Secret Key Exchange (Diffie-Hellman) - Computerphile

Поделиться
HTML-код
  • Опубликовано: 23 дек 2024

Комментарии •

  • @OscarAlsing
    @OscarAlsing 7 лет назад +1541

    Poor Alice and Bob. Always exposed. Always out there. Never left alone. ❤️

    • @kduhtdkzrt
      @kduhtdkzrt 7 лет назад +5

      To answer the question about the aggressive tone in advance, I'm drunk, not austistic. No harm meant.

    • @ragnkja
      @ragnkja 7 лет назад +43

      Eve is always stalking them...

    • @kduhtdkzrt
      @kduhtdkzrt 7 лет назад +1

      Damnit. You're right.

    • @malporveresto
      @malporveresto 7 лет назад +10

      #Pray4AliceAndBob

    • @TruthNerds
      @TruthNerds 5 лет назад +3

      Meh. What if Alice and Bob are just attention whores?

  • @denisr5250
    @denisr5250 5 лет назад +262

    The analogy with colors in this video is pure genius! Thank you guys, this was an amazing introduction to Diffie-Hellman!

    • @aerodynamico6427
      @aerodynamico6427 8 месяцев назад +1

      Diffie-Hellman's original paper will drive you up the wall.

  • @ScottPlude
    @ScottPlude Год назад +57

    5 years later and this is still done a million times a minute out there. Very well explained, thank you!

    • @nishantdalvi9470
      @nishantdalvi9470 Год назад

      Hey can you please clear my doubt, Actually I am kind of bit confused about the ordering of the events which takes place while TLS handshake does the digital certificate part which server shoots to the client to tell the client it's integrity and provide client it's public key happens before Diffie Helman key exchange or after it or eventually during the key exchange

    • @ScottPlude
      @ScottPlude Год назад

      @@nishantdalvi9470 why are you responding to me after 5 months? FIVE MONTHS!?!?!?!

  • @RobertMilesAI
    @RobertMilesAI 7 лет назад +64

    Nice! This is a subject I should have covered immediately after the Public Key Cryptography video, since that one lays out the problem of exchanging keys that Diffie-Hellman solves. Great to see such a clear explanation, I doubt I'd have gone to the effort to get coloured liquids!

    • @proloycodes
      @proloycodes 2 года назад

      robert miles with only 4 likes and no replies?
      also, first!

    • @AyushMo
      @AyushMo 2 года назад +1

      Your public key crypto video was amazing! So was this one !

    • @Democracy_Manifest
      @Democracy_Manifest 2 года назад +1

      Is it a 'clear' explanation though, or a coloured one?

  • @nO_d3N1AL
    @nO_d3N1AL 7 лет назад +5

    What I like most about this channel is the ability of the presenters to explain things simply without mathematics. That is real teaching, not reciting formal proofs and equations

    • @WofWca
      @WofWca 6 лет назад +4

      Reciting formal proofs is also teaching, just for more advanced.

  • @ennis_w
    @ennis_w Год назад +2

    Everytime I feel confused by e2ee or key exchange, I will come back and see these videos. Really helps.

  • @CGoody564
    @CGoody564 7 лет назад +42

    Watched the defcon presentation from years ago given by the creator of the diffie-helman key exchange... It was absolutely fascinating. Dude is an innovator and pure genius. Seems like a nice guy as well

  • @frenchify7506
    @frenchify7506 6 лет назад +64

    I really like this guy. Been watching and rewatching his lessons for like 3 hours.

  • @phoenix2464
    @phoenix2464 7 лет назад +553

    yessss him again

  • @dmatuzo
    @dmatuzo 7 лет назад +74

    How curious, PBS Infinite Series have been talking about encription in the last few days. Now I've got double the encryption bonanza! This has been a good week.

    • @smob0
      @smob0 7 лет назад +5

      I think the next video in the series will be about this key exchange.

    • @remuladgryta
      @remuladgryta 7 лет назад +2

      Further, one of the Royal Institution's recent videos used the same color mixing analogy to demonstrate key exchange.

    • @curtmack
      @curtmack 7 лет назад +7

      The color mixing analogy has been used to describe Diffie Hellman key exchange for a couple of decades at least.

