 All right, Mr. Gibson here with your next lesson in cryptography. And today we're going to be kicking off our unit on public key encryption. And we need to understand about encryption protocol right now is that what we're doing is a very idealistic view on cryptography so far. Both parties have access to a key that you understand it and Eavesdropper might not know that key and you can keep operating under those circumstances. What we're going to see is that it doesn't really happen very much in practice. And what that leads to are issues and well, how do you exchange keys? How do you ensure that both parties that need to have the keys have them and the parties that you don't want to have the keys don't? We're going to look at our kind of current method and find some ways to improve it. So we're going to have a certain cast of characters that we're using here today. We're going to represent plain plain text messages with the open lock, the ciphertext messages with a closed lock, the key with a key. And then we've got three people. We've got Alice, Bob, and Eve. Alice and Bob are two friends. They're the parties that are going to be trying to exchange messages securely. And then there's Eve, who will be our Eavesdropper trying to determine that plain text message by eavesdropping on the communications that happen between Alice and Bob. So what we're going to see is that sharing information securely is hard. And that's kind of the point of this course is we're looking at how do we exchange those messages without the eavesdropper knowing what's going on. So let's start with Alice. Alice has the plain text message hello, chosen the key of dog, and then they generate this secure ciphertext message zj2ywefj equal equal. The exact cipher used here is not important. It's kind of an illustration of how this works. So after this process has happened on Alice's end, she'll transmit the message over to Bob. Bob now has the secure message, the ciphertext. Bob already knows the key of dog, so he's able to successfully recover the plain text message of hello. And if things work well, even if the eavesdropper was paying attention and they got that ciphertext message, Eve does not have the key and therefore cannot recreate the plain text message. That's been the assumption that we've been using so far in this course, that somebody could get the ciphertext, but that's fine because without the key it's secure enough they're not going to be able to get it. But what we're going to see is that this ideal situation does not hold very long in practice. Let's say that Eve was eventually able to get that key of dog. And we've got to change up the keyword. But Alice and Bob are far apart. There's no way for them to actually exchange the new keyword. And so Alice has changed the keyword to cat, and then that gives you a new ciphertext message to share, but there's no way to get that new key to Bob without the eavesdropper seeing the new key go down the line. So Bob gets the ciphertext, but if there's no secure way for him to get the key, then there's no way for him to get the message without Eve also getting the key and then being able to recreate the plain text message. So this is the challenge that we're up against. So let's look at some solutions to solving this key exchange problem. This is how the German army did it during World War II with the enigma machine. They would create a codebook. They would make one of these one per month. So you can kind of see here on the screen each one of these rows represents a particular date. And they had the initial configuration, which it served as the key for the enigma machine. And they would just change these keys out every day. And because the enigma machine was relatively secure for a very long time, it was good enough because they knew that any messages transmitted with a key for the day, it would take far longer than a day for the allied forces to crack those. And then the next day they'd move on to the next key and so on. So that's how they did it. Some drawbacks to that is that everybody that is going to use the enigma machine needs to have this exact same codebook. One of these could fall into enemy hands, and then they know the codes for the rest of the month. It's just a very logistical nightmare in terms of administrating the key exchange. You can also use a secure courier. So you can have a trusted messenger physically deliver keys. They might do something similar to what the Germans did have like a printed out key list. And you could maybe do that in a modern day society using diplomatic carriers or these diplomatic bags, which are immune to any sort of search when you're traveling across different countries lines. That's been the case since about the 60s, but while that's, again, that's kind of a nice solution, that's assuming that everybody's playing by the rules and if you're in wartime or some other sort of situation where maybe people aren't going to play by the rules, that's only going to kick the can down the road a little bit because once people can get in those pouches and they stop caring about the rules, they're still going to be able to read your messages. So we need to maybe even better system. And this is where some mathematics is going to be able to help us out. It turns out there's some interesting math here that's not too complicated to understand. That's going to allow us to generate a shared secure key. And we can do that over those open channels, meaning the channels that an eavesdropper can can see anything going across. We're going to start out by using non mathematics. We're going to we're going to use the idea of mixing paint. It makes it maybe a little bit easier to understand the general idea. And then we'll follow up with a specific example on how some math can actually implement this cryptographic process. So let's say that Alice has decided she's got this paint palette here and she's going to choose the color yellow as a secret of hers to begin with, but then she's going to share that information with Bob. And because she's shared it with Bob, that means that Eve has it too. So in fact, that's not a secret color, but we're going to use the letter C to note that as a common color, common because everybody who's a part of this whether you want them to or not has access to it. And then Alice and Bob are going to share a secret color that they will not share at all. That's how it's going to remain secret. So Alice has chosen the color red and Bob has chose the color blue. And because they're not going to share that color with each other, Eve does not know it. And now they're going to mix the common color with their personal secret color. So Alice is going to mix the yellow and the red. And that means she's going to have some sort of orange color. Bob is going to mix the yellow and the blue and he's going to get some sort of green color. And now they're going to exchange those colors with each other. So Bob sent the green over to Alice and Alice sent the orange over to Bob. And because they did that over an open channel, Eve also knows those two shared colors. So she knows that Alice's common color plus private color gave her the orange and she knows that Bob's common color and private color gave green. So she's going to kind of tuck that away for