Time
10 hours 28 minutes
Difficulty
Advanced
CEU/CPE
15

Video Description

This lesson covers the problems with public key cryptography, which involves every user in a network given a public key and a private key. Mainly, it is very slow and anything decrypted with one key can only be decrypted with the other as the keys are mathematically related.

Video Transcription

00:04
Okay, so we just listed out some problems with symmetrical. Who said no. He exchanged or out band. He changed. We talked about how it wasn't scalable. And then we also talked about how we don't get authenticity integrity.
00:19
Now, even though we have the benefit of speed, it's a good benefit. Makes symmetric cryptography very desirable for Dad Exchange. We have to solve some of those other problems. And that's exactly where a smell
00:34
asymmetric cryptography is gonna give us away shaped keys we're gonna see. That's where scaleable and we're also going to see how we get authenticity. Integrity novel.
00:46
All right, so with asymmetric cryptography, every user on the network is Brandon a pair when public e one product. And by the way, this is a simplification. Because there are many variations on this configuration, it's just a very basic one.
01:03
What we're gonna go? We're start with the basics and build on that.
01:06
Okay, so every user in the organization is given in public in a private that's a key player
01:14
and the cheese air mathematically related to each other. So my Prada keys, mathematically related to my public and its related in such a way that anything encrypted by one key can only be decrypted by the other.
01:29
For instance, anything that's encrypted with Kelly and her hands public key
01:34
can only be decrypted by Kelly Handle Han's private.
01:38
Okay, so you've got that relationship between the public in the private anything do with my public can only be decrypted.
01:47
So if you think about that,
01:49
that also gives us the problem that solves the problem right away of Keach.
01:55
Because the problem with symmetric photography's We had this key. We had to exchange between two parties. But we have to protect the secrecy of the key. You know, I couldn't just shout out the key in the middle of a classroom. They were gonna use key. 1234
02:08
Anybody could hear that key,
02:12
but with asymmetric cryptography
02:15
having this public and private key,
02:17
if you want to get something to me
02:20
secretive,
02:22
if you want to protect its confidence, yeah,
02:24
what you'll do is your request. My keep
02:28
now think about that whole would keep Well, I give you my public teacher. Anybody could have my public, and that's important to understand whether I have a relationship with the person I'm communicating with or not.
02:40
Maybe they're in my network. Sure is okay, but even if they're not even their total strangers, even if I'm banking server and they're an unknown entity, I will always willingly share my public.
02:54
Why does this public? There's nothing sensitive on that key,
03:00
so I don't have to say anything sensitive across the wire.
03:04
If you want to send something to make privately, you request my public, I'll send it to you.
03:10
He used my public key to encrypt your message, or this is a least ways to do
03:16
now. You won't crypt my message
03:20
with my public key
03:22
in asymmetric cryptography. What's the only thing that would decrypt it?
03:25
Well, if it was encrypted with my public hold my private with deeper,
03:31
and I should be the only personal network that has my private,
03:36
and that's a really important tenet of asymmetric cryptography. You must protect your private keys. I don't care who gets my public, but my private KIIS sacred. It is bound to my identity. If anyone gets my private key were compromised, we would have to revoke the green issue, please.
03:54
But hopefully that makes sense about how we get privacy and how we get. Keep strange because I don't have to send anything confidential If you want to get a secret to me. You asked for my public king. I'll send it to you. Cross the wire in clear tax because again, it doesn't need to be protected.
04:13
I'll send you that, he clear attached. You'll encrypt your message for May
04:16
with my public key. I'll decrypt that message with my private only I had my private key, so only I get the message.
04:27
Okay, so teach done. And by the way, when I say you'll ask for my public keep honestly, it's not that you asked for my public key. And if you think about, if you've ever used outlook before any common female applications, if you think about what you actually do to improve the message,
04:46
don't you pretty much just oh,
04:48
in the little box that says encrypt as how you encrypt the message. But what's happening is that triggers your application
04:57
to ask my application
05:00
for my public keep. So this is all about the application layer. It's below the surface that user never has to know about key change.
05:08
But ultimately, when you click on that encrypt button. That's what your trigger
05:13
now, the way emotional work administrators implement this is we're gonna take the public keys and we're gonna integrate them in the mail service.
05:21
So when you pull somebody's name with Global Address list and you go to encrypted file from Member encrypted message
05:30
because their keys in the jungle Address list all I have to do is pull your name out of the gal flick coming Kripke.
05:36
And what happens is my email application automatically has access to your public.
05:43
And once again, it seems, if it's magic, too, I don't want my users talking about each day. I want my user. Snow, with this button in magic happens as matter of fact, the only thing we know about cryptography its users is when it's not working, so that's never good.
06:02
Okay, so he exchange done
06:05
easy enough. It's integrated with global dressed list, but even if it wasn't my application required your application for he
06:15
and it would be a public key happy, happily sent across the net.
06:19
When I encrypt something with your public key,
06:23
only your private keep in secret, so that gives me a prize.
06:29
So
06:30
we have key change.
06:33
We also have stale ability
06:35
because as many keys as we would have running around in a network with 100 users if we were in symmetric environments with asymmetric environments. You have 100 years from a ship 200 keys.
06:49
So it's considered to be much more scalable because every user kids 18 here report
06:59
now the third problem.
07:00
How we get non repudiation. So, basically as part of non repudiation, how do I get authenticity? How do I get in? And two of those together give aviation so we'll see that next spring.
07:15
Now again,
07:17
even though we have these benefits
07:20
of asymmetric cryptography with you, with all the problems we just had.
07:26
The downside of asymmetric is that it's in. It's very slow.
07:30
So what we want to keep in mind. That's what we're working toward.
07:34
He's take the good things about asymmetric,
07:38
the good things about symmetric and use them together in a hybrid

Up Next

CompTIA CASP

In our online CompTIA CASP training, you will learn how to integrate advanced authentication, how to manage risk in the enterprise, how to conduct vulnerability assessments and how to analyze network security concepts and components.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor