 Hey, it's Mr. Gibson here with your next lesson in cryptography and today we're going to be talking about public key cryptography Now public key cryptography is a stark difference between what we've been using in the past Which is known as symmetric cryptography and in fact all cryptography before the mid 1970s was symmetric in its nature And what we mean by symmetric when we're talking about cryptography It means that the sender and the receiver of the message use the same key And that key is sufficient to either encode or decode the message And as we talked about in the past exchanging those keys gets very difficult This requirement of having the same key for both sender and receiver particularly becomes unmanageable When the number of participants in the message sending and receiving increases when you don't have access to a reliable secure channel Or when keys are going to be frequently changed, which is just good cryptographic practice And particularly it becomes challenging if all the messages being sent want to be Secure to all of the other users on the network and it wasn't until the 1970s Where this became a pressing issue when computing became a lot more popular and as the internet started to take its early stages So just a quick refresher for our cast of characters that we'll be using today We've got the unlocked lock emoji for representing plain text the closed lock for cipher text The key for a key and then we've got our three actors Alice and Bob who are trying to send messages back and forth to each other And then Eve who is trying to intercept and read those messages So here's just a quick recap of our symmetric ciphers Alice and Bob both have the same key So they're able to transmit the encrypted message to each other and Alice can send it Bob can read it and Eve can See the encrypted message but without the key she can't get the plain text The issue with symmetric ciphers arise when the key needs to be changed So Alice now has the keyword cat There's no way to get that key to Bob without Eve seeing it Which means there's really no secure way for Alice and Bob to talk anymore They've lost the secure channel and they can't communicate So let's look at what public key cryptography can do So we're going to be calling public key cryptography a symmetric ciphers because we're going to see that We have two different keys that are going to be used and Alice is going to have one set of keys and Bob is going to have a different set of keys and depending on the circumstances Will determine which of those keys gets used So the premise is that Alice has two keys one key that she keeps to herself and one key that is public information And we're going to denote those keys with a red background for private and a green background for public These two keys are not random They are intertwined mathematically as we'll see when we see how this these keys are generated So you can't just pick any old random numbers or words to be your keys. They have to be created together But the idea is that these two keys can work in conjunction One of the keys the private or the public can encrypt a message that only the other key can decrypt In fact, if Alice were to encrypt a message with her public key Her public key could not decrypt the message that she just made she'd have to use the private key to do that Same thing goes with Bob. There's nothing special about Alice's keys. Any any public key can encrypt a message that any Paired private key can decrypt and vice versa a private key could encrypt a message that the same paired public key could decrypt But somebody's public key could not decrypt a message that the public key Encrypted and nobody else's keys could decrypt anybody else's message whether it was created with a public or a private So let's suppose Bob wanted to send Alice a message Alice has her private key And the way that Bob needs that therefore create the message is to get access to Alice's public key Since Alice's private key could only decrypt messages that that public key encrypted There's a variety of ways that Bob Maybe you could get that key Alice could just directly send it to him. It is public information after all There's no reason to keep it secret A lot of times this also gets solved by having a public key repository That has a bunch of people's public keys just that you can look them up Maybe by name or email address or some other unique identifier And you can just pull their key out of the repository so that you can encrypt the message So now Bob has Alice's public key that he can use To take his plain text message. Hello Alice and encrypt that into some cipher text He'll transmit the cipher text if eve were in the picture here She could see that cipher text going across the line, but she would not have access to Alice's private key Just like bob doesn't Alice could then take her private key with the cipher text and convert that back into the plain text and only Alice can read the message As a reminder if when after bob Encrypts the message with Alice's public key He can't get back to the plain text message even though he created it So if he has a bad memory or it was just a very temporary message And it just got flushed out of his computer's memory very quickly and all he has left is the cipher text and the public key He can't recover the original message back So you have to be very careful here. You can't undo your own encryption when using somebody else's public key Lastly another common use for public and private key pairings is by encrypting using your private key We're