    • @heyraylux
      @heyraylux 7 лет назад

      curious indeed.....

  • @ironman85000
    @ironman85000 7 лет назад +52

    I'm a simple man. I see a computerphile video with Mike Pound, I click like

  • @goshisanniichi
    @goshisanniichi 7 лет назад +374

    Random squirting of fluids... exactly what I wanted to see this early in the morning...

    • @therealquade
      @therealquade 7 лет назад +80

      the random squirting of fluids, by alice and bob, out in public.

    • @troyjones9344
      @troyjones9344 7 лет назад +7

      ohhhhhh myyyyyyyy

    • @TheWolfboy180
      @TheWolfboy180 7 лет назад +11

      Thomas Carrel It’s ok, no one minds if it’s done by Dr. Mike Pound

    • @xxwaldi
      @xxwaldi 4 года назад +1

      @@therealquade yeah they should rather put it in the privates

    • @mrsmith1097
      @mrsmith1097 4 года назад

      Is that Super Sonico?

  • @kingbran923
    @kingbran923 2 года назад +8

    Sir, you have sincerely helped me with my homework far more than my textbook ever could. Thank you so much for making these videos! :D

  • @CristiNeagu
    @CristiNeagu 7 лет назад +347

    1:04 First rule of cryptography: Unless your job is to create cryptographic algorithms, *never* implement your own cryptographic algorithms. You *will* screw it up.

    • @paterfamiliasgeminusiv4623
      @paterfamiliasgeminusiv4623 6 лет назад +23

      Nice advice because it is such a tempting prospect.

    • @baatar
      @baatar 6 лет назад +3

      Why would you even want to implement your own in the first place?

    • @0ijm3409fiwrekj
      @0ijm3409fiwrekj 6 лет назад +55

      @@baatar for funnnnnn

    • @paulzapodeanu9407
      @paulzapodeanu9407 5 лет назад +42

      In high school I thought I was being clever and did this. Took my deskmate about 1/2 an hour to crack it. Despite many evidence to the contrary, I still think I'm clever.

    • @sir_slimestone3797
      @sir_slimestone3797 5 лет назад

      @@paulzapodeanu9407 Let me guess, simple substitution

  • @StuffOffYouStuff
    @StuffOffYouStuff 4 года назад +8

    Fantasticly simple and easy to understand explanation, thank you for this.
    I'm studying for the Sec+, so basics atm. But i've been getting very confused by some of the terms around encryption. I'm going to ask a completely naive question. I understand to encrypt there are two components, 1) the algorithm, 2) the key. I've seen Diffie-Hellman described as a) a public key encryption algorithm, b) a key exchange protocol, c) a public-key encryption protocol.
    RSA is also described as an asymmetric public key encryption algorithm.
    Diffie-Hellman only generates keys, it does not provide an algorithm for use with those keys to then encrypt data
    RSA also generates keys, but can also encrypt/decrypt data
    So, my questions/assertions:
    1) Is there general misuse of the term "encryption algorithm" or just "encrpytion" as to what that encompasses? What should it encompass?
    2) My current feeling is, Encryption = 1) the algorithm, 2) the key (but not the key generation). Encryption algorithm = 1) literally just the algorithm, not the key. EErr, i don't know what term to use that would also encompass the key generation bit. So yeah confused still.
    2) The process of Diffie-Hellman key generation/exchange is still considered an encryption algorithm because it outputs data (the shared public) that makes deciphering the input to create it practically impossible?
    3) Diffie-Hellman is considered asymmetric because it generates a private/public key pair first?
    4) Diffie-Hellman can also be used to generate asymmetric keys ONLY?
    5) So the private symmetric keys Diffie-Hellman creates would form the symmetric keys for one of the symmetric encryption algorithms like RC4/AES?
    4) Looking back at the above then, the term encryption looks like it should actually include the discrete phase of key generation/distribution?

