 Welcome to this security MOOC. Let's talk about basics of cryptography. But first, I would like to tell you a little story. It's a love story. We've got Alice and Bob, and Alice is fond of Bob, so she decided to send him a letter. So she wrote, I like you, just sign Alice and send this to Bob. Unfortunately, we've got Eve, and Eve can't stand Alice. So she managed to intercept this message. She modified it. I dislike you. I'm Mau, keep the signature of Alice, and send this to Bob. What a shame. How can we help Alice and Bob? First, what do we want to do? We would like to have the confidentiality of the message. That means we want to be sure that only Bob can read this message that's coming from Alice. Nobody else. It's the confidentiality of this message. Then we want to keep the message integrity. We don't want Eve to be able to modify this message, or we want Bob to be aware about any modification. This is message integrity. On the last point, we want authentication. That means Bob wants to be sure the message is coming from Alice and not from somebody else. So let's see how we can address this three-point. Confidentiality of the message, message integrity, authentication, and this thanks cryptography. Let's start with the definition of cryptography. We need the science and art of transforming messages to make them secure and immune to attack. The first point we want to address, it was the confidentiality of the message. For this, we'll need to encrypt the message. So it was encryption, decryption, mechanism, will be used to address the confidentiality. There is two main categories for this. It was symmetric and a symmetric one. Here you've got the name of some algorithm and we'll come back with details about them. About encryption and decryption, we will need keys. In this MOOC, we won't address how to protect those keys but only how we use it. Our agenda. First, the principle. About the symmetric, asymmetric, encryption, decryption, then the combination of the both on how we can generate a shared secret. Then we will talk about main algorithm. For the symmetric, it will be the triple S and the half S. For the asymmetric, we will talk about RSA, elliptic curves, and differential man. Then the combination of the both. Encryption and decryption theory. Let's start with a symmetric cryptography. In this case, Alice and Bob, we need to share a single command secret. It will be a cryptographic key. The golden one. With this key, we will encrypt the message but also decrypt the message. It's why we are talking about symmetric cryptography. It was the same key used to encrypt and decrypt. So Alice, prepare this letter. Use a key to encrypt the message and send it to Bob. At this stage, the encrypted message can be decrypted only by the one who've got the key. And if don't have it, so it's good. Bob got this key. He can decrypt the message and get access to the clear content. Symmetric key systems are simple and fast. That means you can encrypt a huge volume of data with really good performance. But the main drawback is before exchanging any data, you need to exchange the key and do it in a really secure way. You must ensure that he don't manage to intercept this key. Let's fix the idea again. Alice, write this letter. Use a key to encrypt the message and send this message encrypted to Bob. Bob got exactly the same key than Alice. He can decrypt the message and get access to the clear content. Let's do a short hands-on to fix the idea. Let's start the first hands-on. I'll prepare for you a different folder. Let's move to the first one. You've got a bad file to encrypt, another one to decrypt, and I also provide you a message that you can modify. If we check this message content, dear Bob, I like you. Let's encrypt it. We'll call it the encrypt. The first argument will be the key value. One, two, three, four, five, for example. Then we'll put the message file and then the output name of the file. Let's call it encrypted. The batch just displays you the input message. Dear Bob, I like you. In the ASCII mode, in the hexadecimal, then you can see the result in hexadecimal of the encryption on an ASCII. You can find any information for sure. We are in a symmetric cryptography, so we will use the same key to decrypt. Decrypt, let's put the same key. The input file now with the message encrypted, and we will get the message decrypted. The result is dear Bob, I like you. It was working well. If I try with another value of key, for example, I modify my key value to this. You see an error and there is some problem. Here you've got an error due to the internal tool OpenSSL, but I would say it works. The values are not good. So this is really bad, but it's just to fix you highly. Let's continue with the asymmetric cryptography. Now encryption and decryption will be done with different key. That's explaining the name of asymmetric. Let's have a key pair. So Alice got her key pair, Bob his key pair. We'll see that there is a public key associated with a private key. The main drawback of a symmetric key system is the complexity. I mean it's very difficult to encrypt a huge volume of data in an efficient way. So it's usually used for tiny data. So a key pair is composed of a public key. Public means it's available to anybody. Keep this in mind, a public key is really public. A private key should be kept secret for sure. And they are linked together since mathematical properties. If you encrypt something with a public key, you can only decrypt it with the associated private key. And symmetrically, if you encrypt something with a private key, you can only decrypt it with the public key. So let's see how we can use this. Alice is ready now to encrypt the message to Bob. And the question is, which key should she use? Alice got access to three key in the schematics. A private key, a public key, and the Bob public key. So let's try all the key. If Alice encrypt with a private key, we can decrypt this message with