gonna see that's not very secure But that's not the point if bob were to take his private key and encrypt the message Hello, Alice to be this cipher text message here Anybody could read that because remember bob's public key Which is the only key that can decrypt the message that the private key created Everybody has a copy of it. So there's no security in this However by sending that cipher text over to alice She could decrypt it But then she also knows that the only person who could have created that message is the only person in theory Who should have access to that private key? So she knows that it must have come from bob We call that a signature So you can sign your messages using your private key and that just means that you are the only one who could have sent that message So this is a really nice kind of secondary feature of public key cryptography Is not only can you create messages with somebody else's public key and keep them secure so that they're the only one who can read it Is that you can sign your messages so that people know that you are the only one who could have sent it So here's their requirements that we need for any public key crypto system It should be really easy to create pairs of keys and when we say easy we mean computationally It shouldn't take hours of computers running To create your keys. It should be you know a matter of seconds And they need to be able to make a paired public and private key Those keys can be used to encipher and decipher messages, but a single key can't decipher a message that it itself created It should be infeasible to calculate the private key using the information found from the public key and vice versa And we should be able to use those pairs of keys to authenticate the center of the message So as our last example there with bob So let's take a look at an example of a public key system That actually builds on a system that we already know and that's the multiplicative cypher This is going way back in the course probably in the first week or two Where we saw that we could choose a value m That it's relatively prime to 26 and back then it was 26 because those were the only letters in the alphabet. We knew we could use And to encipher we would take each character with contained in the message n and multiply it by the value m And then we would mod by 26 So we take each character in the message multiply by m mod by 26 And then we would Send those values to our recipient and then to decipher they would need to know m inverse Which is the multiplicative inverse of n in mod 26 And we just quickly calculated that there weren't many options when we're working in mod 26. So if my Enciphering key was three I could try a bunch of possibilities or maybe I would even just memorize them and I would know that m inverse is nine And then I would multiply each character by m inverse mod by 26 And I will be able to recover that plain text And what we're going to see is that we can build on that This isn't a really good public private system, but it it works We can determine m and m inverse. We can maybe use m inverse as our private key And then we just give away m as the public key But the main weakness of that is as we just talked about It's not hard to determine m inverse when you know m and there's only 26 possibilities for those two things We could just brute force try all of them and it would take fractions of fractions of a second Very insecure But what if we increase the number of possibilities? And that's what we're going to look at here with kid rsa Kid rsa we we name it that way because there's similar principles here to the real rsa algorithm that we'll learn about And just a short matter of time But it is a simpler version. So it kind of like a child's child's version And it's a lot like our encryption system that we just talked about for multiplicative ciphers We're just going to read increase the number of possibilities from 26 to out in the millions So let's take a look at how it works The first thing is we need to generate those keys So the way we do that we're going to choose four integers a b a prime and b prime And we need to keep those secret We do not want to let anybody know that and we're going to kind of color code secret information and public information Secret information will be this pink color and public information will be green We're going to use these four integers to compute for new numbers We're going to first compute capital m which is equal to a times b minus one That is also a secret number Because if you knew that you could figure out a and b We're going to compute this value e which we get by making a prime times m plus a Uh lowercase e the value itself can be public But we shouldn't disclose exactly how we calculate it meaning you shouldn't show this work You're like, I don't want to know what a prime and a and m are Because that's going to ruin the secrecy of the system. So just the value of e itself is public Likewise, the value of d is b prime times m plus b D needs to be secret that that's going to be our part of our private key here in a moment And then we're going to compute n n is just the product of e and d minus one all divided by capital m That is also a public result. So the value of n that we use will be public information We're going to combine the public information to make our public key and it's going to be an ordered pair e comma n And our private key is going to be d comma n So n is really public information But it is part of the private key in order to use the secret value of d You also need