HomeОбразованиеRelated VideosMore From: itfreetraining

Symmetric Key and Public Key Encryption

1832 ratings | 451835 views
Modern day encryption is performed in two different ways. Check out http://YouTube.com/ITFreeTraining or http://itfreetraining.com for more of our always free training videos. Using the same key or using a pair of keys called the public and private keys. This video looks at how these systems work and how they can be used together to perform encryption. Download the PDF handout http://itfreetraining.com/Handouts/Ce... Encryption Types Encryption is the process of scrambling data so it cannot be read without a decryption key. Encryption prevents data being read by a 3rd party if it is intercepted by a 3rd party. The two encryption methods that are used today are symmetric and public key encryption. Symmetric Key Symmetric key encryption uses the same key to encrypt data as decrypt data. This is generally quite fast when compared with public key encryption. In order to protect the data, the key needs to be secured. If a 3rd party was able to gain access to the key, they could decrypt any data that was encrypt with that data. For this reason, a secure channel is required to transfer the key if you need to transfer data between two points. For example, if you encrypted data on a CD and mail it to another party, the key must also be transferred to the second party so that they can decrypt the data. This is often done using e-mail or the telephone. In a lot of cases, sending the data using one method and the key using another method is enough to protect the data as an attacker would need to get both in order to decrypt the data. Public Key Encryption This method of encryption uses two keys. One key is used to encrypt data and the other key is used to decrypt data. The advantage of this is that the public key can be downloaded by anyone. Anyone with the public key can encrypt data that can only be decrypted using a private key. This means the public key does not need to be secured. The private key does need to be keep in a safe place. The advantage of using such a system is the private key is not required by the other party to perform encryption. Since the private key does not need to be transferred to the second party there is no risk of the private key being intercepted by a 3rd party. Public Key encryption is slower when compared with symmetric key so it is not always suitable for every application. The math used is complex but to put it simply it uses the modulus or remainder operator. For example, if you wanted to solve X mod 5 = 2, the possible solutions would be 2, 7, 12 and so on. The private key provides additional information which allows the problem to be solved easily. The math is more complex and uses much larger numbers than this but basically public and private key encryption rely on the modulus operator to work. Combing The Two There are two reasons you want to combine the two. The first is that often communication will be broken into two steps. Key exchange and data exchange. For key exchange, to protect the key used in data exchange it is often encrypted using public key encryption. Although slower than symmetric key encryption, this method ensures the key cannot accessed by a 3rd party while being transferred. Since the key has been transferred using a secure channel, a symmetric key can be used for data exchange. In some cases, data exchange may be done using public key encryption. If this is the case, often the data exchange will be done using a small key size to reduce the processing time. The second reason that both may be used is when a symmetric key is used and the key needs to be provided to multiple users. For example, if you are using encryption file system (EFS) this allows multiple users to access the same file, which includes recovery users. In order to make this possible, multiple copies of the same key are stored in the file and protected from being read by encrypting it with the public key of each user that requires access. References "Public-key cryptography" http://en.wikipedia.org/wiki/Public-k... "Encryption" http://en.wikipedia.org/wiki/Encryption
Html code for embedding videos on your blog
Text Comments (179)
Amir Syafiq (24 days ago)
Tutorial 8 hands up pls ✋🏻
itfreetraining (14 days ago)
Thank you!
Leon Riabtsev (1 month ago)
1:18 Are these are hashes?
mahbub ahmed (2 months ago)
for a particular secure communication scenario between sender and receiver using a symmetric cipher, is it possible to use keys with different lengths on both sides?
itfreetraining (2 months ago)
Not sure why you would want to do that, but in theory it would be possible. The easiest way would to create two connections with different key lengths. On one side, use it to send and receive and the other side the opposite. You would still need to sent some control codes back, but essentially the data which is the largest part would be sent on different channels. I don't know of any way hardware or software solution that allows you to choice different keys. If you wanted one, two channels would be the easiest way if it supports it or a custom encryption system.
arun prasad (4 months ago)
Thanks man , you are awesome.
itfreetraining (4 months ago)
You're most welcome. Thanks for watching.
Sourav Pal (7 months ago)
''Download the PDF handout'' --> not found
itfreetraining (7 months ago)
Thanks for letting us know!
Syed Faizyab (10 months ago)
safaa kaa waahiyat video bari thav choraa safaa ke way zzzzzlololololololjaani baa
itfreetraining (9 months ago)
Thanks!
Syed Faizyab (10 months ago)
nice and interesting video about symmetric encryption par mukhe kuj samaj mein hi kon aayo cho je kare aawaaz kon hui jaani bro
Lisa N (10 months ago)
What a headache.
Dipen Patel (10 months ago)
calling someone to transfer a symmetric key lol
itfreetraining (10 months ago)
You'd be surprised by the methods of communications employed.
Zia Khokhar (11 months ago)
Explain symmetric key distribution using asymmetric encryption?
GO (1 year ago)
I still don't understand how private key works :/
Samin Kalhor (6 months ago)
https://youtu.be/YEBfamv-_do
Kulasangar Gowrisangar (9 months ago)
The second party should decrypt it by using his private key right ?
Saim Nazir (10 months ago)
Somebody answer this man!
Fernando Epele (10 months ago)
Everything was super clear, expect my last doubt. If the second party only receives the public key, that is only used for encryption, how can the second party decrypt the data without having the private key?
itfreetraining (1 year ago)
Think of it this way. A Public key is only ever used to encrypt information, while a Private Key is meant to decrypt it. In this fashion, the Public key can be shared and used by others as it can ONLY ENCRYPT. However, the Private key needs to remain a closely guarded secret because it can be used to decrypt the information that was encrypted with the Public key.
