Diffie-Hellman Key Exchange - the MAGIC that makes it possible - Cryptography - Practical TLS
Vložit
- čas přidán 20. 05. 2024
- The Diffie-Hellman protocol is the underpinning of so many other security protocols on the Internet. It's the most popular answer to the question: How do we establish a shared key over an unsecure wire?
Diffie-Hellman uses a sequence of math calculations to answer that question. And in this video I'm going to prove it to you.
This lesson is a free sample lesson from the the greatest TLS and SSL training course ever created. No instructor rambling on about pointless stories. No slides with massive walls of text. No time wasting. Only simple, effective, and precise explanations. Complimented with practical illustrations and visuals.
🔐 More details about the course:
classes.pracnet.net/courses/p...
🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. I'm happy to provide a generous referral bonus =)
💬 Join Practical Networking Discord
/ discord
🖧 Want to learn how how data moves through a network?
• Networking Fundamentals
0:00 - Diffie Hellman Purpose
1:10 - The Math of Diffie-Hellman (Cryptography 101)
4:03 - Using DH's Shared Secret to generate Symmetric Keys
4:27 - How secure is Diffie-Hellman?
5:55 - Outro / Try it yourself!
6:23 - Practical TLS - The best SSL/TLS course ever created
Since you've made it to the bottom of the Description, here's a $100 off coupon code you can use on the full course =)
YT100 - Věda a technologie
👉 *More free lessons:* czcams.com/play/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY.html
✨ *Full course:* pracnet.net/tls
💲 *Coupon Code* for 50% off: youtube50
This was by far the easiest example on CZcams for understanding Diffie-Hellman. Thanks!
Glad you enjoyed it =)
agreed!
Probably the best video on Diffie-Hellman algorithm, so well done!
Thank you for this series, It's really well made. I would probably reference each time I forget a concept.
Glad you enjoyed it!
That is exactly what I was looking for a while. I also signed up for the TLS course. Well done for the great content.
You are a great teacher!
Hey Ed,
as I['ve ]read through them: You really earn these praises here. Thank you!
Best regards,
CC.
Ohh yesssss. Whilst going through your TLS series got notification of this video and oh boy am I ready for Diffi. It’s not easy to understand but I can almost be certain you’ll have broke it down in such a way my 80 year old grandma will make sense of it!
Hope it lived up to your expectation!
Perfect explanation.
Perfect simplest explanation found on youtube
so damn good course. I am registering the course. Keep good work, Ed!
Many Thanks for your Amazing topics, keep it up
Thank you :)
Thanks for the excellent video.
I dont know how to say thankyou to this channel as it made me to understand all these complicated concepts in very simple explanation.... Good work & keep doing it 🙂
Renu! I've rather enjoyed seeing your kind comments on all the videos. Thank you for the positive energies! Truly happy you are learning so much from the channel. Cheers, friend. Happy (continued) learning! =)
Another great monday. Thanks for the upload
You're welcome! Glad you liked it!
Hey hey, tried with Private key =2 and Private key =7, ending up with Public key =10 and Public key =7. And Shared one is 10. Thank you for your work! You are the best 😎🤓
Very cool, thank you!
Like always, you make it look easy. Thanks
You're welcome, Azza!
As always, very great lecture, very useful, thank you so much brother
You're welcome!
Thank you so much :)
As Always, Great!
You're welcome, Hosein =)
Excellent explanation. 👍
Thank you!
Thank you for Teaching very easily understand difficult concept.
You're welcome, Karthik!
CA certificates contain publicPrivate keyPairs stamped by a trusted authority.......Great Course ED.... well done
Thanks for supporting the channel =)
Practicly impossible for supercomputers yet invented by human creative mind by applying logic and imagination. Amazing!
How did they agree on two numbers, 13 and 6, at the beginning of their conversation? Let's say Bob doesn't know Alice and wants to send her a message. How will their first exchange happen? I am still confuse about it
The peers have to do a handshake before they can do DH, and in that handshake they "agree" on a DH Group (which contains the two numbers, P and G).
no one will overhear this?
Thank you, this helped a lot!
Glad to hear!
In standard tls, a separate secret key is generated by the client and encrypted with servers public key is sent to the server. That is only the servers public/private key pair is used to exchange the symmetric key.
Is that different than the secret key generation and sharing discussed here.
Just liked it before watching, we all know it's gonna be a great Video
;)
Thank you sir,, best video.