    • @tudoralexandruienulescu2214
      @tudoralexandruienulescu2214 10 месяцев назад

      I am also studying Sec+
      From what I (think I) know, here are my answers:
      1 - There is no misuse. Encryption describes the goal of the action, the algorithm is what any algorithm is. A chain of operations for a specific goal. "Encryption algorithm" is fine.
      2 - You are overthinking I guess. "Encryption" is a term used to describe the topic of the discussion (for example). The term "Encryption algorithm" is getting into details and explaining what is, why it's needed, how it works (each step of the process aka the algorithm), etc.
      3 - Diffie-Hellman is assymetric because the Bob and Alice don't have all the same keys in their own pockets. Alice does not have the "b" key and Bob does not have the "a" key.
      4 - From what I learned thus far, yes. DH is the general example for generating asymmetric keys.
      5 - YES
      6 (or maybe 4) - I don't think so. encrypting something using a cypher is one thing, using a handshake or other ways to communicate between parties is another (just like DH).
      The DH is the actual method used to sharing of a secret key between two people who have not contacted each other before. It does not refer to the cyphers at all.

  • @daviaquino3625
    @daviaquino3625 Год назад

    I am writing Javascript decryption libraries for Apple Pay, Google Pay and Shopify and came across this video trying to learn more about the theory. Fantastic!

  • @dasjucktmichnicht6727
    @dasjucktmichnicht6727 2 года назад

    i love the style of the whole channel! proofs nobody really needs power point or laborious anmations.

  • @Seansaighdeoir
    @Seansaighdeoir 3 месяца назад

    The use of the coloured liquids is genius and perfectly illustrates the problem of understanding that despite the visible colour combination it in no way exposes the constituent components.

  • @user-qf6yt3id3w
    @user-qf6yt3id3w 7 лет назад +3

    One thing I liked about Hellman was that not only did he invent a clever way to distribute private keys he also invented a decent tasting mayonnaise with an enormous shelf life.
    It has been forecast that a jar or mayonnaise will still be more or less OK even after being stored at refrigerator temperatures for five thousand years.
    If the Ancient Egyptians had known about Hellman's mayonnaise recipe and had stored a few sealed jars in the pyramids we'd still be able to open them and make a decent tuna mayo sandwich.
    Probably long after the nuclear apocalypse we'll be eating Hellman's Mayonnaise probably with roach meat. Or maybe the roaches will win and eat Human Mayo sandwiches.

  • @Laurabeck329
    @Laurabeck329 7 лет назад +188

    This demonstration was a classic Parker square.

  • @quintencabo
    @quintencabo Месяц назад

    This is such a great video! Honestly the most intuative explination I have seen. Even kids can understand this.

  • @giorgibakradze8734
    @giorgibakradze8734 2 года назад +1

    Thank you. This video really made the concept of Diffie-Hellman key exchange clear for me.

  • @Deiwulf
    @Deiwulf Год назад

    Finally explanation of the main part that's missing like literally everywhere else. Good lord.

  • @chrisgsauce
    @chrisgsauce 2 года назад

    I've never seen a clearer explanation of DH. Thanks guy!

  • @kigtod
    @kigtod 7 лет назад +6

    A very clear explanation as usual, but it would have been nice for Mike to briefly mention that a trio at GCHQ - Ellis, Cocks and Williamson - came up with the idea first.

  • @khawajaazfarasif4865
    @khawajaazfarasif4865 2 года назад +3

    Beautifully explained.

  • @LHyoutube
    @LHyoutube 3 года назад +7

    I would have understood a lot more mathematics had it been presented so intuitively!

  • @MrMamfbr
    @MrMamfbr 2 года назад +1

    4:55 that's the most important part in my opinion, and the video kinda dismiss it as granted. If the yellow is public, I can calculate the difference to it. How do you make sure it cannot be reversed? this is the magic

  • @davidoconnor9167
    @davidoconnor9167 3 года назад +1

    Excellent, clear explanation, and the colours really showed the process visually, thanks guys!

  • @rithviksaranumasaravanan7925
    @rithviksaranumasaravanan7925 4 дня назад

    This was the next video I saw after seeing the ECC video and Diffie-Hellman concept is now understood. Dr Mike on top. btw I'm about watch the mathematical version of Diffie-hellman so I'll see you there.