the associated public key. That means Alice's public key. But this key is public. That means anybody can decrypt it. Even if. So where is the confidentiality? No way. That's not the solution. Other possibility, Alice could encrypt with her public key. So that means it could be decrypted only with the Alice private key. That's not the purpose here. We want Bob to be able to decrypt. So now we've got it. The solution is to use the Bob public key. When Alice encrypt with the Bob public key, only Bob can decrypt the message with the associated private key. Alice prepares the message. We'll encrypt it with the Bob public key, then the message encrypted, and only Bob got the associated private key to decrypt this message. So to keep in mind, in an asymmetric system, when you want to encrypt a message, you must do it with the public key of the recipient. And also keep in mind, public key is public. Anybody can use it or can have access to it. So now let's do a short rundown about this topic. So now we'll do the asymmetric encryption. Here we've got a folder Alice and a folder Bob, and this is the private part I will save for them. In the public domain, we've got the Alice public key, the Bob public key, and the batch to encrypt or decrypt. Alice got the message she wants to send, and she's got the private key associated with the public key that is in the main folder. Bob has his private key. So now let's start the encryption. So we want to encrypt. The first argument will be the key to use. And you remember, it's Alice who wants to send something to Bob, so she will encrypt with the Bob public key. Alice wants to encrypt the message. The output file name will be the message encrypted. So let's do this. As you can see, the input message is always the same. Dear Bob, I like you. Encryption is done, and you've got your output data. Now we want to decrypt. It's Bob that will decrypt, and he will use his private key to decrypt. So in the Bob folder, I will use a Bob private key. The input will be the message encrypted, and Bob will store the message decrypted. You've got the result here. Bob managed to read the information, so he was able to decrypt this. This basic hands-on again is just to help you fix Heidi. If you try to decrypt with other keys and things like that, it won't work. You will often have error of my script due to the open SSL behind, but here it's just to show you and to fix Heidi. When I want to encrypt something to somebody, or for somebody I would say, we should encrypt this data with the public key of the recipient. I hope it's fixed Heidi. Now we have seen the theory about symmetric encryption and asymmetric encryption decryption. Let's just remind the advantages on the drawback for each of them. For the symmetric encryption, the main advantage, fast computation, but the main drawback, you need a shared secret. So before exchanging any data, you need to have a shared secret on the both side. For the asymmetric encryption, the advantage is that you don't need shared secret because you will use a public key to encrypt and you will decrypt with a private key. But it was the slow computation that is your drawback. You can't encrypt or decrypt large data in an efficient way. Just reading this, you should think about something. Why we don't combine those both? So let's see how we can do this. And I will say it's a way that we will use asymmetric and symmetric cryptography. What we will do, we will encrypt the shared secret in an asymmetric way and then we will use this shared secret to encrypt the message. So what we'll do Alice? Alice write a huge novel for Bob this time. It's a long, long text. And she will decide to encrypt it with a symmetric key. But she want to share this key with Bob. And for that, she will use asymmetric encryption. So she will encrypt the symmetric key, the golden one, with a public key of Bob. And remember, the only way to decrypt this would be to use the associated private key. So only Bob can decrypt this content and he can get this golden key. So now we are exactly in the starting of the symmetric encryption. We've got the shared secret, the golden key. And we've got data to exchange. So now Alice, we just encrypt the document with this golden key. Share it with Bob. And Bob can decrypt it. And that's it. Let's see just a short hand-on about this. Okay, now let's continue with a hand-on with a combination of symmetric and asymmetric encryption. So here you've got some bad files to encrypt, decrypt, symmetric or asymmetric way. You've got the public key of Alice and Bob. Alice got a message to send. It's a private key also. And a symmetric key value she want to use to encrypt this message. So let's check the message of Alice. This time it's a little bit long. So I want to use the symmetric encryption to encrypt this data, not the asymmetric one, because it won't be efficient enough. That's not real case, but let's imagine. The symmetric key value that we like to use Alice is one, two, three, four, five. So the idea is to find a way to send this securely to Bob. So let's encrypt it with the asymmetric mechanism. So we will encrypt in an asymmetric way. We will encrypt with Bob's public key. That means only Bob with his private key can manage to decrypt this. We will encrypt the Alice symmetric key value and store it in the file secretkeyunculted.txt. So that's it. We've got the input message is one, two, three, four, five. So the value we want to use to encrypt. And the result is something that you can't, I will say understand or you can't use. Now Bob will decrypt this secret value encrypted received. So we will decrypt still in an asymmetric way. For that Bob will use his private key. We will use the secret key encrypted. And Bob will store it in this personal folder. So as you can see, it managed to get the value one, two, three, four, five. So in a secure way, we managed to share some things. We managed to share the value of the key that Alice now will use