1
00:00:03,060 --> 00:00:08,190
Let's now examine public key asymmetric algorithms.

2
00:00:08,440 --> 00:00:12,090
Let's start with their operation scheme.

3
00:00:12,110 --> 00:00:16,150
There's the plain text that will be encrypted using a key.

4
00:00:16,370 --> 00:00:19,630
This time the key used for encryption will be called the public key.

5
00:00:20,780 --> 00:00:28,380
The output of this operation is the ciphertext But unlike with symmetric key algorithms the reverse

6
00:00:28,380 --> 00:00:32,730
encryption and to read the ciphertext a different key will be needed.

7
00:00:32,870 --> 00:00:41,290
The private key asymmetric cryptography makes use of two different keys although they're related to

8
00:00:41,290 --> 00:00:47,510
each other you can extract either from the other if you have a public key you will not be able to generate

9
00:00:47,510 --> 00:00:49,180
a corresponding private key.

10
00:00:53,650 --> 00:00:57,550
What are the benefits of replacing a shared key scheme with a pair of keys.

11
00:01:00,510 --> 00:01:03,530
First of all exchange is not the problem anymore.

12
00:01:04,940 --> 00:01:10,010
The user needs only two keys regardless of the number of other users they want to exchange data with

13
00:01:10,580 --> 00:01:12,910
a private key and a public key.

14
00:01:14,710 --> 00:01:20,390
The public doesn't have or even shouldn't be protected.

15
00:01:20,500 --> 00:01:23,290
The name is self-explanatory.

16
00:01:23,320 --> 00:01:26,740
The key is public and should be shared with all users in the system.

17
00:01:29,460 --> 00:01:36,760
A private key on the other hand is a user's exclusive property if it's shared the entire system is compromised

18
00:01:41,230 --> 00:01:48,550
secure data exchange in public key cryptography systems with 50 users requires 100 keys to keys per

19
00:01:48,550 --> 00:01:58,330
user symmetric key systems required as many as 1225.

20
00:01:58,360 --> 00:02:04,500
What's more asymmetric algorithms allow users to establish a trust relationship.

21
00:02:04,740 --> 00:02:12,340
They have one strength that symmetric algorithms lacked the so-called non repudiation.

22
00:02:12,430 --> 00:02:16,370
You can use this feature to establish the authenticity of the ciphertext.

23
00:02:16,720 --> 00:02:22,740
We'll show you how in a moment and also to prove to a message sender that the message truly comes from

24
00:02:22,740 --> 00:02:25,930
them and that its integrity has not been breached.

25
00:02:27,900 --> 00:02:30,350
This solution has some shortcomings as well.

26
00:02:31,410 --> 00:02:39,290
Public key cryptography is extremely slow as you've seen the basic operation used in symmetric ciphers

27
00:02:39,770 --> 00:02:49,250
was the exclusive disjunction ex-SO are this operation is quick and equivalent of the X-O are an asymmetric

28
00:02:49,250 --> 00:02:53,560
cryptography is a Madugalle operation.

29
00:02:53,720 --> 00:03:01,300
The result of modular exponentiation can be a large prime this operation has a high computational cost

30
00:03:04,920 --> 00:03:09,900
and other weaknesses the asymmetric ciphers have not been designed for encrypting long messages.

31
00:03:11,670 --> 00:03:14,140
This flows naturally out of the first problem.

32
00:03:16,260 --> 00:03:22,270
Several well documented attacks on metric ciphers have been developed that rely on excessive key use

33
00:03:24,320 --> 00:03:28,900
the situation involves using a key to encrypt messages that are longer than necessary.

34
00:03:30,980 --> 00:03:36,520
As a rule asymmetric encryption should be applied to data that is of similar length to the used key

35
00:03:37,860 --> 00:03:40,360
kids should be a bit longer than the plaintext.

36
00:03:41,920 --> 00:03:48,840
The strength of a 512 bit asymmetric key is more or less equivalent to the strength of a 60 bit symmetric

37
00:03:48,840 --> 00:03:54,730
key as you know 60 bits does not provide adequate security.

38
00:03:56,710 --> 00:03:59,580
512 bits is likewise insufficient.

39
00:04:00,870 --> 00:04:08,810
Today even a 1024 bit strength can proved not enough people do but the.

