Understanding encryption - Java Tutorial

- [Instructor] Now, in this chapter, we're gonna talk about encryption, which is by far the most common thing that people think of when they think about crypto. But in order to level-set a little bit for the purposes of this course, I wanna talk a little bit about encryption and decryption and make sure that we understand everything that goes into this conversation. So the first thing we should talk about is what actually is encryption. And encryption is a process by which we take plain data or plain text data and we make it hidden, often in plain sight. The hidden text or ciphered data becomes difficult and actually, hopefully, impossible to read without the key that was used to generate that ciphered text. And essentially, we are saying that only authorized parties, therefore, can read the text in its original plain text format, assuming that the cipher isn't cracked. Now, in reality, cryptography and ciphering have been around for a very long time. In fact, it dates back as far as ancient Egypt. One of the most common use cases of ciphered text is actually the so-called Caesar's cipher, in which in the modern English alphabet, an A would become a D, and a B would become E, and so on throughout in order to hide the message. Now, we saw a big spike in cryptography in the Middle Ages and Renaissance from both European and even more so from Arabian mathematicians. Now, probably the most popular, at least in modern culture, type of encryption actually occurred during World War II in the so-called Enigma machine. This machine allowed the Germans to communicate over radio waves, which were easy to intercept. And in all honesty, had the U.K. not cracked the Enigma machine, who knows what the outcome of World War II would've been? Now, obviously, in modern times, we are seeing a huge spike in both the algorithms used to do encryption and also the attack vectors against those algorithms. And it's a never-ending game of who can be stronger at the current time. Now, in order to communicate effectively about encryption, we need to talk about the goals of encryption and really, there's four of them. The first is confidentiality and it's the one that we think of most often. And it's also known as privacy. That says that the message that I send you is only readable by you, assuming that the two of us share an algorithm and some sort of key parlance between us. Now, the next is integrity. And that is saying that what you send me has not been modified by a bad actor. And we'll find out that some stream ciphers actually are susceptible to integrity attacks. More on that in a little bit. The third goal is authentication. And essentially, that is saying that you are who you say you are, using cryptography to do so. And the final goal is non-repudiation. Now, this is a way of proving that a message came from you and I believe that you actually sent it and I can prove that you sent it. And that's really the goal of digital signatures. Now, we've talked briefly about stream ciphers and really, there's two pieces. There's stream and block. Stream ciphers take an individual bit at a time and either encrypt or decrypt it. Now, this can actually lead to manipulation without cracking the algorithm itself, because the original format is maintained. So I can change bits and pieces of data without actually cracking it, because I know the format. Block ciphers are much more used today. And block ciphers, as you might imagine, work on blocks of bits instead of individuals, which no longer allows that data to be manipulated without completing messing up the entire block. So I can't change an individual value and still have the functions work. Now, when we're talking about block ciphers, there's a few modes. The most common is cipher block chaining and it is a mechanism by which the previous block cipher is combined with the current block plain text in order to increase the entropy. Now, this requires an initialization vector, because the first block does not have a previous block in order to combine with it. Now, there's a couple other modes that can be used, such as the cipher feedback or output feedback mode, both of which were similar to cipher block chaining, but they have a little bit different output. The final mode is electronic code book, which does not have manipulation of the block. And it is very uncommon in my experiences. I wanna talk a little bit about key size, because all too often, when we talk about encryption, key size becomes the major point of contention. Now, a key size increase within an algorithm, by its very nature, increases the security of that algorithm. However, key size varies by algorithm and this is especially true in asymmetric encryption. For instance, an RSA key size of 2048 may actually be less secure than an elliptical curve algorithm using only a 256-bit key size. So really, in the asymmetric space especially, that key size really doesn't matter. It's the algorithm that matters. And then within that algorithm, the key size matters. What is really critical though, is based on the current data we have, we should be using a sufficient key size in order to protect our ciphers. Now, I do wanna give one more bit of information here and that's the concept of codes versus cipher and there are a couple differences. Codes are really a way of replacing or substituting data. I like to think of these as a database type thing. We're really used to use codified values in order to remove the duplication of data across our database. And really, codes in this realm are very much the same. We replace a bit of data with another piece of data, but really, it's a one-to-one match. Ciphers are mathematical encryptions or mathematical transformations of the data, such that often, it's no longer a one-to-one match between the two, because of various things like initialization vectors that can change the behavior. Now, we've got one more concept to talk about and that is symmetric versus asymmetric encryption. But we're gonna talk about that in the next video.