  • @brboLikus
    @brboLikus 7 лет назад +39

    But what does 'n' do?

    • @Computerphile
      @Computerphile  7 лет назад +19

      +Vjekoslav-Leonard Prčić watch the extra bits

    • @brboLikus
      @brboLikus 7 лет назад +2

      Oh.. Thanks!

    • @coolguy-dw5jq
      @coolguy-dw5jq 7 лет назад +1

      N is your message

    • @NateROCKS112
      @NateROCKS112 4 года назад +4

      @@coolguy-dw5jq no, n is your modulus. See the mathematical video for what it does

    • @srt-fw8nh
      @srt-fw8nh 4 года назад +9

      If water in either of those bowls overflows, n's job is to clean it up.

  • @kanskejonasidag1
    @kanskejonasidag1 7 лет назад +35

    Mike Pound?? Instant like! :D

  • @lumanaughty1025
    @lumanaughty1025 4 года назад +6

    This might be the quarantine talking, but I’m starting to get a crush on this dude

    • @ruijiebai7531
      @ruijiebai7531 4 года назад

      lol,i feel you ,i wish my lecturer could have his face then i wont skip any lecture

  • @dubonbiton1706
    @dubonbiton1706 4 года назад +1

    What an incredible video! Fantastic way to understand how VPN key exchange works!! Thumbs up

  • @realprathap4732
    @realprathap4732 5 месяцев назад

    I studied Diffie-Hellman in college from a textbook, but after a few years, I forgot it because I shifted to a different field. And now I am watching this RUclips videos random, and my reaction, Wooow, yeah, that makes sense now!
    😯

  • @almiskea
    @almiskea 10 месяцев назад

    Great explanation, I have been searching and no one has explained it as well
    Thank you

  • @westa1979
    @westa1979 3 года назад

    This video makes so much sense. And I get that it would be used to exchange, say, an AES key. But I thought symmetric keys were exchanged with asymmetric encryption, such as RSA. When would one chose DH instead? (Answer probably in another video)

  • @unvergebeneid
    @unvergebeneid 7 лет назад +19

    2:53 that sound though! =)

  • @zeikjt
    @zeikjt 7 лет назад

    The water with food coloring mixing is a subtraction (so it'll converge on a dark muddy color), but the computer generated mixing is an addition (it'll converge on white). Aka, paint vs light.

  • @Crypto_Wiz
    @Crypto_Wiz Год назад

    Brilliant. My professor could not even come close to such a great explanation.

  • @jme_a
    @jme_a 7 лет назад +131

    Great video, but surely the simpler method with the colours would have been to have ramekins with clear water and then add X drops of food colouring for the stages?! 😂

    • @AloisMahdal
      @AloisMahdal 7 лет назад +21

      Apparently Mt.Dew vending machine was closer than a food coloring vending machine.

    • @AlexRasengan1337
      @AlexRasengan1337 6 лет назад

      But that wouldn't work, the private keys are different.

    • @agentjeyjey9757
      @agentjeyjey9757 4 года назад

      @@AlexRasengan1337 Not for the private keys, for the public key (g)

  • @fridric2916
    @fridric2916 3 года назад +1

    Dr. Mike Pound is just a great great teacher

  • @aciddraconian13
    @aciddraconian13 3 года назад +1

    I have been so clueless with cryptography and cannot find one braincell to focus on most reading material (darn you ADHD) but stumbled along here and it made complete sense, wow.

  • @rezaghochkhani
    @rezaghochkhani 4 года назад

    This is the greatest video I have watched on encryption, ever!
    Thanks a lot.

  • @tehn00bpwn3r
    @tehn00bpwn3r 4 года назад +1

    In the colour analogy we can basically tell what the private key is as we know what g is. I’m guessing with the mathematical function the end result is randomised.

  • @sachinpandeyatd
    @sachinpandeyatd 3 года назад

    tomarrow I have new sec and cryptography exam, and this topic has high possibility of coming, this is the best explanation I found,

  • @forrestglenn2520
    @forrestglenn2520 7 лет назад +1

    if you pause at 1:39 and look at the floor behind him, there is what appears to be a drain, why would that office have a drain?