information. Now what Alice and Bob are going to do is they're going to mix that color that they just got from each other with their secret color. So Alice is going to take the red and the green and mix it and get some sort of tan. Bob is going to mix some blue and orange and he'll also get some sort of tan because they now have equal parts A, B, and C together. They've just generated a shared color that only they know. Eve can't recreate that color because Eve does not have access to A, B, and C in the right proportions. Eve does have access to yellow and she's got a mix of yellow and whatever Bob's secret color was but it's going to be really hard for her to reverse engineer what that original secret color was. And then same thing, she has the orange which is a mix of yellow and Alice's secret color but it's going to be really hard for her to work that back to figure out exactly how much and of what color Alice mixed with the yellow to get the orange. So there's no easy or practical way for Eve to kind of reverse engineer the information she has to get the exact same tan color that both Alice and Bob do have access to. And that's the general principle here is that by selectively sharing only certain information two parties can create a shared secret together that unless you had access to the private information that was not shared you would not be able to recreate it yourself. So mathematically what we're talking about here is a one-way function. It's really easy to mix paint together but it's really hard to take a look at a mixed bucket of paint or mixed palette of paint and decide exactly which colors made it and in which proportions. And we're going to see that there's some mathematical operations that work a lot like paint mixing. Easy to do one way but very difficult to do the other way. This protocol is what's known as the Diffie-Hellman Key Experience. So that's named after two mathematicians and what it allows you to do is have two parties with no previous knowledge of each other. So this Alice and Bob and our example were friends but they could have been complete strangers and it gives them a way to establish a shared secret key over an insecure or monitored channel and then you can use that shared key to encrypt messages using a symmetric key site. Symmetric key just means you use the same key for and everything that we've done up to this point in the course. And this protocol is actually still used today to secure a variety of internet services. So they did this about you know mid-70s or so but after some information was declassified in the late 90s it turns out that the British Intelligence Agency had already shown in the late 60s that they knew how to do this. In fact they knew how to do public key cryptography which is the next place we're going to. They could do that back in the late 60s. So while everybody else thought this was you know hot stuff brand new and so it's actually been around all right. So let's see how we can do this mathematically and we're going to step away from that pain mixing example. So Alice is going to come up with two numbers P and G and send those over to Bob which means Eve has them also. So that's going to be public information and we're going to color all public information in this example green. Alice and Bob then come up with a private number each. So Alice has chosen four and Bob has chosen three and we're going to represent those in lowercase a and b respectively. Now those are private which means they're never going to go over the channel between Alice and Bob which means Eve should never get those. Alice and Bob are now going to compute a piece of information that will become public once the calculation is done. So the way that we're going to do that we're going to take our value of G and then raise it to your private number and then mod it by P. So Alice would do five to the fourth power mod it by 23 and she gets four. Bob is going to take five to the third power also mod by 23 and get 10. Those information do get sent over the wire. So Alice gets B equals 10 capital B equals 10 and Bob gets capital A equals four and now Eve has those values as well. What Bob can now do is create a shared secret. We're going to take B to the A so capital B to the A so Alice is going to do 10 to the fourth. Mod that by 23. Bob's going to do the same thing. He's going to take Alice's value of four, cube it and then mod by 23 and they both get 18. What's hard for Eve to do here is that because she doesn't have access to lowercase a or lowercase b, only capital A and capital B, it's going to be really hard for her to figure out what that shared secret of 18 is. She's missing key information and what we're going to see is that it's that raising to a power in modding that's really easy to do one way. We saw that you know 10 to the fourth mod 23 easy to do to calculation wise. However, if all you know is the 10 and you don't know the lowercase a equals four, there's no easy way for you to compute that 18. You're going to have to do a lot of guessing and checking and then even then you don't even know if you did it correctly. So this is what we're going to call the discrete log problem. The discrete log problem says that it's easy to exponentiate and then mod by a value to get a result, but it's extremely hard to go the other way. If you have access to a secret piece of information, maybe 18, it's really hard to go back and recreate the public keys. So here's the mathematics behind it. Here's why this actually works. If we take capital A and we raise it to lowercase b, that's equivalent to that's equivalent to G to the A times B. So that's kind of your power rules from exponents, but then that's also equal to G to the B times A and that's the same thing as capital B to the A. So all of those things are equivalent to each other. So that's how Alice and Bob are able to create that shared secret because what they're basically both calculating is G to the A times B. But if you don't have A or B or G to the A or G to the B, like if you don't have all that information, you can't recreate that same secret. It's very hard for you to do it. So we can specifically say that G to the A mod P to the B power has the exact same thing as G to the B mod P to the A power mod P again. And that's how the mathematics behind the Diffie-Hellman Key Exchange works. So we're able to create a shared secret. In this case, it's a number. Maybe you turn that number into a binary sequence and then you encrypt your message using an XOR cipher. There's a variety of ways that you can use that numerical value to represent text or binary or whatever you needed to like we've seen previously with the LFSR. So that's it for the Diffie-Hellman Key Exchange. So that kind of solves the issue of generating a shared secret between two parties. Where we're going next is with public key cryptography, which is a completely different type of scenario where your key actually has two parts to it. One for encrypting and one for decrypting. So that would be an asymmetric cipher because you're not using the same key for encryption and decryption. You need one for each. And we're going to give one of those pieces away. And that is what we call the public. So that's it for today. Thanks for watching. We'll catch you in the next one.