This is for sure the best introduce-level cyber security series i've ever watched! thank you soooo much for the clear examples and animation, these videos saved hours for me
Sunny is the best person i have ever heard at explaining things. I present IT concepts at work in to non technical people. I take Sunnys videos and copy them word for word, he is amazing.
Thank you Sunny! i am doing security+ and following your channel for quite a bit now. Your videos are so amazing and simple. I have been so confused about these topics, i watched so many videos and they complicate things so much. Watching your videos on the topic really helped me to understand this topic and now i can even understand the more complex version of explanations in my course and book. Keep doing what you are doing:)
Hi Sunny, your video is so warming and it is a leisure to watch your videos. You indeed have the caliber to be the most caring teacher in the world. Everyday is a sunny day by watching your video. Not only informative, it is a real pleasure to watch your video. Thanks a lot.
True! This is also the best video I've watched concerning digital signatures and certificates. After watching this, I've already understood everything related to this topic! Thank you so much sir!
Thank you very much for this video and the digital signature video. It helps me a lot to know the back-end theory. The speed and how you present it also helps a lot.
Sunny you are simply amazing , i got to your video to day but for sure it is like miracle from God, I was preparing my exam but this is absolutely stunning
I was preparing for a seminar... About this topic .. It was so helpful to me . Thank you so much... Seeing frst time ur vids... But it is understandable 🙏🙏🙏🙏
great question. our browser would check digital certificate if it is valid because our popular browser has pre-loaded with major CA's public keys and also our browsers would actively work behind scene with CA's servers to make sure digital certificates are real and valid.
Hi Miirar, Its a good ques! In a real world scenario, ideally an client(browser) interacts with the server and when the server returns the digital certificate, the browser validates the CN(Common name) of the server to verify its identity, normally the domain name(say google.com) would the Common name(CN), when as mentioned by you, if the hacker intercepts the message and presents a fake digital certificate, the browser identifies that the Common Name is different(say xyz.com) than that of the reqested one(which google.com), browser alerts us by throwing the error message NET::ERR_CERT_COMMON_NAME_INVALID, Additionaly also the pad lock turns to red colour.
The query in Digital Certificate: Why would Alice pick Hackers public key and not bobs public key ?? In fact where from Alice gets to know that which public key I need to pick?
@@israilkarud9293 She isn't aware that it has been swapped. Hackers intercept the message when it is being sent. Which means that the public key needed to decrypt the digital signature hasn't reached Alice yet.
no need to choose key as he said. when server will send certificate, there will be key inside it and from there only it will perform further actions. whosoever will send certificate that key will be used. hacket cant send certificate as it would not be signed by trusted CA. if he sends its own then client will not trust it.
Considering that i am requesting to google.com but on the way it is intercepted, destroyed and responsed by a man in the middle. Is it possible if a man in the middle intercepts and destroyes the senders request along with certificate and sends his message with his certificate issued by a trusted CA? How will the receiver know that he is talking to the person(google.com) he intends to, can it invalidate the certificate of the middle man?
Great video. I've a question: Isn't every public unique? If so, why Alice can't tell the difference between Bob’s public key & hacker’s public key? If not, is there a way to do it without a 3rd party?
Hi Sunny. Thanks for your great videos. But i have a question. Why Bob attaches the digital certificate to his public key, since the public key is already contained in the digital certificate?
You are correct. The word "attach" might be confusing. I mean Public key and digital certificate go together. Digital certificate just verifies the public key belongs to the claimed owner.