    • @iAmTheSquidThing
      @iAmTheSquidThing 7 лет назад +1

      Because of all the coloured liquids required for computer science.

    • @xybersurfer
      @xybersurfer 7 лет назад

      interesting. i wonder

    • @ximalas
      @ximalas 7 лет назад +2

      Maybe the office was formerly a lab?

  • @programmercouple
    @programmercouple 3 года назад

    Finally understood the Diffy-Hellman concept. Thanks

  • @Darieee
    @Darieee 6 лет назад

    Just a word for mac users, doing powers and module on the mac Spotlight Search doesn't (or at least didn't used to) work
    I had a friend over and wanted to show him how sexy DH key exchanges were (yeah we're the coolest kids in town), and ... the spotlight app gave wrong results, so at the end of half an hour of explanations, the whole thing didn't work at all ... wolframalpha saved the day in the end though

  • @DaMaZa1234
    @DaMaZa1234 4 года назад +1

    I would like to Thank you Dr.Mike Pound for this information. it make me understand what is Diffie-Hellman is and i would like to take this video to be your reference in my work i have been put credit for u i really appreciate what u have done for us this video is just 8min it fun and i love this video Thank you

  • @NOCDIB
    @NOCDIB 2 года назад

    7:29 - I think he meant "strenuous" instead of "tenuous." The first one means "strong" while the second one means "weak."

  • @Flqmmable
    @Flqmmable Год назад

    For the part where you mix the colors and you say that its hard to know what colours were put together to make the final color, I kind of think of it as if the color were in hex color code format; by itself, you have the hex value but theres not may you could definately know what two colors were 'put' together to make it.

  • @wiltonlawrence882
    @wiltonlawrence882 5 лет назад

    This is the best explanation of key exchange i came across, thanks for uploading this

  • @GamingKing-jo9py
    @GamingKing-jo9py 4 года назад +2

    divide abgg by g and you get abg, or is that also hard?

  • @bakeshonai9598
    @bakeshonai9598 2 года назад

    Awesome explanation! But, what is the use of n? Why doet it not have any color?

  • @syeduzairahmed
    @syeduzairahmed 2 года назад

    Very simplified approach of teaching. Great video

  • @Tay-ky3fi
    @Tay-ky3fi 3 года назад

    4:56 We can't reverse the process.. Can you make a video detailing WHY it can't be reversed?

  • @matteoagius-darrigo7632
    @matteoagius-darrigo7632 Год назад

    my favorite video on youtube!

  • @edmundderek
    @edmundderek 4 года назад

    so glad that your video made it in the bibliographie of my PFE

  • @42svb58
    @42svb58 3 года назад +1

    Best breakdown ever

  • @florianfanderl6674
    @florianfanderl6674 3 года назад

    Recently discovered this channel and I love it ❤

  • @hamzamunir8180
    @hamzamunir8180 4 года назад

    this guys saved my semester.

  • @krillansavillan
    @krillansavillan Год назад

    6:40 "Mathematical functions that are much more precise than my random squirting of liquids" bars

  • @BackWithTheBoom
    @BackWithTheBoom 4 года назад +1

    Mathematical squirtings, LOVE THIS GUY XD, i follow this guy almost for a couple years, such a MVP

  • @trollflix
    @trollflix 3 года назад

    This guy is a genius. The explanation method is high level. You must be a teacher. 😍😋

  • @tapewormerbinkosti3141
    @tapewormerbinkosti3141 Год назад

    One of these mathematical functions is: Alice sends g to the power of a (modulo prime number p). Bob sends g to the power of b (modulo p). The shared key is then: g to the power of a (modulo p) to the power of b (modulo p) which is the same as g to the power of b (modulo p) to the power of a (modulo p).

  • @texivani
    @texivani 7 лет назад +4

    One thing I still don't understand is why an attacker, knowing what g is, can't intercept the transmission of ag and bg to figure out what a and b are?

    • @MrGoatflakes
      @MrGoatflakes 7 лет назад +4

      Because the functions are irreversible. And neither can you combine ag with bg to get bag, instead you'll come up with another value agbg, which has an extra g, which you can't remove, because the functions are irreversible. Unlike in the colours where you can measure the tone and just subtract out the red or what not with filters. You can't do it with the actual mathematical functions. functions used.

