# Encryption Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
or

Time
4 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
4
Video Transcription
00:00
>> Hi and welcome to lesson 2.3.
00:00
In this lesson, we're going to talk
00:00
00:00
Everything in the last couple of lessons,
00:00
we've been talking about the perimeter,
00:00
which is that boundary between
00:00
our internal devices in that external entity.
00:00
Now we're going to move a little bit more
00:00
inward on that layered approach.
00:00
We're going to talk about the network layer,
00:00
which is all of that
00:00
backbone infrastructure, the routers,
00:00
and switches that connect us to
00:00
the outside world as well as
00:00
connect devices together internally.
00:00
Now within the network layer,
00:00
we're going to talk about a few different components.
00:00
One is encryption. We're going to talk about it.
00:00
We touched on encryption before
00:00
a little bit when we talked about VPNs,
00:00
but in this lesson, we're going to go into how encryption
00:00
works and dive in a little bit
00:00
deeper on encryption itself.
00:00
We're going to talk about web proxies.
00:00
Web proxies are basically
00:00
those devices that help us control
00:00
how our organization interacts
00:00
with the Internet and with the outside web.
00:00
We're going to talk about NAC,
00:00
which is network access control.
00:00
That's all about how we allow devices
00:00
onto our network and what types of
00:00
devices we allow onto our network.
00:00
Then we'll get into a little bit about wireless security
00:00
towards the end of the lesson
00:00
and towards the end of the module.
00:00
00:00
Encryption in its basic form,
00:00
before we start to actually talk about functionality.
00:00
Let's talk about some definitions because
00:00
we're going to use these over and over again.
00:00
When we say the word algorithm,
00:00
we're referring to a mathematical formula
00:00
used for encrypting.
00:00
It's actually a formula,
00:00
a plus b equals c. When we talk about the word key,
00:00
we're talking about a secret variable.
00:00
It's something that's secret.
00:00
It's a variable that's used
00:00
within that encryption algorithm.
00:00
If the algorithm is x plus one equals 3,
00:00
then x is our key.
00:00
It's what's unknown, it's what is secret,
00:00
it's what we have to solve for.
00:00
When we use the term ciphertext,
00:00
00:00
that's actually been encrypted.
00:00
Once the data is encrypted and we transmit
00:00
it across the wire in an encrypted format,
00:00
that's what we refer to sometimes as ciphertext.
00:00
Symmetric encryption is encryption where
00:00
both sides are using the same key,
00:00
so that same secret or variable
00:00
is hard-coded or is known by
00:00
both sides of the equation whereas
00:00
asymmetric encryption is where
00:00
each party on each side uses a different key.
00:00
Then finally, public key encryption is
00:00
an encryption mechanism that uses
00:00
both asymmetric and symmetric encryption.
00:00
We're going to show you
00:00
that towards the end of this lesson.
00:00
Let's talk about how encryption works.
00:00
In its most basic form,
00:00
encryption is just creating a secret.
00:00
It's just scrambling data in a way
00:00
that others who don't know the secret can't read it.
00:00
Let's say we've got this computer over here on
00:00
the left that wants to communicate
00:00
with computer on the right.
00:00
What it actually wants to communicate is a password.
00:00
In this case, we've got a password in
00:00
clear text and our password is not on my watch.
00:00
The computer on the left is going
00:00
00:00
an encryption process and
00:00
that process is simply taking the data,
00:00
which is the password, and applying it to an algorithm.
00:00
The output of that is going to be our ciphertext.
00:00
This ciphertext is nothing but jumbled-up data.
00:00
It's just random characters that if we transmit that
00:00
over the wire and someone
00:00
happens to see that or intercept that,
00:00
they're not going to have any idea what that
00:00
means because it's gobbledygook.
00:00
It doesn't mean anything.
00:00
Computer on the right is going to
00:00
00:00
it's going to run it through a decryption process,
00:00
which is simply applying it to that algorithm
00:00
again and the output is going to be the clear text.
00:00
Now the computer on the right can
00:00
00:00
That's all encryption is.
00:00
At its highest level,
00:00
that's all it's really doing.
00:00
It's very complicated, the mechanisms that do that,
00:00
but at its highest level, that's what it is.
00:00
Now, let's get into
00:00
a little bit more details about
00:00
the keys and the algorithms.
00:00
First off, keys, as I said,
00:00
are mathematical formulas used
00:00
in the encryption and decryption process.
00:00
But algorithms are not secret.
00:00
Algorithms are actually public.
00:00
There's plenty of them out there.
00:00
There's a handful of them that are stronger than others.
00:00
They're all publicly available.
00:00
They're not any secrets at all.
00:00
The formulas themselves are not secrets.
00:00
But our secrets are the keys,
00:00
and those are the things that we need to keep quiet,
00:00
keep a secret and protect
00:00
because if you know the algorithm because it's public,
00:00
and you acquire the key,
00:00
then you can solve the equation
00:00
and you can read the data.
00:00
Good algorithms use a combination
00:00
of both keys and the data
00:00
itself to populate parts
00:00
of the formula to make them more complex.
00:00
If we're starting, we want to encrypt some data.
00:00
We actually have two secrets when we start,
00:00
we have the key which we know, and that's our secret.
00:00
We also have the data.
00:00
If we haven't transmitted that data yet,
00:00
that data is secret as well,
00:00
and we can use that as part of our algorithm.
Up Next