Hi Sunny. Great video. But what is to stop hacker from intercepting public key with digital certificate and using this public key to de-crypt (and read) the message? Thanks
Hey Sunny, thank you very much for your well explained videos !! I am really greatful. I saw this video, the one of digital signature and the asymmetric and symmetric key encryptions. I would like to ask you in terms of security objectives: confidentiality, integrity, availability, authenticity and accountability. If I have to relate those objectives to the symmetric and assymmetric key encryptions... Which security objectives achieve the symmetric key encryption and which ones achieve the assymmetric one? What I think according to your videos is that symmetric key encryption ensures confidentiality due to their private key however doesn't ensure authenticy due that they have only one same key which can be intercepted by a hacker and assymmetric key encryption ensures authentication and integrity through the digital certificate. Am I correct? what can you add to that? And one last question is: has the message authentication code (MAC) similar logical to what you explained to the digital certificate? thank you very much in advance :) Greetings from Belgium
First of all, thanks for your great questions. Encryption can be very complicated. To keep it simple, asymmetric key encryption and symmetric key encryption would work together to make sure authenticity and confidentiality. I have videos about "how SSL works" to demonstrate how they work together. for example, you (your browser) wants to talk to a web server and all conversation should be encrypted (that is why we need https: and padlock). first, your browser wants to verify that the server is the server you wants, and your server will use asymmetric key to send you "digital certificate". Once your browser has verified the server, then it will send its private key (symmetric key encryption) to the server encrypted by the server's public key, and then only the server can decode the browser's private key with its own private key. It might be confusing at this point. Once the server get your browser's private key, then all conversation would be encrypted. I have also one video " Kerberos", which only use symmetric key algorithm. In summary, asymmetric key encryption is normally used to verify each other and exchange the secret key (private key of symmetric key) so that they can encrypt their conversation. I hope my answer would be helpful. Please do not hesitate to ask me any questions.
The video don't tell if Alice can now forget about the public key from the public repository and use only the public key in the certificate. It doesn't explain neither how Alice get the certificate "along" with the message and its digital signature.
Great video---can you please tell me . when digital signature is sent to client then its encrypted. also along with this plain text message is sent. so if i take wireshark capture where i can see that plain text message
you are correct. The message will also be encrypted in real life. Here we just focus on digital signature. Otherwise, it involves too much steps. Text message must be encrypted, and the receiver must de-encrypt the message first, then use the message to test if the digital signature is authentic.
Dear Sunny, can you please explain how 2 way SSL works where client and server each have to show their certificates. Do we have to take the client certificate and install it in the server keystore and vice-versa. It would be great if you can clarify this with a video or point me to one that you have already created.
Question:In this video at 1:00 you speak about digitally sign and send, this has a vulnerability of a hacker also can be in the middle and play around and no authenticity. In your ‘What is digital Signature’ video you introduced that digital signatures has authentication and using digest and hashing, we can ensure that who is the original sender. So I am confused that whether digital signature is safe or not and which statement is to be considered?
First of all, many thanks for your questions. Great! For digital signature, it is not "safe" or "secure" because digital signature is only for authentication purpose. The document you digitally signed is not encrypted. The digital signature gives the receiver reason to believe the message was created and sent by the claimed sender and later on the sender cannot deny the fact the document was signed by him/her. However, digital signature needs key exchange, which might be intercepted by man-in-the-middle. In order to make sure the key exchange is safe, we use digital certificate to make sure there is no man-in-the-middle attack. Digital signature plus digital certificate would guarantee the digital signature is authentic and document was not modified. However, the document itself is still in plain text. In these two videos, we haven''t talked about encryption" of the document. Of course, plain text document is not "secure" at all if it is confidential. I hope it helps. Please let me know if you have more questions. Feel free to contact me. I am more happy to make myself clear.
Great questions! Digital signature is not about "safe". It is like our written signatures on a document, its primary and basic function is as a proof of identity. With a signature (digital/paper-based), the signer cannot deny it later on (non-repudiation). Digital signature also makes sure the document is not altered in transit (integrity). But digital signature "authentication" part causing the confusion, I believe. In perfect world, a digital signature would authenticate the signer. For an example, you got a letter from your friend and with his signature, you would normally believe that is your friend. But for some serious contracts, like buying a house involving big money, the signing process is normally witnessed and proved by the thirty party, which means having a document notarized. Digital certificate is involving the third party to make sure the signer is the real one, not anyone else. Please let me know if you have questions. Thanks a lot for watching and asking me questions.
You are right. That is why digital signature always works with digital certificate. I just teach these two parts separately. Otherwise, it is overwhelming long. Thanks a lot for your questions and comments. I really appreciate your thoughts and questions. It means that you really think very deeply into the topic.
One more point, thinking of our real life example, we do not really trust other's signature unless we also have witness or notary public or lawyer's back up when we deal with a big contract (involving big money). It is especially true when we deal with important documents over the Internet since we really do not deal with face to face.
for DIGITAL SIGNATURE in Assymetric key approach you have told PRIVATE KEY is used for encryption and PUBLIC KEY for decryption but when I searched about working mechanism of assymetric key algorithm. I found that public key are used for encryption and private key are used for decryption .. i am confused ..please help me
You are correct. In general, private key is used for encryption and public key is for decryption. Digital signature uses private and public in a different way. It is a special case for digital signature. Please check out :how ssl certificate works.