    • @aaronmashburn4180
      @aaronmashburn4180 6 лет назад

      You would need the server's private key

    • @exactzero
      @exactzero 4 года назад

      Because ag or bg is NOT just combining the characters 'A' and 'G' resulting to a plain 'AG'. As he said, ag/bg just represents the output of the function that is almost irreversible.

    • @texivani
      @texivani 4 года назад

      @@exactzero Ah, nevermind it just clicked. You **can** get a and b, but you can just as likely also get c, d, e, and a billion others the same way. Somehow when you apply encrypt(a, g), a gets lost.
      That's the part I need to understand better

  • @999999GALLADE
    @999999GALLADE 7 лет назад

    I was actually looking for a good Diffie Hellman video a couple of days ago - how convenient!

  • @Bull-n-Bear
    @Bull-n-Bear 4 года назад

    You could intercept both the generated key and after coming back out both AG and BG right? That would make it possible...

  • @techieSudhakar
    @techieSudhakar 2 года назад

    Thanks for the video. How does Alice and Bob choose same g value?

  • @aaronbryant1154
    @aaronbryant1154 9 месяцев назад

    If you know what G is and you see the combined values (which include g) in the shared space you should be able to get the private values

    • @aaronbryant1154
      @aaronbryant1154 9 месяцев назад

      I'm going to the math video next. I don't really like math either though because the concept of equality to infinity just leads to a paradox at some point.

  • @wakomike29
    @wakomike29 4 года назад

    This helps soooo much with my university studies! Dr. Pound, your the best.

  • @1992Razvy
    @1992Razvy 7 лет назад

    Great video and execution. Always I need to know how something in practice works to know if I really need it in my project and then I need to know the math behind to reproduce myself. I just got here again after watching the math video, beause I have to go back to solidify the knowledge.

  • @WilliamsLovesToLearn
    @WilliamsLovesToLearn Год назад +1

    what was the purpose of n in this video?

    • @danielf.7151
      @danielf.7151 Год назад

      It is used in the same steps as g. that only matters for the actual math, the rough principle is the same

  • @afordar
    @afordar 7 лет назад

    can you please explain the post quantum cryptography, what is the method, what makes them resistant to being deciphered by a quantum computer

  • @fieryweasel
    @fieryweasel 3 года назад

    "Mathematical functions are much more precise than my random squirting of liquids." - Can't argue with that, check my bathroom floor.

  • @mancaleposa9775
    @mancaleposa9775 2 года назад

    Could you reverse the mixing of the keys by knowing the mathematical parameters that were exchanged in the beginning?

  • @MakerTim
    @MakerTim 7 лет назад

    Thanx!
    I got NOW my college about EXACT this
    and your explanation is way more clear

  • @claudiuargeseanu1952
    @claudiuargeseanu1952 2 года назад

    So I understand from this video that Diffie-Hellman requires a pair of keys: private - public
    How Diffie-Hellman gets its private and public keys when there are non configured?
    In IPSec for example, where are these pairs of keys taken from if I configure my peers to use password-based authentication?

  • @crazedvidmaker
    @crazedvidmaker 7 лет назад

    are there multiple a' such that a'g=ag or is it simply computationally difficult to find a' such that a'g=ag, but a' always equals a

  • @rursus8354
    @rursus8354 3 года назад +1

    I'm darned *interested* in the mathematics of Diffie-Hellman and whatever, I'm just a little bit rusty - please don't skip the maths just because the non-computing world believes that ignorance is a virtue, but keep it simple so that most of us aren't lost.

  • @atadjs
    @atadjs 2 года назад

    Diffie-Hellman explanation was good, however please explain why do you have dot matrix printing paper in 2020

  • @laurelineparis5407
    @laurelineparis5407 Год назад

    Nice, fun and accessible way to explain it :)
    Really enjoyed the analogical explanation
    Thanks for sharing 🙌

  • @guyguifo504
    @guyguifo504 2 года назад

    please assist to give key length & block size of following Asymmetric Encryption Algorithms: RSA - ECC- ELGANAL-DSA- Diffie-Hellman. Thank you

  • @danieltjones01
    @danieltjones01 7 лет назад

    It won't matter which order you put the colours in. It's only the ratios that make the difference. You can't say that because you put the blue in first it made that one darker.

