# Encryption Part 2

Video Activity

Join over 3 million cybersecurity professionals advancing their career

Sign up with

Required fields are marked with an *

or

Already have an account? Sign In »

Video Transcription

00:04

>> Let's take an example

00:04

here and we're going to do some math.

00:04

I'm going to keep it as simplistic

00:04

as possible and keep in

00:04

mind that this isn't

00:04

the actual math that's used in today's algorithms.

00:04

This is just an example.

00:04

What I want to show you here,

00:04

the idea is here,

00:04

is how you need to choose

00:04

an encryption algorithm that's strong,

00:04

that's a more complex and

00:04

a stronger algorithm than others.

00:04

Let's take a very basic formula here.

00:04

What have we have an algorithm of K plus

00:04

3 equals C. That means we're saying K is the key,

00:04

that's the secret and C is the cipher text.

00:04

C is just the result of the algorithm.

00:04

We take that and we use that to

00:04

encrypt data and we transmit that.

00:04

We'll see our cipher text is 8.

00:04

If we have an intruder who's listening

00:04

in on the wire and he sees

00:04

that C equals 8 and he knows what algorithm's being used.

00:04

Well, now he can reverse engineer it.

00:04

He knows the algorithm is K plus

00:04

3 equals C. In this case, C is 8.

00:04

He knows that our key plus 3

00:04

equals 8 and he can figure out pretty easily

00:04

that our key is 5 and now he can use

00:04

that key to decrypt

00:04

anything else that we sent across the wire.

00:04

This would be an example of a weak algorithm.

00:04

When you choose an algorithm,

00:04

you want to choose one that's much stronger.

00:04

Here's a fictitious example of a stronger algorithm.

00:04

In this case, we've got an algorithm that's

00:04

actually two different parts.

00:04

The equation is broken into two different parts.

00:04

On the left side, we've got 5

00:04

plus K1 and K1 is part of our key.

00:04

Maybe our key is 12 characters long,

00:04

and we're going to use the first six characters

00:04

as our partial key and

00:04

use that in the first part of the equation.

00:04

So 5 plus partial key minus

00:04

the data itself equals some variable, which is X.

00:04

Since we know what the key

00:04

is and we know what the data is,

00:04

we can solve for X,

00:04

and then we can take X and we can put it into

00:04

the second equation and say X plus

00:04

45 minus the second part of

00:04

the key equals our actual cipher text.

00:04

There's much more layers to

00:04

this algorithm than they were to

00:04

the other one and this is a much more

00:04

complex way to encrypt data.

00:04

Now we take that and we transmit that data.

00:04

Our cipher text is still 8.

00:04

But this time if we have somebody listening on

00:04

the wire and they see

00:04

that our cipher text is 8 and they say,

00:04

we're going to try to reverse engineer this.

00:04

I know what the algorithm is that they're using.

00:04

I know the cipher text.

00:04

We're going to replace our cipher text with eight.

00:04

Now the intruder says,

00:04

"Well now I can reverse engineer and X plus

00:04

45 minus a part of the key. I don't know.

00:04

I don't have any idea.

00:04

It's too complicated. I can't decrypt it.

00:04

It remains a secret."

00:04

It's important to choose

00:04

a strong algorithm whenever you're choosing one.

00:04

The two most common algorithms today are RSA.

00:04

RSA stands for Rivest-Shamir-Adleman and those are

00:04

the last names of

00:04

the three mathematicians that invented that algorithm.

00:04

Chances are today, if you type in https colon slash

00:04

slash something and you're going to make

00:04

a secure connection to some Internet site,

00:04

it's using the RSA algorithm.

00:04

It's one of the most widely used algorithms on

00:04

the Internet today, still very secure.

00:04

Another one is AES,

00:04

which stands for Advanced Encryption Standard.

00:04

That's one actually that the military uses,

00:04

that's been recognized by the military as

00:04

the strongest encryption algorithm out there today.

00:04

There's a lot of other things happening today.

00:04

There's quantum encryption that's

00:04

being talked about and things that are very complicated.

00:04

Encryption can be an entire subject by itself.

00:04

I put an example down below here on this slide,

00:04

this is the actual RSA encryption algorithm.

00:04

You can see it's much more complicated than

00:04

that A plus B equals C that we were talking about,

00:04

which is what makes it such a strong algorithm.

00:04

It's why it's been around for decades.

00:04

A little bit about symmetric versus

00:04

asymmetric encryption.

00:04

Symmetric encryption, as we said,

00:04

is when both parties use the same key.

00:04

Both sides have to know what that key is.

00:04

We've talked a little bit about that in our VPN lesson

00:04

when we talked about PPTP

00:04

or point-to-point tunneling protocol.

00:04

In that case, both sides had

00:04

the same key and they just use that to

00:04

encrypt the data or create that tunnel.