Hi Sunny, great video! One thing, when you says: Anyone can pretend to be Bob. In the video of digital signature you explained that Alice can confirm that the message is not altered in transit by comparing the hash. So, how a hacker can intercepts a message, modify it and send to Alice the same hash previously created by Bob? Thanks Marco
The hacker intercepts Bob's message via active techniques (mitm attacks) , modifies it and forward the modified message (he change the content i.e the hash) to Alice instead.
This might be obvious, but what is stopping the hacker from intercepting Bob's message to Alice and then requesting Bob's public key in order to decrypt it?
Great one !!! In the video when you have introduced a digital certificate you could have brought a hacker again and showed why it is not possible to pretend like Bob anymore. Please see if it can be possible to accommodate this.
Uhm, shouldn't bob be signing it with Alice's public key? So that Alice can open it with her private key (since anyone has access to the public key). Since the person's Public key and private key are related but can't be derived from one or the other...
Thanks a lot for your comment and question. But signature is designed by using private key. You are correct about the relationship between public and private key. Public key is used to verify the signature which is signed with private key. I hope I did not cause more confusion. Again, many thanks, Sunny Classroom.
Furthermore, you can't verify the sender's identity if you use the recipient's public key. Digital signatures are only used to verify the integrity and origin of documents. However, if you were encrypting the document, you would use the recipient's public key (encryption key) in order to make sure the document is not decrypted. In practice, you would encrypt AND sign the document to mask it's contents and verify it's integrity and origin.
I am confused sir I thought if we are using a pair of key... the receiver will create this pair of key to be given to the sender?please enlighten me. Your the best by the way.
Hi Sunny, perfect video as usual. Thanks a lot for explaining such complex topics in such a simple language. A couple of questions though. Where does Bob keep his public key? How does Alice get to know the location of this key? Does hacker replace Bob's public key or simply stores its own key at a new location? If Alice knows the location of Bob's key, why would she go to the hacker's public key location and not suspect that something is wrong here? Please help me with the answers. Thanks again!
That is why we need public key infrastructure - PKI, a whole system to create public keys, to store public keys, to create a digital certificate to prove the public key belongs to the real owner, Bob. It is a whole chapter.
In this video, Bob may keep his public key in his server or a public server. Bob might just tell Alice where to get the public key by whatever method. But this can be very risky because a hacker might intercept Bob's information and replace all his messages by the hacker's message, which Alice believe it is from Bob. Alice gets all hacker's information from the very beginning, that is why Alice has not suspected that something is wrong.
That is why we need Public Key Infrastructure: we need a trusted third party to store Bob's public key and when Alice wants to retrieve Bob's public key, she knows where to get it and besides, the trusted party also attaches a digital certificate to prove Bob's public key belongs to Bob.
Hi sunny, in the video of digital signature you explained that one of the purpose is authentication but in this video u told it is weakness so we are using digital certificate, can you help me to understand this
Greatly simplified.. Even a layman can understand it very easily.. Sir as you explained PRIVATE KEY is used for DIGITAL SIGNATURE . My question is what is the use of PUBLIC KEY?
I have a question, what If Bob's certificate expiration date has been expired and Bob modified or edited it by himself to appear as a the expiration date is valid... What would happen in such scenarios... Would the digital signature be invalid and Alice will notice that ? what happens exactly?
dude this stuff is more addictive than netflix
You make me laugh. Thank you very much!
totally!
agree
What a great material. I’m amazed by the elegance of simple explanations for complex topics. Solid gold.
Much appreciated!
This is for sure the best introduce-level cyber security series i've ever watched! thank you soooo much for the clear examples and animation, these videos saved hours for me
Sunny is the best person i have ever heard at explaining things. I present IT concepts at work in to non technical people. I take Sunnys videos and copy them word for word, he is amazing.
Thanks Sunny - you helped me pass Security +, now I'm on to CEH. Love these videos!
I am so happy for you and Security+ is not easy to pass. Congratulations!
Sunny, you are the best! Thank our for your videos
Many thanks for your words.
Your explanation is still valuable to me in 2023. Clear and easy to understand! Thank you for your kind sharing!
