Cryptography is obviously
extremely important in what
we are doing today, with our
networks and our computers.
The term cryptography
comes from the Greek word
"cryptos," which means
hidden or secret.
And that's exactly,
obviously, what
we're doing when we're
talking about cryptography.
There are number of
features that cryptography
brings to the table.
One is confidentiality.
This is the one we
normally think about.
If we're going to send our
credit card information
across the internet we want to
be sure that nobody in between
would be able to see that
credit card information.
They'll have all of that
information absolutely secret.
Nobody's able to see it
except for me and the person
that I'm sending it to.
Everything else,
completely confidential.
The authentication
and access control
is also a capability
that's provided
to us through cryptography.
This authentication
method means that if I'm
putting in a username
and then a password,
the cryptography around that
password and the way that we
keep it secret
validates that it is me.
I'm able to send that
message in an encrypted form,
and the other side is able to
validate that that is indeed
exactly the person I
would be expecting there.
There's also a capability
called non-repudiation,
which means if I receive
a message from you
there's no way you can say
that you did not send this.
I can really tell that
this was you that sent it.
There's no way you can deny
what you put into this message
because I have a way to
determine that it really
did come from you, and that you
really did write these things.
And that also brings
us to integrity.
We know that when we
receive this message,
and we check it with these
cryptography and the methods
that we're going to talk
about, that we can be assured
that nobody has
tampered with anything
inside of this message.
If anybody was to change
one word, or one letter,
we would be able to notice it.
And cryptography makes sure
that when we receive a message
we can be sure that it
was not tampered somewhere
along the way.
There are a number
of common terms
you'll need to know
about cryptography.
The first is plaintext.
Before you encrypt anything
it is plaintext, or something
that we sometimes will
call in the clear.
If we were to send
this information out
over the network anyone
would be able to read it.
We haven't done any type
the hiding or encrypting
of this message.
Once we do encrypt
the information
it becomes ciphertext.
We have taken our plaintext,
we have applied a cipher to it,
and the resulting encrypted
information is the ciphertext.
That cipher is what we're
using to encrypt that message.
It's an algorithm.
It's a mathematical
method that we
are using to take the plaintext
and encrypt it or convert it
into something that
people can't read.
And that is the cipher
that allows us to do that.
The art of cracking
this encryption
then is cryptanalysis.
Having your cryptographers
in a government facility
trying to understand and
make sure that the messages
that they are
sending our secure,
and trying to crack
the messages that
are coming from other places,
is a big, big business.
And even though it's something
that is relatively hush, hush
and top secret, it's something
that is happening every day.
There are many different ways
to scramble up a message,
and encrypt it in a way that no
one would be able to read it.
One common way is something
called a substitution cipher.
This is one of
the oldest methods
that you'll find
of encrypting data.
This is also called
Caesar's cipher
because Caesar is one of
the people that originated
this method of sending
information back and forth,
and certainly made
it very popular.
What he did was take
a normal alphabet
and he changed all of the
letters down a certain number.
In fact, a very
common one is ROT13.
You've rotated
this group 13 steps
to the right so that instead
of writing a letter A,
you would write the letter N.
Instead of writing the letter
B, you would write the letter O.
So your cipher is
really this 13.
As long as you know the number
13 you can take a message
and encrypt it and decrypt
it with that particular key.
This is obviously something
that would turn this funny
looking message
into, hello world.
It's a very simple one to do.
And it made it very easy
to send this message.
It's encrypted,
you can't read it.
You would have to know exactly
what you would need to do,
how many methods, how
many sections you needed
to move this down
and rotate it, to be
able to read that message.
Another type of cipher is
a transposition cipher,
where we keep exactly
the same letters
but we just scramble them up and
put them in a different format.
And then you would provide
the person on the other end
with the key-- what letter
should go in what position.
And they would transpose
them back into the order
that it was designed so that
you could make hello world out
of this scrambled
bunch of letters that
has exactly the
right letters in it,
they're just all
in the wrong place.
We often see people
trying to figure out
these particular
sections of ciphertext.
And one of the methods it
they'll use, especially
on these older substitution
ciphers and transposition
ciphers, is to use
frequency analysis.
They'll examine the
entire ciphertext
and they'll try to determine
how many times do I
see the letter R?
How many times do
I see the letter Q?
How many times do
I see the letter W?
And they'll start
creating a frequency
table of how many times we're
seeing different characters.
And if we think that this
is the English language,
we know the letter
E is certainly
one of the most popular letters.
T is the second most,
A is the third most,
O is the fourth most, and so on.
And you can start substituting
in some of these frequencies
that we're seeing
in our ciphertext
to try to figure out exactly
what the real message might
be inside of that ciphertext.
Well obviously, in modern times,
a ROT13 or a transposition
cipher is not really going
to keep things very safe.
So we started to see things
like mechanical ciphers appear
around the World
War II time frame.
This is one that Germany used.
This is an Enigma machine,
which took a message
and encrypted it using a
piece of machinery, which
means you would have to have
this piece of machinery on one
end, and this piece of
machinery on the other end,
to be able to decrypt
the messages that
were being sent back and forth.
Being able to hack or crack
that particular encryption code
was an extremely
important part of what
happened during World War II.
A lot of interesting
history there.
There are also
mathematical ciphers.
And these are the ones
that we will probably
see the most of,
especially in modern times,
because if you can make it a
very, very complex cipher then
obviously it will
be very, very, very
difficult to be able to decrypt
that message in some way.
And we're going to go through a
number of mathematical ciphers,
not just in this video,
but in many others were
we will talk about hashing.
We'll talk about doing
symmetric encryption,
and asymmetric encryption.
If you're at all interested
in getting into cryptography
you will need to have an
extremely strong background
in mathematics.
We've talked a little
bit so far about keys.
And we've talked about if
you know what the key is then
when that encrypted message
gets on the other side,
you can apply a key to it,
with the correct cipher,
and come up with the plaintext,
back to the information
we wanted to get our hands on.
These keys can be very
simple, like the ROT13 key.
We needed that number 13.
That was the
important part of it.
If it's something
like a PGP or GPG,
and we'll talk more
about those as well,
the keys are very, very complex.
This is my public
key, for instance,
that I use when I start
encrypting information
using some asymmetric
encryption method.
So you have to make sure you
have the right kind of key
for the message
that you're getting
so that you can
encrypt it properly.
Another cryptography
technique is a one-time pad.
This is one where you would have
a page of letters on one side.
You have exactly the same page
of letters on the other side.
The person who is
encrypting the message
will go through each
letter of the message,
and they would combine the
first letter of this pad
with the first letter
the message to come up
with ciphertext.
Then the second letter of the
pad with the second letter
of the plaintext
message to come up
with the next letter of
the ciphertext, and so on.
They would go all the way
through your plaintext message
to create the ciphertext.
And obviously this would
be very, very difficult
to be able to decrypt
unless you had
this exact key on both sides.
You'd have to have that
exact pad of paper, which
is where the one-time
pad comes from.
You use that message one
time, you get rid of it.
And you have a completely
new key, a completely new
one-time pad, to be able to use.
You use it one time
and you're done.
So the next message,
even if the first message
was decrypted in some way,
the second message someone
would have to start all the
way from the beginning again
to try to decrypt that message.
It is all of these different
cryptography methods
and cryptography features
that really provide us
with a very, very powerful way
to keep all of our information
private on our computers
and across our network.
