Hi guys, in this video,

I wanted to tell you a little bit about a protocol called Diffie-Hellman Exchange.

But I want to preface it with just a few comments about the cryptographic

community, and cryptography in general.

And I bet a lot of you probably has some interest in this, this is fun like if you

like doing computer science, you like protocols, you like distributed systems

then you probably like cryptographic application protocols.

They're fun, they're like little puzzles on how you make

certain properties be respected as different entities are interacting.

Now, the guys that we've been talking about here,

Whit Diffie, Martin Hellman, wonderful people.

If you met Whit Diffie, you would like him immediately.

He sort of looks the part of cryptographer.

He's just, in my mind, one of the few heroes that we have in

cybersecurity did Martin Hellman and did other guys from MIT.

We live in a time right now when sometimes it's not so

easy to find heroes like sports figures maybe there are some,

it always seems like when they get into contract negotiations they don't

seem like such great heroes anymore who's asking for more money.

Or political figures a lot of times let us all down.

I don't have to go into too much detail on that.

But in technology, people like Whit Diffie and others, they really are heroes.

I mean these are people who are true to their discipline.

They're smart.

They've made contributions that change the world.

They're very modest.

If you ran into any of them at the mall or something, or at the store, or at

a conference, they're not wearing blinking lights attracting attention to themselves.

They're not that kind of person.

So as you, particularly some of the younger people here, as you get interested

in cryptography, there are a lot of really wonderful role models that you can

study their history, read about them, look them up on the Internet, see what kinds of

careers they've had that led them to making contributions such

as the sort of thing that we're looking at with Whit Diffie and Martin Hellman.

Now, let's get into it with them.

We said earlier that we wanted it to be the case that we have both secrecy and

authentication in a given protocol.

We knew that if I took a message and

I encrypt it with your public key then I can get it to you secretly,

if I take a message and I encrypt it with my secret key, I can authenticate.

But I couldn't do both or Diffie and Hellman went just do both.

[LAUGH] I know it sounds so obvious, but if only it were so obvious.

These amazing contributions seem so obvious afterwards, but

before not so much.

So here's what they said.

They said the first thing we want you to do, take the message and sign it.

Encrypt it with your secret key.

That whatever you come up with, encrypt that with the public key recipient.

And then schlep it over to the recipient.

The recipient then gets it, uses its secret key to

encrypt what it will then get as payload is something that requires your

public key to decrypt, and then the result is the message.

That's kind of interesting, isn't it, right?

You get the package, you decrypt with public key then

you decrypt again with secret key [SOUND] and you're good.

I'm sorry, I probably said that backward.

You get the point. You can see on the chart.

So doing it twice gives you secrecy, gives you authentication, but guess what?

It still doesn't solve something.

This alone was not enough to kind of create the mystery and

the legend that's Diffie and Hellman.

The problem we have is it still doesn't preserve the efficiency of

conventional cryptography.

Do you follow?

Even with all this work if I can get a message them across and

I can get both secrecy and authentication, the kind of cryptography we were fooling

around with at the time required multiplying prime numbers together,

the RSA implementation and doing all these complex numbers.

The RSA algorithm involves two gigantic primes, like 100 decimal digits

long that you multiply together [LAUGH] and that's essentially your public key.

Computers in the 70s couldn't do that for a big giant file.

If the message m is a big long document, then what?

You see how a block cipher worked very nicely block by block.

This thing just uses a, quote unquote, message.

How are we going to fix all of this?

So stick with us, because in our next video, I'm going to explain that, but just

sort of as an additional considerations as you're thinking this through.

I want you to ponder the following question.

If this is so obvious, why didn't it pop up earlier?

Like, this is the mid 70s, why wasn't it the case in the 20s, 30s,

40s or even earlier in the 1800s, why didn't people come up with this idea?

It's an interesting thought to ponder because until Diffie and

Hellman made this public, for thousands of years people figured that the only way you

could really effectively exchange a secret and do it in an authenticated way,

is with the key distribution center is one of the basic presumptions of

human communication for thousands of years, 1970s they figure it out,

is it possible it could have come up sooner?

And we'll get to that as well.

So we'll see you in the next video and we'll look at how Diffie and

Hellman solved this problem resulting their winning of the Turing Award,

which is the greatest prize in computer science.

So I'll see you in the next one.

Cryptographic Message Exchange

Cyber Attack Countermeasures

与讲师见面