I love how slow you go and the visuals! very easy to follow.
Thanks.
I am a newbie to networking and this is the only video i found easy to understand the digital certificate
Thanks!
Sunny, you do an amazing job! You are clear, simple to understand, perfect teacher!!! Thank You!
Thank you for your compliments! I appreciate.
Thank you for clarifying. You make the best tech videos that simplify even the complicated and confusing concepts.
Thank you Sunny! i am doing security+ and following your channel for quite a bit now. Your videos are so amazing and simple. I have been so confused about these topics, i watched so many videos and they complicate things so much. Watching your videos on the topic really helped me to understand this topic and now i can even understand the more complex version of explanations in my course and book. Keep doing what you are doing:)
Best of luck!Thank you for watching!
Hi Sunny 🖐️
Started watching your videos since yesterday. Your explanation and examples are very clear. Thank you so much.
Thanks and welcome!
Hi Sunny, your video is so warming and it is a leisure to watch your videos. You indeed have the caliber to be the most caring teacher in the world. Everyday is a sunny day by watching your video. Not only informative, it is a real pleasure to watch your video. Thanks a lot.
You make complex-sounding things so easy by concepts and analogies you bring in.
What a quality explanation!. Those very nice animations help a lot to understand the thing. Thanks for these amazing videos. Cheers!
The BEST explanation of this complex subject, using the best choice of words. Awesome!!!
Always the best video in cyber security. Thanks, Sunny
Thank you for watching!
True! This is also the best video I've watched concerning digital signatures and certificates. After watching this, I've already understood everything related to this topic! Thank you so much sir!
Thank you very much for this video and the digital signature video. It helps me a lot to know the back-end theory. The speed and how you present it also helps a lot.
Glad it was helpful!
God bless you my man. Now I will pass my programming exam. Godspeed!
Good luck!
Easy to follow, clear and to the point. If one needs more, there are RFCs. Keep up the good work and thumbs up for all your videos Sunny !
After look at many of your tutorials and I conclude that you have give lesson to many people with great explanations. Salute, success for you Sunny 👍
You are really a great teacher. YOU made us understand in better way
Thank you very much!
Wow, you've got such an ability to explain things in the easiest way. Thanks so much for that.
simple yet clarity on your videos amazed me
Sunny you are simply amazing , i got to your video to day but for sure it is like miracle from God, I was preparing my exam but this is absolutely stunning
Wonderful!
ich habe in meinem Leben nicht so viele Erzählern gesehen wie Sie. Thank you very much from Austria...
Amazing stuff. This video and the one on digital signature. It's like stumbling onto a gold mine.
I was preparing for a seminar...
About this topic .. It was so helpful to me . Thank you so much...
Seeing frst time ur vids... But it is understandable 🙏🙏🙏🙏
Sunny, why are you so good at explaining these stuff. Please make more videos on networking
Best explanation in simple language
another great video! thanks for making certificates easy to understand.
You're the best teacher!
Sir, but why can't hacker intercept the message with digital certificate and create an entire new message and fake certificate and send it to alice?
great question. our browser would check digital certificate if it is valid because our popular browser has pre-loaded with major CA's public keys and also our browsers would actively work behind scene with CA's servers to make sure digital certificates are real and valid.
Hi Miirar, Its a good ques! In a real world scenario, ideally an client(browser) interacts with the server and
when the server returns the digital certificate, the browser validates the CN(Common name) of the server to verify its identity, normally the domain name(say google.com) would the Common name(CN), when as mentioned by you, if the hacker intercepts the message and presents a fake digital certificate, the browser identifies that the Common Name
is different(say xyz.com) than that of the reqested one(which google.com), browser alerts us by throwing the error
message NET::ERR_CERT_COMMON_NAME_INVALID, Additionaly also the pad lock turns to red colour.
Good question .. actually the receiver will send the certificate of insurance to the CA and after CA confirm than it will start further communication
Thank you Sunny! Your videos are very helpful!
My pleasure!
HEY MAN, YOUR CONTENT IS AMAZING. KEEP UP THE GOOD WORK!!!
These are solid videos, thanks for uploading them!
Thanks Sunny, very informative and well presented.
Thanks for the videos. I really appreciate that you put what you're saying , helps me a lot
You are welcome and I am glad it helped.
Finally understood. Many thanks, Sunny Classroom.
you are welcome!