40
00:04:10,700 --> 00:04:18,320
We'll talk about this at greater length later in the module.

41
00:04:18,350 --> 00:04:25,390
There are also problems that don't stream from any cryptographic solutions if asymmetric algorithms

42
00:04:25,390 --> 00:04:28,300
allow you to establish trust relationships.

43
00:04:29,210 --> 00:04:35,060
You need to keep in mind that ciphers and keys are used by software not by users themselves.

44
00:04:36,460 --> 00:04:41,640
You shouldn't transpose this trust freely.

45
00:04:41,660 --> 00:04:48,950
The starting point for asymmetric encryption depends on finding some one way functions one way functions

46
00:04:48,950 --> 00:04:57,080
or isn't sufficient to compute one direction but computationally hard to invert it's difficult to establish

47
00:04:57,080 --> 00:05:00,410
the exact computational complexity of these functions.

48
00:05:02,060 --> 00:05:08,120
Whether it's an MP a complete problem or the complexity is simply over exponential is determined by

49
00:05:08,120 --> 00:05:10,150
the development of mathematics.

50
00:05:11,520 --> 00:05:17,620
A good example of this is the controversy surrounding the RSA algorithm which we'll talk about soon.

51
00:05:19,390 --> 00:05:26,120
The RSA algorithm security is based on the fact that multiplying is relatively easy it's fast.

52
00:05:26,260 --> 00:05:34,720
While the decomposition of the object into factors factorization has high computational complexity just

53
00:05:34,720 --> 00:05:36,790
how complex is it.

54
00:05:36,790 --> 00:05:44,710
Factoring problems were analyzed by Turing one of the greatest mathematicians of the 20th century Turing's

55
00:05:44,710 --> 00:05:49,510
paper on factorization remains classified confidential.

56
00:05:49,540 --> 00:05:55,010
The UK has been keeping and handling this document as an exclusive possession.

57
00:05:55,050 --> 00:05:57,830
What is the reason for this.

58
00:05:57,840 --> 00:06:03,450
It could be that in fact efficient factoring methods exist after all.

59
00:06:03,470 --> 00:06:10,710
I can risk saying this because there is a peculiar correlation mathematicians that examined this problem

60
00:06:10,710 --> 00:06:16,170
and published works on factorization and did disappear from the scientific limelight in scientific life

61
00:06:16,170 --> 00:06:17,130
altogether.

62
00:06:19,000 --> 00:06:24,230
They are probably working now for agencies that pay better and beginning from that point.

63
00:06:25,010 --> 00:06:26,460
It is

64
00:06:29,460 --> 00:06:35,030
this is relevant since practically all facets of our security depend on the assumed high computational

65
00:06:35,030 --> 00:06:45,030
complexity of factorization many critically important systems have been based on the RSA algorithm.

66
00:06:45,050 --> 00:06:49,540
If a simple laptop would be enough to crack the algorithm we'd be in a tight spot.

67
00:06:52,670 --> 00:07:01,040
RSA is not the only asymmetric algorithm El-Gamal is just as popular and perhaps even more secure.

68
00:07:02,400 --> 00:07:08,010
The two algorithms are designed for encryption and decryption while the TSA algorithm is used for digital

69
00:07:08,010 --> 00:07:15,490
signatures El-Gamal NTSA are based on a discrete logarithms problem.

70
00:07:15,640 --> 00:07:19,930
The logarithm is the inverse operation of exponentiation.

71
00:07:20,280 --> 00:07:28,970
The exponentiation can be modular Ahmadullah is counting to 20 on ten fingers.

72
00:07:29,080 --> 00:07:34,720
The characteristic trait of the Modelo operation is that while something is lost not all information

73
00:07:34,720 --> 00:07:36,990
is lost.

74
00:07:37,070 --> 00:07:41,640
The same was true for the axle or operation.

75
00:07:41,700 --> 00:07:48,570
Since you can perform exponentiation over a MONDOUBLEAU you can calculate Ahmadullah logarithm.

76
00:07:48,810 --> 00:07:56,740
As we mentioned El-Gamal and DSA are based on the computational simplicity of modular exponentiation.

77
00:07:56,770 --> 00:08:04,160
This is the logarithmic complexity class inverting this operation seems to require a brute force search

78
00:08:04,160 --> 00:08:06,410
of all possible exponent values.