  • @willk7184
    @willk7184 3 года назад +1

    Neat, I finally understand the basics of something I was always curious about. But now I'm thirsty.

  • @akshaykkapoor
    @akshaykkapoor 6 лет назад

    Best explanation of DH with such a simple example ..great work ..keep it up

  • @evarakovska3302
    @evarakovska3302 3 года назад

    Thanks for whole serie of videos! I found something useful for my students and it is great!

  • @inx1819
    @inx1819 5 лет назад

    This video teached me more than 9 years in primary school, thank you so much, I'm just getting started in the cyber security field and I honestly can't thank you enough.
    I'm 14 right now and I understood everything clearly, so you are a great guy!!

  • @Jan-vv1zk
    @Jan-vv1zk 7 лет назад +1

    RSA is also used for key exchange, right? So what's really the difference between DH and RSA?

    • @michaelpound9891
      @michaelpound9891 7 лет назад

      RSA provides confidence in the identity of one or both parties, it's rarely used to actually key exchange. I'll try to do a video on this!

    • @goofygoober1009
      @goofygoober1009 7 лет назад

      Hello Michael, this is my second channel. Thanks a lot for the answer and potentially for a new video. :) That's the thing with the PKI. More I study it less I understand it.
      Just this week we have been putting in place some countermeasures against the ROBOT attack at work.
      ROBOT affects TLS cipher modes that use RSA. This attack fully breaks the confidentiality of TLS when used with RSA encryption.
      For example, on one of our customer's VPN gateway, they use a cipher suite with following ciphers for SSL VPN:
      TLS-DHE-RSA-WITH-AES-128-CBC_SHA
      TLS-RSA-WITH-AES-128-CBC-SHA
      My understanding is that TLS-DHE-RSA-WITH-AES-128-CBC-SHA uses elliptic DH for key exchange and RSA just for signatures, therefore it is not vulnerable. On the other hand my deduction was, that with TLS-RSA-WITH-AES-128-CBC-SHA, RSA is used for the key exchange. Therefore my question was, what is the real difference between DH and RSA?
      Is there any major difference apart of the confidentiality support of the RSA? The general recommendation is to use DH over RSA. I am still pretty new to this, so I might be just completely confused.
      Greetings from Prague!
      Jan

    • @michaelpound9891
      @michaelpound9891 7 лет назад +1

      There's quite a big difference between those two suites. You're right, in the first DH (not EC unless it says ECDHE) is used to generate session keys. During the handshake RSA is used to sign the servers public part of that key exchange, at which point the client checks the certificate and signature.
      In the other mode, RSA is used for everything. The client checks the certificate, and then generates a session key at random. It then sends this by encrypting using RSA such that only the server can read it. The issue with this approach is it relies on noone ever leaking or breaking the RSA key, ever. In a year's time, if that key is leaked, any recorded historic handshake will be trivial to read and find out the session key, and so decrypt all messages. In the DH variant, this isn't the case, breaking the RSA key is still bad, bit all you'll see is diffie Hellman exchanges, meaning you still can't decrypt any messages.
      This is why in modern suites RSA alone is almost always inadvisable. RSA keys are not rotated frequently enough for this to be ok.

    • @TruthNerds
      @TruthNerds 5 лет назад

      RSA is very different in that it's not (necessarily) about collaborative key generation like DH. Instead, when RSA is used to provide privacy, each party generates a random key (usually for a symmetric cipher like AES), encrypts it with the other party's public key and sends it over. You can use the other party's key, after decrypting it with your private RSA key, to encrypt the traffic unidirectionally, or you could combine the two keys e.g. with XOR. As Dr. Pound said, this does not offer what is called forward secrecy. In a nutshell:
      - DH = key exchange algorithm (with forward secrecy)
      - RSA = asymmetric encryption algorithm, on top of which you can build a key exchange algorithm (without forward secrecy)
      (Final note: In both cases, you still need authentication to protect against man-in-the-middle attacks.)

