01:30
Most well known is our essay in Fort of the three inventors, Rive est Shamir and adamant
01:38
it's used for he exchange and for digital signatures where the key congee any length.
01:44
The algorithm works by multiplying two large prime numbers to generate the public. He and the private key,
01:52
which are two different numbers that are mathematically related. But because you know the public heat does not mean you can derive the private key.
02:01
Diffie, Hellman Key Exchange, or D H, works with two parties without prior arrangement. They can agree on that secret key known only to those two parties, so it solves the challenge of key exchange. It's on. Lee used to generate a shared key, not the encryption,
02:21
that key and then be safely and secretly shared on a public Internet such as the Internet. Diffie Hellman Ephemeral uses a different key for every conversation
02:32
and supports perfect forward secrecy.
02:36
Recall that term from section 6.1.
02:39
Other common asymmetric algorithms you may encounter are elliptical Curve Cryptography Album out
02:47
Elliptical curve Cryptography is a technique using elliptical curves, so advanced math to calculate simple but difficult to break encryption keys.
02:59
It uses a smaller key sizes to obtain the same level of security.
03:04
Their 401 160 bit E. C. C. Equals 10 24 bit R s. A
03:10
more efficient,
03:12
elliptical curve. Diffie Hellman Ephemeral combines a lot of these variant of the D. E A, G and E C C, also allowing for perfect forward secrecy.
03:25
Mother asymmetric algorithm is El Gamal. It's an extension to the defeat helmet, using an ephemeral key
03:34
last when you should be aware of, is pretty good. Privacy, also known as New Privacy Guard, was developed by Phil Zimmerman in the early 19 nineties to protect email using public private keys
03:47
used to encrypt email messages as well as proved the sender through digital signatures.
03:55
Be familiar with each of these asymmetric algorithms
04:00
recall from Section six that one. We also talked about hashing
04:05
while diving deeper into the hashing algorithms. But let's provide a quick review. So hash is that a digital fingerprint, if you will, it's a unique value. Works by taking a string of any length and creating a fixed length string for the output that'll be always unique, depending on the
04:26
the input strength,
04:28
changing the original changes, the hash value.
04:31
The originator will take the hash of the file and provides that hash to the receiver
04:38
receiver, then can take the hash of the file and compares it with the original usedto
04:44
sure file integrity.
04:47
There are multiple hashing algorithms in use and need to be familiar with for security. Plus,
04:54
the first is secure hash algorithm or Shaw There. Three primary variants. Shaw one shot, two shot. Three. It was developed by the United States National Security Agency and Essay
05:08
Shaw. One generates 100 and 60 bit hash from any variable length string of data
05:14
shot to also known as shot. 2 24 Shot to 56. Shot 3 84 and shot 5 12
05:21
based on their digest lengths,
05:25
Shaw three was published in 2012 and it's not really widely used yet.
05:30
MD or Message Digest Algorithm. Empty 24 and five
05:36
Maybe one of the most widely known hashing functions
05:41
produces a 16 bite hash value. Usually expressed as a 32 digit Hexi decimal number.
05:48
It's considered compromised. Rainbow tables have been published, which allow people to reverse empty five hashes
05:56
made with without good salt.
05:58
It's also known hash collisions associated with a different message Digest hashing algorithms.
06:04
Here's an example
06:06
on the screen is a sample of a file actually this power point that created for this video
06:14
with the different hashing algorithms applied to that file, you can see the different output, depending on the hashing algorithm.
06:21
MD five has a specific output, which is different than the Shaw one shot to 56 shot 5 12
06:29
The output is the number of bits that is produced by that hashing algorithm.
06:34
You can try this at home, and I recommend you do
06:39
other areas of hashing. You need to be familiar with
06:42
our Mac H Mac and race. Let me talk about each
06:47
a message. Authentication code or Mac provides for authentication of the message and works like a hash used to detect tampering.
06:57
The Mac is a small piece of data, known as the authentication tag that is derived by combining a message or file with a secret key.
07:04
A Mac is generated and verified, using the same secret key
07:11
Mac, based on a cryptographic hash function known as the hash based Message Authentication code, or H Mac, where the center center of a message uses an H Mac function to produce the Mac.
07:24
Essentially H Mac used the hash functions, such as MD five with a secret key.
07:30
Although Max and each max are similar, H Mac increases security by using an additional integrity check on the data being transmitted.
07:40
Raise
07:41
is designed based on MD four. It's 100 and 60 bit version of the algorithm performs comparably to show one
07:50
their issues associate it with hashing one being rainbow tables, which are pre computed lists of common words, phrases et cetera, along with their pre computed hash value
08:05
with a rainbow table. All of the possible hashes are computed in advance. In other words, you create a series of tables. Each has a possible to letter three letter for letter or so forth combination in the hash of that combination, using a known hashing algorithm like shot, too.
08:20
Now, if you search the table for a given hash with letter combination in the table that produces the has must be, in this case, the password you're seeking.
08:31
Popular password cracking tools such as Off Crack and John the Ripper used rainbow tables,
08:37
a countermeasure called Assault First to the addition of obits at key locations either before or after the hash.
08:46
So if you type in the password.
08:50
Password pits are added by the operating system before it is hashed,
08:54
and this helps defeat rainbow tables.
08:58
A challenge with cryptography is the length of the key.
09:01
Longer keys are better. So what about stretching those keys?
09:07
Key Stretching is a process used to take a week or short key and make it stronger,
09:13
usually by making it longer.
09:16
There are two common algorithms associated with key stretching.
09:20
The first is be crypt, which is based on the Bloke Blowfish algorithm.
09:26
It provides an adaptive hash function based on a key factor.
09:31
The other key stretching technique is password based ke care of ation function, too.
09:37
P b k D. F, too.
09:39
It's an algorithm that applies a pseudo random function to the password, combined with assault of atleast 64 bits
09:48
and repeats the process at least 1000 times,
09:52
creating a very strong ki.
09:54
In the second video of section 6.2, I explained some cryptographic algorithms and their basic characteristics.
10:03
Let's practice on a few sample quiz questions.
10:07
This hashing algorithm,
10:09
now considered compromised, produces a 16 bite hash value, usually expressed as a 32 digit hex, a decibel number.
10:20
The answer is C
10:22
MD five Message Digest. Five.
10:26
Alison Bob Want to share a file over the Internet?
10:31
The plan on using a yes to 56 for file encryption but need to share a secret key between them.
10:39
Which algorithm is best for this year's
10:43
answer is a defeat helmet if he helmets used for key exchanges over public networks.
10:50
Review this material
10:54
Review your study material form or information on different types of algorithms used within cryptography.
11:01
If you'd like more hands on experience with encryption and hashing, see of the security plus labs
11:07
With these labs, you'll learn how to install a cryptographic program. Use it to encrypt a document and then decrypt it. You'll also learn about key values as well as hashing.
11:22
This, concludes the video for section six dot to explaining cryptographic algorithms and their basic characteristics.

Up Next

CompTIA Security+

CompTIA Security Plus certification is a great place to start learning IT or cybersecurity. Take advantage of Cybrary's free Security+ training.

Instructed By

Instructor Profile Image
Ron Woerner
CEO, President, Chief Consultant at RWX Security Solutions LLC
Instructor