The query in Digital Certificate: Why would Alice pick Hackers public key and not bobs public key ?? In fact where from Alice gets to know that which public key I need to pick?
i am confused with same question that why would alice pick hacker's public key
@@israilkarud9293 She isn't aware that it has been swapped. Hackers intercept the message when it is being sent. Which means that the public key needed to decrypt the digital signature hasn't reached Alice yet.
no need to choose key as he said. when server will send certificate, there will be key inside it and from there only it will perform further actions. whosoever will send certificate that key will be used. hacket cant send certificate as it would not be signed by trusted CA. if he sends its own then client will not trust it.
Considering that i am requesting to google.com but on the way it is intercepted, destroyed and responsed by a man in the middle. Is it possible if a man in the middle intercepts and destroyes the senders request along with certificate and sends his message with his certificate issued by a trusted CA? How will the receiver know that he is talking to the person(google.com) he intends to, can it invalidate the certificate of the middle man?
Sunny, you are the man.
A great video again. Thanks Sunny!
Thank you so much. The way you explain is the best. Example based learning is always fruitful.
Very nice, sunny classroom! Your videos helped me a lot. Keep up with good work!
Thanks. I am glad it is helpful.
Sir , you explained difficult things in a very simple way. Thankyou 😊😊
Thank you sir, Your explanation is very simplified. It basically gave a good overview of the concept.
Thank you for your video! Appreciate your time and effort! You saved me hours.
You are welcome! I try my best to save learning time so that everyone is happy :)
I like that intro music so much btw 😊.
Well thanks for so clear explanation ♥
Thanks a lot for your kind words.
I am every day watching your videos, thank you so much for your effort and clear explanations.
🙏👍👌
Great video and very simple way of explanation
Great video. I've a question: Isn't every public unique? If so, why Alice can't tell the difference between Bob’s public key & hacker’s public key? If not, is there a way to do it without a 3rd party?
I love you sunny, what great content!!
Very professional videos, keep on as you save hours for us
Hi Sunny. Thanks for your great videos. But i have a question. Why Bob attaches the digital certificate to his public key, since the public key is already contained in the digital certificate?
You are correct. The word "attach" might be confusing. I mean Public key and digital certificate go together. Digital certificate just verifies the public key belongs to the claimed owner.
Ok, got it. Many thx
Excellent explanation Sir.
Networking has been made a piece of cake by Sunny - :-) Excellllllent.
Thank you for your appreciation.
Hi Sunny. Great video. But what is to stop hacker from intercepting public key with digital certificate and using this public key to de-crypt (and read) the message? Thanks
Sunny thanks, I enjoy your videos, well explanatory
Hey Sunny, thank you very much for your well explained videos !! I am really greatful. I saw this video, the one of digital signature and the asymmetric and symmetric key encryptions. I would like to ask you in terms of security objectives: confidentiality, integrity, availability, authenticity and accountability. If I have to relate those objectives to the symmetric and assymmetric key encryptions... Which security objectives achieve the symmetric key encryption and which ones achieve the assymmetric one? What I think according to your videos is that symmetric key encryption ensures confidentiality due to their private key however doesn't ensure authenticy due that they have only one same key which can be intercepted by a hacker and assymmetric key encryption ensures authentication and integrity through the digital certificate. Am I correct? what can you add to that? And one last question is: has the message authentication code (MAC) similar logical to what you explained to the digital certificate? thank you very much in advance :) Greetings from Belgium
First of all, thanks for your great questions. Encryption can be very complicated. To keep it simple, asymmetric key encryption and symmetric key encryption would work together to make sure authenticity and confidentiality. I have videos about "how SSL works" to demonstrate how they work together. for example, you (your browser) wants to talk to a web server and all conversation should be encrypted (that is why we need https: and padlock). first, your browser wants to verify that the server is the server you wants, and your server will use asymmetric key to send you "digital certificate". Once your browser has verified the server, then it will send its private key (symmetric key encryption) to the server encrypted by the server's public key, and then only the server can decode the browser's private key with its own private key. It might be confusing at this point. Once the server get your browser's private key, then all conversation would be encrypted.
I have also one video " Kerberos", which only use symmetric key algorithm.
In summary, asymmetric key encryption is normally used to verify each other and exchange the secret key (private key of symmetric key) so that they can encrypt their conversation.