You're welcome!
These videos are life changing, I appreciate your teaching style and notes!
Question: Do you think we will go to elliptic curve crypto, away from DH and RSA due to key sizes etc, at least for key exchange?
I would love to see you do a 101 video on ECC, as it's blowing my head around the maths and how it works!
Yes, it's on my list!
EC crypto is just using a different set of "numbers" than what we are used to. IT's still the same algorithms, just using points on a curve instead of real numbers (1, 2, 5, 100, 9999, etc...).
So yes, we will always be using DH, RSA, DSA, etc... just sometimes on a curve (hence ECDH, ECRSA, ECDSA).
Well, at least until quantum safe algorithms take over, I suppose.
@@PracticalNetworking I'd love to see ECSDSA!
Thankyou for making it so much easier to learn, I appreciate you so much.
Do you think we will have quantum safe? Or "safe for now"? I wonder if that's measured in years, decades, or more?
Everything in crypto is always a "safe for now" gamble ;p
so DH negotiates session key to encrypt data symmetric. However, RSA generates key pairs that are used to encrypt the session key when exchanged? then that session key is used symmetric to encrypt bulk data?
Thanks!
Hey Ward, I just wanted to say a huge thank you for the Super Thanks donation! Your support truly brightens my day and motivates me to create even more content. Thank you!
hello how are the agreed number defined to be used bu both parties?
So if hacker get to know what the shared numbers are meant for (i:e maybe hacker manages to read an email which have them listed), then hacker will also end up generating the same secret key, right?
The math in this one is very cool :)
Agreed =)
+1 for the 'why' it is difficult te reverse engineer!
Super!!
=)
Cheers , made that a lot easier than most do . not an easy one to explain and welcome back Alice and Bob :) . These Martin Helman and Whitfield Diffie guys have some brain capacity don't they .
Yea, it's incredible that these algorithms were developed 30~ years ago and are still the foundation of the crypto we use today. Cheers Don!
OK, nice explanation. What i can never find is how the keys are used to crypt and decrypt messages! Do you have some ressources on that by a chance?
Yes, I have a video on my channel about RSA. It shows the math which creates keys, and the math which uses them to encrypt and decrypt messages.
Thank you man for the video :)
You're welcome, Ayrad!
Congrats Ayrad. You won the random course giveaway =). Reach out to me on Discord to claim your prize: pracnet.net/discord
(I just realized that I never picked a Winner for this video, sorry for the long delay)
@@PracticalNetworking thank you very much :)
@@PracticalNetworking I'm in your groupe in discord but I don't know how to get what I have won :D
SpongeBob and cryptography 🔐 are a FANTASTIC pair!
Agreed ;)
Sanks q very much
You're welcome Eric.
👍👍👍
how does this video only have 772 likes as of this moment....smdh
Que vídeo do caralho.. nunca encontrei um vídeo no CZcams com tamanha qualidade de detalhes..
Hi, what if the public key which Alice and Bob shares with each other is modified by hackers in public network? Both Alice and Bob would never be able to create same shared secret.
Yes! Correct. Hence, when sharing the Public Key, it's good to also implement something that also provides Integrity. This is why when you download a website's certificate (which includes a public key), the certificate also includes a Signature (providing Integrity and Authentication).
More details on signatures here:
czcams.com/video/_zyKvPvh808/video.html
So by this "integrity" mechanism they will both know IF the public key they received was tampered or not? Cool!
But what exactly is Generator of P? Is it randomly generating Prime numbers or just random numbers? In this case 6 is not a Prime number
Good question... I should write an article about it. Reach out to me on Discord and I can explain it to you briefly.
But you are correct to point out Generator != Prime number. =)
Aha! So they exchange each other's public but they don't see each other's private! Got it!
Exactly. =)
sometimes i just wish i can give u a thousand likes with one account. #Simplified learning
Thanks for the kind note =). I appreciate even the single like! Cheers.
👏👏👏✅
=)
Am I the only one to feel this topic is just a piece of cake after hearing this explanation?
That tells me I did my job correctly =).
@@PracticalNetworking absolutely, just love your videos.
@@safwanumer3997 If you're willing, sharing this content online would be a great help. =) Glad you enjoyed these either way. Cheers, Safwan.
So, to bob and alice decrypte the message first, it must alice and bob accept the public key both side witch A=(G x mod n) the result is the public key must be accepted both side and we called this digital certificate.