00:04

It is faster than asymmetric encryption,

00:04

but it's faster because both sides know the key.

00:04

They don't have to negotiate to figure out

00:04

what key to use for encryption. They already know it.

00:04

It's one less step that has

00:04

to happen during transmission.

00:04

Therefore, it's faster,

00:04

but it requires each party to keep those keys secret.

00:04

Not only does that key exists in two places,

00:04

but now there's a bunch of other people that

00:04

know what those keys are so it's

00:04

a lot more likely

00:04

that those secrets are going to get dispersed,

00:04

are going to get found out somehow.

00:04

Asymmetric encryption is a method by

00:04

which each party has a different key.

00:04

The keys are mathematically

00:04

related and we're going to talk

00:04

about that in a little while.

00:04

But one party has one key that encrypts the data,

00:04

the other side has a completely different key that's

00:04

mathematically related to the first key to decrypt it.

00:04

But even though they're mathematically related,

00:04

you cannot derive one from the other.

00:04

If you get your hands on this key and you steal it,

00:04

you can't figure out what this other key is.

00:04

You need both keys to see the whole conversation.

00:04

You may see a conversation one way

00:04

with key encrypted and this one decrypted.

00:04

Where the conversation the other way is vice versa,

00:04

so you need both keys to steal the data.

00:04

They are mathematically related

00:04

but can't be derived from each other.

00:04

Let's talk about public key encryption.

00:04

In a public key encryption system,

00:04

the best way I can describe this is to use an example,

00:04

and most of the Internet uses public key encryption.

00:04

Public key encryption is used

00:04

mainly because it wouldn't be

00:04

very efficient to use

00:04

a symmetric key encryption system on the Internet.

00:04

If amazon.com had to keep

00:04

a separate key for

00:04

every human being that might connect to them,

00:04

they would have billions of keys

00:04

that they would have to maintain,

00:04

and that's just not very

00:04

efficient and not very effective.

00:04

So in public key encryption, the way that works,

00:04

let's say Bob over here on

00:04

the left wants to send an email to Jack,

00:04

but he wants to do it in a secure manner.

00:04

He wants to encrypt that email,

00:04

so if somebody intercepts

00:04

along the way, they can't read it.

00:04

In a public key encryption system

00:04

both parties are going to have a pair of keys.

00:04

They're each going to have their own pair of keys.

00:04

Bob is going to have both a public and a private key.

00:04

His private key, he's going to keep private.

00:04

No one but Bob will ever know Bob's private key.

00:04

His public key is public.

00:04

Anyone can see Bob's public key, same with Jack.

00:04

Jack is going to have a public and a private key.

00:04

Now remember these keys are mathematically

00:04

related to one another.

00:04

In the beginning of a transaction,

00:04

what they're going to do when they set up encryption is

00:04

they're going to exchange public keys.

00:04

Bob is going to send Jack his public key.

00:04

Jack is going to send Bob his public key.

00:04

Now Bob has his own initial key pair,

00:04

his public and private key,

00:04

but he also has Jack's public key and vice versa,

00:04

Jack has his initial pair plus Bob's public key.

00:04

Now once a key exchange happens,

00:04

Bob can now create a message.

00:04

His message at first is unencrypted.

00:04

When he wants to encrypt that message,

00:04

he can apply, he can encrypt it using Jack's public key.

00:04

Bob created the message.

00:04

He's going to use Jack's public key

00:04

to encrypt that message.

00:04

When he transmits it,

00:04

it's encrypted, it's copper text on the wire.

00:04

If someone intercepts it, they can't read it.

00:04

When Jack receives it.

00:04

Jack is the only person on

00:04

the planet that has Jack's private key.

00:04

Bob encrypts the message with Jack's public key,

00:04

which is mathematically related to Jack's private key.

00:04

So therefore, when Jack received the message,

00:04

he could decrypt it with his own private key.

00:04

When Jack wants to respond to that message,

00:04

he's going to encrypt it with

00:04

Bob's public key and the same thing happens in reverse,

00:04

goes across the wire, encrypted,

00:04

Bob receives it and in order to decrypt it,

00:04

he's going to use his own private key to decrypt it.

00:04

He's the only one that can do that

00:04

because he's the only one that has the key.

00:04

That's how public key encryption works.

00:04

Encryption can be a very deep subject.

00:04

There's a lot of math,

00:04

there's a lot of subtleties.

00:04

We're not going to get into any of that today,

00:04

but I wanted you to understand at

00:04

a very high level how encryption works,

00:04

what some of the different types of encryptions are,

00:04

how they're applied in

00:04

the environment and just a general idea of encryption.

00:04

That wraps up this session on encryption.

00:04

Next up, we're going to talk about web proxies.

Up Next

Instructed By

Similar Content