I hope my answer would be helpful. Please do not hesitate to ask me any questions.
The video don't tell if Alice can now forget about the public key from the public repository and use only the public key in the certificate. It doesn't explain neither how Alice get the certificate "along" with the message and its digital signature.
Great video---can you please tell me . when digital signature is sent to client then its encrypted. also along with this plain text message is sent. so if i take wireshark capture where i can see that plain text message
you are correct. The message will also be encrypted in real life. Here we just focus on digital signature. Otherwise, it involves too much steps. Text message must be encrypted, and the receiver must de-encrypt the message first, then use the message to test if the digital signature is authentic.
Could u please explain how blockchain works and how it is employed in Bitcoins...,etc
Nice explanation. But, Can digital certificates be forged?
Thanks for the video, well explicit
Dear Sunny, can you please explain how 2 way SSL works where client and server each have to show their certificates. Do we have to take the client certificate and install it in the server keystore and vice-versa. It would be great if you can clarify this with a video or point me to one that you have already created.
You are the cause of my 50/50 marks
I am glad.
shouldnt Bob use Alice's Pubic key to encrypt the message instead of using his own private key?
thank you for this great explanation!
Thank you Sunny!.
Question:In this video at 1:00 you speak about digitally sign and send, this has a vulnerability of a hacker also can be in the middle and play around and no authenticity. In your ‘What is digital Signature’ video you introduced that digital signatures has authentication and using digest and hashing, we can ensure that who is the original sender. So I am confused that whether digital signature is safe or not and which statement is to be considered?
First of all, many thanks for your questions. Great!
For digital signature, it is not "safe" or "secure" because digital signature is only for authentication purpose. The document you digitally signed is not encrypted. The digital signature gives the receiver reason to believe the message was created and sent by the claimed sender and later on the sender cannot deny the fact the document was signed by him/her.
However, digital signature needs key exchange, which might be intercepted by man-in-the-middle. In order to make sure the key exchange is safe, we use digital certificate to make sure there is no man-in-the-middle attack.
Digital signature plus digital certificate would guarantee the digital signature is authentic and document was not modified. However, the document itself is still in plain text. In these two videos, we haven''t talked about encryption" of the document. Of course, plain text document is not "secure" at all if it is confidential.
I hope it helps. Please let me know if you have more questions. Feel free to contact me. I am more happy to make myself clear.
Does this mean that digital signatures are pointless if not accompanied by a digital certificate?
Great questions! Digital signature is not about "safe". It is like our written signatures on a document, its primary and basic function is as a proof of identity. With a signature (digital/paper-based), the signer cannot deny it later on (non-repudiation). Digital signature also makes sure the document is not altered in transit (integrity).
But digital signature "authentication" part causing the confusion, I believe. In perfect world, a digital signature would authenticate the signer. For an example, you got a letter from your friend and with his signature, you would normally believe that is your friend. But for some serious contracts, like buying a house involving big money, the signing process is normally witnessed and proved by the thirty party, which means having a document notarized. Digital certificate is involving the third party to make sure the signer is the real one, not anyone else.
Please let me know if you have questions. Thanks a lot for watching and asking me questions.
You are right. That is why digital signature always works with digital certificate. I just teach these two parts separately. Otherwise, it is overwhelming long. Thanks a lot for your questions and comments. I really appreciate your thoughts and questions. It means that you really think very deeply into the topic.
One more point, thinking of our real life example, we do not really trust other's signature unless we also have witness or notary public or lawyer's back up when we deal with a big contract (involving big money). It is especially true when we deal with important documents over the Internet since we really do not deal with face to face.
excellent !!!
Many thanks!!
for DIGITAL SIGNATURE in Assymetric key approach you have told PRIVATE KEY is used for encryption and PUBLIC KEY for decryption but when I searched about working mechanism of assymetric key algorithm. I found that public key are used for encryption and private key are used for decryption .. i am confused ..please help me
You are correct. In general, private key is used for encryption and public key is for decryption. Digital signature uses private and public in a different way. It is a special case for digital signature. Please check out :how ssl certificate works.
thanks sunny, you made it clear!
thank you so much this helped my cpa exam it section
Great to hear!
