1
00:00:02,640 --> 00:00:09,850
Welcome to a course on the working principles inapplicability of symmetric and asymmetric ciphers the

2
00:00:09,850 --> 00:00:16,110
module will focus on examining diverse components of cryptographic systems.

3
00:00:16,130 --> 00:00:21,240
Let's begin with a short introduction before we can move on.

4
00:00:21,310 --> 00:00:24,170
We must understand what information theory means.

5
00:00:25,820 --> 00:00:32,260
This field was developed by Claude Shannon who you can see in the picture.

6
00:00:32,450 --> 00:00:38,360
Shannon is the author of two of the most seminal works on information theory a mathematical theory of

7
00:00:38,360 --> 00:00:44,060
cryptography and a mathematical theory of communication which was published soon after the first book

8
00:00:48,310 --> 00:00:55,090
Shannon first coined the word bit a bit is defined as the smallest information unit required to encode

9
00:00:55,090 --> 00:01:05,480
one of the two values zero or one will come back to this later Jether term Shannon and used as entropy.

10
00:01:05,860 --> 00:01:12,960
Entropy is the smallest amount of information needed on the average to encode and invent.

11
00:01:13,110 --> 00:01:19,150
There's a set of probable events for which you need to determine information entropy.

12
00:01:19,200 --> 00:01:23,620
The more improbable or unlikely an event the bigger the entropy is.

13
00:01:25,450 --> 00:01:32,920
If you roll fair dice the entropy of the probability that you will get a 1 is quite small the number

14
00:01:32,920 --> 00:01:36,330
of total outcomes is only 6.

15
00:01:36,390 --> 00:01:44,010
On the other hand in lotto games with the draw results of 5 15:23 and so on the information entropy

16
00:01:44,010 --> 00:01:48,020
is very high because the probability of winning is extremely low.

17
00:01:50,330 --> 00:01:54,270
There was a huge number of possibilities.

18
00:01:54,320 --> 00:01:59,030
Our task in cryptography is to maximize entropy.

19
00:01:59,060 --> 00:02:00,960
Let's start with this simple example.

20
00:02:03,660 --> 00:02:09,620
Let's take a look at a short script that will launch in a moment this short script is designed to calculate

21
00:02:09,620 --> 00:02:13,120
the password entropy in bits.

22
00:02:13,330 --> 00:02:18,650
We'll have to calculate a logarithm from multiplying two values.

23
00:02:18,860 --> 00:02:26,690
The first variable range specifies the range of possibilities determined in the definition.

24
00:02:26,830 --> 00:02:35,380
If a password can for example only be expressed in upper case the range of this will be one to 26.

25
00:02:35,460 --> 00:02:42,910
The second variable number specifies still length of our password since the desired result should be

26
00:02:42,910 --> 00:02:47,770
in bits well divided by the logarithm from two.

27
00:02:47,800 --> 00:02:53,450
Next we'll call the previously mentioned simple function for some of the passwords.

28
00:02:53,500 --> 00:02:57,340
The first password uses 8 uppercase characters.

29
00:02:57,370 --> 00:03:01,500
The range is 1 to 26.

30
00:03:01,520 --> 00:03:04,700
The second case allows passwords to use lower case letters

31
00:03:07,480 --> 00:03:12,110
the third password is again limited to uppercase only password length is doubled

32
00:03:14,900 --> 00:03:20,650
the fourth password uses both upper case and lower case letters and a relatively secure number of characters

33
00:03:21,130 --> 00:03:23,320
16.

34
00:03:23,370 --> 00:03:27,700
Let's now find out the true entropy strength of the individual passwords.

35
00:03:30,040 --> 00:03:39,940
The first password is only 38 bits Strong see entropy as indicative of the secrecy of something the

36
00:03:39,940 --> 00:03:46,370
bigger the entropy the more secret or improbable something is.

37
00:03:46,500 --> 00:03:50,890
Your password should be as secretive as possible for everyone except yourself.

38
00:03:52,210 --> 00:03:54,250
38 bits is not a good strength.

39
00:03:55,640 --> 00:03:58,800
In the second case there are 46 bits.

40
00:03:58,820 --> 00:04:01,460
It's more but the difference is not likely to matter.

41
00:04:02,330 --> 00:04:05,440
8 character letter only passwords are not secure.

42
00:04:07,490 --> 00:04:14,580
16 character uppercase passwords provide security level for modern computer systems that amount to 77

43
00:04:14,600 --> 00:04:17,530
bits of entropy.

44
00:04:17,620 --> 00:04:20,890
The last password is 93 bit strong.

45
00:04:20,890 --> 00:04:25,960
This means that even if you have a 16 bit password that contains both upper case and lower case letters

46
00:04:26,500 --> 00:04:33,480
you still won't get over 100 bits of entropy when we'll be talking about algorithms.

47
00:04:33,710 --> 00:04:38,380
We'll show you that algorithms that make use of a key with a length similar to the result we've got.

48
00:04:38,420 --> 00:04:42,400
Provide no security.

49
00:04:42,450 --> 00:04:44,890
The passwords are not really secure.

50
00:04:45,090 --> 00:04:53,090
There should be more complicated before we move on to discuss algorithms symmetric algorithms in particular

51
00:04:53,360 --> 00:04:57,920
will need to explain two terms.

52
00:04:58,000 --> 00:05:05,740
The first concept is confusion confusion measures a non-linear relationship between the plaintext ciphertext

53
00:05:05,890 --> 00:05:08,310
and the key.

54
00:05:08,390 --> 00:05:14,240
It describes the dissimilarity of the ciphertext in the plaintext and the difficulty of extracting information

55
00:05:14,240 --> 00:05:18,110
about the key from the ciphertext.

56
00:05:18,120 --> 00:05:21,290
This is a vital concept.

57
00:05:21,330 --> 00:05:26,670
The bigger the confusion the more immune to the linear approximation cryptanalysis your cipher will

58
00:05:26,670 --> 00:05:30,700
be.

59
00:05:30,760 --> 00:05:38,120
The second crucial term is diffusion diffusion specifies the distribution or spreading of the plaintext

60
00:05:38,140 --> 00:05:45,160
information in the ciphertext Caesar cipher diffusion was one to one.

61
00:05:45,300 --> 00:05:48,330
The letter A always represented the letter D.

62
00:05:48,890 --> 00:05:55,300
The diffusion was practically non-existent in that case read like the plaintext information not to be

63
00:05:55,300 --> 00:05:59,250
distributed to one fixed position in the cipher text.

64
00:05:59,380 --> 00:06:06,680
Rather it should be spread all over the ciphertext diffusion as measured by the probability of the successful

65
00:06:06,680 --> 00:06:08,720
differential approximation.