to know n. So we kind of stick them together in that ordered pair To encrypt a message We'll let our plain text message be an integer. We can either use the ascii table to convert characters to numbers or however You want to do that? There are a few requirements for your message m needs to be less than n and share no factors with n The mathematics behind this won't work unless that's true now ways that you can maybe ensure that that happens Is if we go back a moment If you choose your values for a b a prime and b prime to be prime numbers It's going to make it very unlikely That m shares factors with n Not impossible, but very unlikely. So we just want to double check it But if we if we take those necessary precautions, it shouldn't happen very often And then to encrypt a message. This is almost exactly like what we saw With a multiplicative cipher you take the value of your message m and you multiply it by the public key e And then you're going to mod it by the value of n That's your encrypted message to decrypt it Here you do the same thing. Let's assume our cipher text message is an integer c So that's the one you just received you multiply it by d the secret key And you mod by n Again, and it should recover the plain text message back Let's see an example of this with actual numbers to see how it might work So let's say we've got bob bob wants to send a really simple message capital letter b Alice therefore needs to have a key that he can that that she can give bob to encrypt right bob's going to need Alice's public key. So she needs to have one. So she's going to make one. She chooses a for seven a prime is five b is 13 b prime is 11 So she'll go ahead and compute m m is 90 And then she needs to compute e so she'll take a prime times 90 Plus a and she gets 457. That's public information. She's going to get ready to share that to bob here in a minute She also needs to compute d So that's b prime times m plus b using her values that gives her 1003 She lastly needs to compute the value for n So to compute n that's e times d minus one all divided by m that gives her 5000 and 93 So she now has all the information she needs to make her public and private key pairs So her public key is the ordered pair 457 comma 5093 and her private key pair is 1003 comma 5093 So she's going to send that public key over to bob Eve now also knows the public key because eve was watching that transmission. So she knows that But that's not going to be helpful to her. We'll see why in a minute Alice is going to hold on to her private key and just to save some room. We're going to hide the rest of the information Bob takes his message b converts that to binary using the ascii table and then converts that to decimal. So that's 66 Bob encrypts the message By doing e times m mod n which in this case is 457 times 66 mod 5000 93 and he gets a encrypted message of 4697 Now he could send that across the line as an integer, which is what we're going to do now He could turn that into binary and then into base 64 or whatever he wants But the idea is he's going to get you need to make sure that number gets over to alice So he sends it over Eve now knows that information as well because remember eve's keeping an eye on things But what eve can't do is what alice can do Alice can take that private information 1003 multiply it by the encrypted message of 4000 4697 mod by 5093 and recover the plaintext message of 66 as a decimal Which you can convert the binary and convert back to the character using our ascii table eve can't recreate that Because eve doesn't have 1003 and it's pretty hard for her to figure that out think about back to our multiplicative cipher Remember d and e are multiplicative inverses Which means that she would need to try all the numbers between zero and 5093 to figure out which value Is a multiplicative inverse with 4000 sorry multiplicative inverse with 457 There's a lot of choices Now if she's doing that by hand it would take her too long a computer could make short work of that But that's okay. We're going to see we can maybe beef this up here in a minute So why do we say this is secure for now? It's really not secure, but we're going to say it is for now It's the exact same point. I was just talking about E and d are inverses of each other multiplicative inverses of each other in this mod n And we don't know a really easy way yet to calculate multiplicative inverses for a number In a given modulus without just trying all the other possible values for d that's going to take a long time So especially if we compute a b a prime b prime We choose those numbers to be very large then n is going to be very large as well And it's going to take a tremendous amount of time to try all the possible values of d Even for a computer So why isn't this secure? Why can't we just choose really big values so that our computer? Can't try all of them in a reasonable period of time. There's a reason why this is called kid rsa, right? It's not the real deal It turns out there's an interesting piece of mathematics that we're going to learn about in our next lesson That's much more efficient than trying all possible values for d This algorithm is called the euclidean algorithm and it allows us to way to quickly determine multiplicative inverses in a given modulus On orders of magnitude faster than just trying them all So we're going to see this is not secure in practice But we do know a way to improve it and we'll learn about that when we tackle the real rsa That's it for today. Thanks for watching. We'll catch you on the next one