to encrypt the file in a secure way. So this time we will encrypt, but in a symmetric way. We are using the key value where we agreed. So she take the message, the message encrypted. That's it. Okay. So here you can see there is many, many information. This is due to I just show you the result in Husky and also on Exodocimal. So as you can see, okay. It was well encrypted, I would say. So now it's Bob that will try to decrypt this. So it will decrypt in a symmetric way. You know that the key value to use it was it's in one, two, three, four, five because they received this value previously. It will use a message encrypted and it will store it in its folder. Sorry for the sounds. So here we can see that Bob recovered the value. So here you've got the main schematics. You are using asymmetric encryption to have a shared data between the both side and now you can use this shared secret to encrypt in a symmetric way. I hope it's helped you fix Heidi. Now I would like to introduce you another way to create shared data in a secure way. So this is possible thanks to an algorithm called DFHerman. It's part of asymmetric cryptography because it used some public data and private data associated but it's different from the previous scheme we've seen together. To explain this theory, I will use some color mixing example. It will be different from the previous one. I will deal with the details about mathematical in the next part. So for the moment, it's really a little bit different from the previous but I think it will help you understanding this algorithm. So first Bob and Alice will agree on one color. This color is here yellow. Then they will choose a private color. So Alice choose the red and Bob the green. Alice will take the public color, so this yellow, and will mix it with this private color. She will have some orange now. And she will send this to Bob. One thing important is even if you've got the orange and the yellow, you can find out the red color. It's impossible to extract it because they are mixed together in this painting and you can't just extract it. It's not possible. It will rely on mathematics for sure, but you're just seeing that even if you've got the yellow and the orange, you can find the red. So Bob will do the symmetric things. He takes the yellow, mix it with the green and will have some blue color and will send it to Alice. And again, even if you've got the yellow and the blue, you can't extract the green from this. It's not possible. So now Alice will take this blue and will mix it with this private color again. And what does she have? Now she's got some brown. And if Bob do the same with the orange, I mean he take the orange and mix it with this private color, he will have exactly the same brown. So from the public part we have seen the yellow. The orange, which is a kind of a way to hide the red of Alice. And we've got the blue, which is a kind to hide the green of Bob. And they share this on each side now. They have exactly the same brown at the end. So I know it could be a little bit confusing regarding the previous description because we've changed the way to explain this. But in the next part I will deal with some mathematics and maybe it's easier for some of you to understand. Maybe some of you prefer just to focus on this color to understand it. Let's do a short on zone to clarify this if needed. Now let's do a short on zone with Diffie and Mann. You'll get three scripts. So we've got one to generate the common color, one who will use to choose a private color and mix it with the common color and another one to generate the secret. So first we should select a common color. Let's call it yellow. So take a while, but it's okay. Now we manage to generate, I will say, our yellow color. Now Alice will choose its private color and we'll mix it with this yellow. So she choose and mix color. She will choose some red and want to mix it with yellow. So what is generated? The private color chosen is private red. And the melting colors, which is the result of the private colors and the yellow is a melting red. If you've got the melting red and the yellow, you can find any information about the private red. Now Bob will do the same or I will do it the symmetric way. So he will choose and mix colors. He will choose green and mix it with yellow. So we've got the private green of Bob and the melting green, which is the result of the private green melting with the yellow. Now we can generate the secret. Alice started. So she generates a secret to do that. She will use its private color, so the private red. And she will mix it with the melting green she received from Bob. This is a secret one. So we've got a value. We've got a secret generated under this value. Symmetrically, Bob will do the same. He will generate a secret with its private green and will use the melting red. And I put it in the secret 2.txt file. And if you've compared, the both are equal. We managed to get some shared secrets on the both side without sharing any secrets. So I hope it's helped you fix Heidi. I know that differential mapping is not so obvious, but here we've got some things that just show you with some command and you can do many tries with it. Where do we start now? Let's check the agenda. The principle we have seen together, Symmetric Encryption Decryption Theory. You remember you use the same key to encrypt and to decrypt. Symmetric Encryption Decryption Theory. This time you are using the public key of the recipient to encrypt and the recipient will use the private key to decrypt. Then we can combine the both. That way we can send some huge data encrypted in an efficient way. Or we can generate a shared secret thanks Diffie-Hallman and then using Symmetric Encryption Decryption. Now we will see together the main algorithm for the Symmetric we will address TDS and HAVS. For the Symmetric we will see Elliptic Curves, Diffie-Hallman and SCDSR which is Diffie-Hallman associated with Elliptic Curves.