Isn't it other way around, Bob uses Alice's public key to encrypt the message and Alice uses her private key to decrypt message? I am so confused 🤔
Thank you so much! This was very helpful 🤠
Absolutely fantastic
When this is Public Key Encryption, then if Bob wants to send message to Alice, Shouldn't Alice create the Key Pair?
Hi Sunny, great video!
One thing, when you says: Anyone can pretend to be Bob.
In the video of digital signature you explained that Alice can confirm that the message is not altered in transit by comparing the hash.
So, how a hacker can intercepts a message, modify it and send to Alice the same hash previously created by Bob?
Thanks
Marco
The hacker intercepts Bob's message via active techniques (mitm attacks) , modifies it and forward the modified message (he change the content i.e the hash) to Alice instead.
This might be obvious, but what is stopping the hacker from intercepting Bob's message to Alice and then requesting Bob's public key in order to decrypt it?
Great one !!! In the video when you have introduced a digital certificate you could have brought a hacker again and showed why it is not possible to pretend like Bob anymore. Please see if it can be possible to accommodate this.
Uhm, shouldn't bob be signing it with Alice's public key? So that Alice can open it with her private key (since anyone has access to the public key). Since the person's Public key and private key are related but can't be derived from one or the other...
Thanks a lot for your comment and question. But signature is designed by using private key. You are correct about the relationship between public and private key. Public key is used to verify the signature which is signed with private key. I hope I did not cause more confusion. Again, many thanks, Sunny Classroom.
Furthermore, you can't verify the sender's identity if you use the recipient's public key. Digital signatures are only used to verify the integrity and origin of documents. However, if you were encrypting the document, you would use the recipient's public key (encryption key) in order to make sure the document is not decrypted. In practice, you would encrypt AND sign the document to mask it's contents and verify it's integrity and origin.
now that was the explanation i want thank you sunny✨✨😊
You are welcome!
I am confused sir I thought if we are using a pair of key... the receiver will create this pair of key to be given to the sender?please enlighten me. Your the best by the way.
love what you do !!! thank you so much :)
asymmetric RSA key pair that is signed by Samsung's root key through an X.509 certificate.
Can you please explain the meaning of above sentence.
Hi Sunny, perfect video as usual. Thanks a lot for explaining such complex topics in such a simple language.
A couple of questions though.
Where does Bob keep his public key?
How does Alice get to know the location of this key?
Does hacker replace Bob's public key or simply stores its own key at a new location?
If Alice knows the location of Bob's key, why would she go to the hacker's public key location and not suspect that something is wrong here?
Please help me with the answers. Thanks again!
Hi Sunny, please do help us with these questions as we can expect this questions in an interview.
Thanks a lot for your questions and your questions are great.
That is why we need public key infrastructure - PKI, a whole system to create public keys, to store public keys, to create a digital certificate to prove the public key belongs to the real owner, Bob. It is a whole chapter.
In this video, Bob may keep his public key in his server or a public server. Bob might just tell Alice where to get the public key by whatever method. But this can be very risky because a hacker might intercept Bob's information and replace all his messages by the hacker's message, which Alice believe it is from Bob. Alice gets all hacker's information from the very beginning, that is why Alice has not suspected that something is wrong.
That is why we need Public Key Infrastructure: we need a trusted third party to store Bob's public key and when Alice wants to retrieve Bob's public key, she knows where to get it and besides, the trusted party also attaches a digital certificate to prove Bob's public key belongs to Bob.
Excellent explanation.
Hi sunny, in the video of digital signature you explained that one of the purpose is authentication but in this video u told it is weakness so we are using digital certificate, can you help me to understand this
Sunny, is DocuSign uses digital certificate?
you have never put any links below!
How the alice will use the bob public key during middle man attack(how alice know weather to use the bob key or hacker public keys)
Greatly simplified.. Even a layman can understand it very easily.. Sir as you explained PRIVATE KEY is used for DIGITAL SIGNATURE .
My question is what is the use of PUBLIC KEY?
we use the Public Key to decrypt, that make authentication and non-repudiation
I love your videos, sir!
thank you so much for posting these videos, they help a lot!!!!!!!!!!!
You are welcome! Thank you for your time! Check out my other videos please!
I have a question, what If Bob's certificate expiration date has been expired and Bob modified or edited it by himself to appear as a the expiration date is valid... What would happen in such scenarios... Would the digital signature be invalid and Alice will notice that ? what happens exactly?
you are a great teacher!
Many thanks.