  • @jepp3183
    @jepp3183 7 лет назад

    Question: Assuming this key exchange is completely secure, why would you ever use a public key cryptosystem like RSA? It seems like you could just use diffie hellman and then proceed with something like AES?

    • @talideon
      @talideon 7 лет назад

      The idea behind D-H is not to reveal either participants _private_ key, but it's still susceptible to a Man in the Middle attack. This is where RSA comes in, because its design allows the server to be authenticated. When you use DH-RSA, for instance, the initial connection is secured by RSA, but then DH is used to negotiate the shared key for the subsequent use of a symmetric algorithm like AES.

  • @lare290
    @lare290 7 лет назад

    Hey, this could be used in actual paper messages as well. Just use some cipher that needs a key like Vigenere.

  • @benjohnson6251
    @benjohnson6251 7 лет назад +4

    Such a good video! Really clever concept, and the colour analogy is great! Cheers! :D

  • @mikewillis1592
    @mikewillis1592 7 лет назад +1

    Good explanation. Might be worth explaining why the ag bg process is irreversible.

  • @qm3ster
    @qm3ster 2 года назад +1

    When I saw the bottles at 1:50 I audibly went "Nooo not the paint mixing analogy again" :v

  • @efraimg8543
    @efraimg8543 5 лет назад

    So what is the different between deffie helman key exchange to exchanging RSA keys?

  • @phansypanda7512
    @phansypanda7512 4 года назад

    Attempting to self-teach encryption and currently studying the Diffie-Hellman exchange but what I'm not understanding how it's not hackable? As the hacker, if I picked up the initial exchange of the agreed-upon color or number, how would you not be able to just extract the initial color/number from the second exchange in the public area to figure out what each party's secret color/number is???

  • @ronaik
    @ronaik 3 года назад

    Great explanation to understand DH key exchange. Also, as food for thought, wouldn't a highly skilled painter (hacker) know what colours add up to form that final colour? He does and that's where we add more complexities and algorithms to make DH what it is!

  • @g_glop
    @g_glop 7 лет назад +2

    What's the difference between this and asymetric encryption?

    • @ericg2920
      @ericg2920 7 лет назад +1

      Diffiel Hellman allows both party to exchange a secret key over an insecure channel. This secret key is for symmetric keys cipher.
      As for asymetric encryption (aka public key cryptography) you don't need this kind of protocol. You just publish your public key to the entire network, as nobody can get the private key out of it.

    • @g_glop
      @g_glop 7 лет назад

      So asymetric encryption is useful if someone wants to send you something but you're offline.

    • @talideon
      @talideon 7 лет назад +1

      It can be, and is used for that (see pgp/gpg). However, the typical use of asymmetric encryption (and how RSA, an asymmetric crypto algorithm, is used in TLS) is to facilitate key exchange (with D-H). The problem with asymmetric crypto in something like TLS is that it's very slow and expensive. You _could_ use just RSA, but you wouldn't want to if you wanted to get anything done.
      Moreover, D-H isn't a form of asymmetric crypto, it's just a key exchange algorithm. D-H is combined with RSA because while D-H is secure against being sniffed, it's not secure against a Man in the Middle attack, whereas RSA is secure against MitM, assuming you trust the CA that generated the keypair.

    • @vic123
      @vic123 7 лет назад +1

      With symmetric keys, you're using one same key for both encryption and decryption. Since it's a single key doing all the work, you need to make sure that key is kept really safe somehow. These are conceptually safer since you have things like one-time pads. They're harder to exchange too, though. Diffie Hellman helps with exchanges, and there are other techniques which use asymmetric keys to hide the symmetric keys.
      With asymmetric, there are two keys: one public and one private. You share the public one with the world, and they use it to encrypt their messages. When you get the cipher, you use your private key to unlock it. The security on these depends on the idea of factoring extremely large primes being too difficult (computationally time consuming) for attackers to perform.

  • @simonweiguny
    @simonweiguny 3 года назад

    7:30 hm... couldn't I "just" mathematically remove one g from abgg, as I know g?