1
00:00:00,240 --> 00:00:04,800
Now in order to exchange or agree he's with Bob in a secure manner.

2
00:00:04,890 --> 00:00:09,980
We need to authenticate Bob in order to securely exchange those keys.

3
00:00:10,050 --> 00:00:16,350
If a man is sat in the middle he might be able to send as a public key pretending to be bald or pretending

4
00:00:16,350 --> 00:00:17,750
to be Bob's public key.

5
00:00:17,790 --> 00:00:24,720
When we request it from Bob or when we try to download it from a site so you can just take a public

6
00:00:24,720 --> 00:00:27,670
key and assume that it is the real key.

7
00:00:27,750 --> 00:00:31,940
We need to authenticate that it is the real key first.

8
00:00:32,040 --> 00:00:38,700
And this brings us to all the cryptographic technologies and that is hash functions and digital signatures

9
00:00:38,700 --> 00:00:44,820
which help provide authentication or legitimacy of the senders and the receivers.

10
00:00:44,820 --> 00:00:54,810
So if you look here you can see input you can see the hash algorithm or function and you can see the

11
00:00:54,810 --> 00:00:55,570
output.

12
00:00:55,920 --> 00:01:03,300
A hash function takes as input data of any size so it can be an email file.

13
00:01:03,450 --> 00:01:13,200
A word in this case we've got Falk's and it converts it via this hash function to here a fixed size

14
00:01:13,440 --> 00:01:20,280
string of characters and these values returned by the hash function are referred to as simply hashes

15
00:01:20,700 --> 00:01:25,050
or message digests or in this case digest.

16
00:01:25,080 --> 00:01:33,420
Now a very important feature of the hash function is that you can never come back from this to the original

17
00:01:33,420 --> 00:01:34,150
import.

18
00:01:34,260 --> 00:01:40,620
This is a one way hash function and no keys are required for this.

19
00:01:40,620 --> 00:01:47,820
You just require import the hash function and then you get the resulting output which is always of a

20
00:01:47,850 --> 00:01:53,340
fixed length depending on the type of function that you're using.

21
00:01:53,400 --> 00:01:58,930
So this provides integrity and it detects what intentional modifications.

22
00:01:59,070 --> 00:02:03,360
It does not provide confidentiality authentication.

23
00:02:03,360 --> 00:02:06,940
It can't detect if an intentional modification has been made.

24
00:02:07,080 --> 00:02:14,140
There are many examples of hash functions you've got M.D to M.D for and the five have all.

25
00:02:14,230 --> 00:02:15,130
Shaw.

26
00:02:15,180 --> 00:02:24,450
Shaw warns Shaw 2 5 6 3 8 4 short 512 tiger etc..

27
00:02:24,480 --> 00:02:32,200
Today if you're looking at a crypto system really should be using short to 5 6 or above which means

28
00:02:32,200 --> 00:02:34,990
Schaaf 3 8 4 and Schaaf 512.

29
00:02:35,280 --> 00:02:38,520
Let me show you some examples of this practically being used.

30
00:02:38,820 --> 00:02:48,110
OK so here we have true correct which is a whole description technology if you are not familiar and

31
00:02:48,110 --> 00:02:50,720
this is the file that you would download.

32
00:02:50,720 --> 00:03:00,390
Now this here is the resulting hash of hashing this file against this algorithm.

33
00:03:00,400 --> 00:03:02,440
Shaw to 5:6.

34
00:03:02,450 --> 00:03:08,080
So when you download this file you can verify that the file has not been changed.

35
00:03:08,120 --> 00:03:11,340
It has integrity using this.

36
00:03:11,350 --> 00:03:15,270
Now there are tools that you can download to do this.

37
00:03:17,580 --> 00:03:20,790
One search tool here is quick hash.

38
00:03:20,790 --> 00:03:25,610
And all I can do is I can choose a file and

39
00:03:34,340 --> 00:03:36,640
chrome drag it in.

40
00:03:37,620 --> 00:03:45,560
And I can see that that is the hash for Chrome Forshaw warm to 5 6

41
00:03:48,460 --> 00:03:56,260
512 and you'll notice that as we go up the numbers in the hash algorithm the hash lens gets bigger because

42
00:03:56,260 --> 00:03:58,250
that is the bit length.

43
00:03:58,420 --> 00:04:08,410
One small 2 4 6 5 12 and M.D 5 which is we can shouldn't be used.

44
00:04:08,440 --> 00:04:14,980
So this is used as a way of verifying that what you have downloaded has maintained integrity.

45
00:04:14,980 --> 00:04:24,130
Now the clever among you may be thinking well what if when I go to download something has been compromised

46
00:04:24,140 --> 00:04:28,860
so here is the tale's Web site and we'll discuss tale's more.

47
00:04:29,020 --> 00:04:32,570
But so I want to download tale's in here it is.

48
00:04:32,840 --> 00:04:37,980
And I have the hash here of that.

49
00:04:38,240 --> 00:04:40,990
But this Web site as being compromised.

50
00:04:40,990 --> 00:04:47,410
It means that they could change this download and add something to it you know a trojan will some some

51
00:04:47,470 --> 00:04:50,650
way of tracking me and it could also change this as well.

52
00:04:51,690 --> 00:04:55,530
So that hash provides no value there.

53
00:04:55,600 --> 00:04:59,240
It cannot detect intentional modification.

54
00:04:59,460 --> 00:05:05,390
We need something else to verify that this site is in fact who it says it is.

55
00:05:05,670 --> 00:05:11,940
And this is where we move into certificates digital signatures and other methods.

56
00:05:11,940 --> 00:05:16,010
Another way you'll see is used with passwords.

57
00:05:17,320 --> 00:05:23,680
Now when you enter a password into a web site or into your operating system it is very very very very

58
00:05:23,680 --> 00:05:24,850
bad practice.

59
00:05:24,990 --> 00:05:31,390
You just to store that password within a database because if that database is compromised then your

60
00:05:31,390 --> 00:05:32,820
password is compromised.

61
00:05:32,940 --> 00:05:41,980
What should happen is your password is converted by a password key to a creation function to a hash.

62
00:05:41,980 --> 00:05:47,890
And you can see here examples of the Windows operating system converting the administrator password

63
00:05:48,340 --> 00:05:52,910
to a hash and this is stored in something called the sound database within Windows.

64
00:05:53,110 --> 00:05:56,850
And we'll discuss more on that later and how that can be compromised.

65
00:05:56,880 --> 00:06:01,480
This is just to give you another example of how hashes are used.

66
00:06:01,960 --> 00:06:10,630
And another use of hashes is to include a pre agreed shared secret into the message and then hash that

67
00:06:10,630 --> 00:06:17,560
message which is known as a hate Mac or harsh message authentication code which provides authentication

68
00:06:17,560 --> 00:06:25,120
integrity because we have the pre shared key and we have the hash used in combination together.

69
00:06:25,120 --> 00:06:26,910
Don't worry too much about the detail.

70
00:06:26,920 --> 00:06:32,020
It's just another technology used in crypto systems that you don't need to know the apps of the ins

71
00:06:32,020 --> 00:06:32,680
and outs of.