Keybraker (1 year ago)
2:23 πασοκτζης ο μαυρος >_<
itfreetraining (1 year ago)
Τι?
3D Space (1 year ago)
great
itfreetraining (1 year ago)
Thanks!
Roger Gurman (1 year ago)
Nicely explained. Thanks, I finally got the basics of it.
itfreetraining (1 year ago)
Glad our videos were able to help you. :) Thanks for choosing ITFreeTraining!
martin maurer (1 year ago)
Nice .. thanks for this tutorial.
itfreetraining (1 year ago)
You're welcome!
Zak Annable (1 year ago)
wo veery cool nyes
Kieran Brewster (1 year ago)
ok
Zak Annable (1 year ago)
englond is my cety
Kieran Brewster (1 year ago)
Learn English. ;)
Stewie Griffin (1 year ago)
good video sir
itfreetraining (1 year ago)
Thanks!
basuthker ravi (1 year ago)
Thanks a lot
itfreetraining (1 year ago)
You're very welcome!
Suppose of an account with one user name and multiple one-time password (exactly like crypto card). Lets suppose I have given ID (which is same everytime) and password ( which vary every time). Now my question is, how they verify that this password belongs to the same user ID. If a crypto card can generate over millions of password for a particular ID. Is it mean that there are millions of passwords stored in the server for that particular ID ?
Arnav333333333 (1 year ago)
vishal kumar vishwakarma I
c.daniel Premkumar (1 year ago)
Why should you use Public Key encryption when the Hacker does not know whether the message being sent is Encrypted or not. Further, why should the hacker always assume that the message being sent is always encrypted ? Any message could always be encrypted to form an understandable sentence in any Language which could mean something other than the intended message. So what's the big deal ?
itfreetraining (1 year ago)
The issue with encryption not using public and private keys is transferring the keys or rules to the other party. As you are suggesting, having different sentence that mean something else like they do in the movies is really good security. However, exchange these between both parties and keeping them up to date is the problem. Sometimes administrators will transfer codes using the telephone. However, using public keys and private keys means a safe way to transfer keys between parties without having to worry about this. That is why it is often used to in company VPN's. Also, encrypting traffic protects you from the man in the middle attack and replay attacks, where the method you are talking about does not.
Saitham (1 year ago)
Something that I've never quite comprehended about asymmetric cryptography is how any message sent by the entity with the private key can be seen as secure? What I mean by this is that since anyone with the corresponding public key can decrypt what has been encrypted with the private key, it's not secure at all? An example of this would be if a server uses its private key to encrypt a message containing a user's new password for a website. An attacker could then use his/her public key used by that server to decrypt that message. What am I missing here? :)
Nader Awad (1 year ago)
Saitham did you find an answer for your question ? itfreetraining didnt really answer and i have this question in my head for years now !! if the server wants to send encrypted data to the client, how the client could use the public key to decrypt what the private key on the server has encrypted ? or is this (asymmetric encryption) a one way (client-server) function without supporting the other way (server-client) ? Please anyone can answer me :( !!
itfreetraining (1 year ago)
Using public and private keys is computing time consuming. Using a single shard key is not, so you want to use this method. So what happens is that public and private keys are used to exchange a shared secret. Once this is done, the one key is used. Usually the client will choose a session key. Encrypt it with the public key and sent it to the other side. This can be de-crypted with the private key. Now both sides have the same key. Have a look at. https://en.wikipedia.org/wiki/Encrypted_key_exchange If you want both sides to use public and private keys, you need a certificate on both sides. Given how expensive this would on computing power it is generally not done that way.
Saitham (1 year ago)
Ok, let me rephrase that. So what I mean is that since the public key is PUBLIC and anyone could theoretically have it, how can any message that is encrypted with the private key be seen as secure? I mean anyone with the public key in that key pair can decrypt that message.
itfreetraining (1 year ago)
What I believe your missing is that Asymmetric cryptography involves a key pair, a private key AND a public key. The public key is what is used to encrypt a message, as that is all it is capable of doing. Once encrypted, the message can now ONLY be decrypted by using the Private Key. In Asymmetric Cryptography, the Public key is freely given while the Private key is securely kept safe away from anyone who shouldn't have access to the encrypted messages.
Rawha Osman (1 year ago)
thanks a lot ... it was very useful جزاك الله خير
itfreetraining (1 year ago)
You're very welcome!
Beno Tsintsadze (1 year ago)
what do you mean by key...what is this key
itfreetraining (1 year ago)
In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm. For encryption algorithms, a key specifies the transformation of plaintext into ciphertext, and vice versa for decryption algorithms. Keys also specify transformations in other cryptographic algorithms, such as digital signature schemes and message authentication codes.
worldofd12 (1 year ago)
anybody who gives a "dislike", would you please explain what is wrong with these fabulous vids?
itfreetraining (1 year ago)
We second that!
James A. (1 year ago)
Wrong.
itfreetraining they are probably too young to understand this so they are like "this is wrong"
itfreetraining (1 year ago)
What is?
getahun abera (1 year ago)
nice job, could you please help me by IBC(identity based cryptography)? thanks
itfreetraining (1 year ago)
I can give it a try. What was your question? Have you had a look at the wiki page. https://en.wikipedia.org/wiki/ID-based_cryptography
Qurat-ul-ain Imtiaz (2 years ago)
can u guide me how to make an android application to encrypt videos
itfreetraining (2 years ago)
Our apologies but we don't have any experience programming Android applications.
Hany Aadel (2 years ago)
Perfect Explanation Thanks very much
itfreetraining (2 years ago)
You're most welcome! Thanks for the great feedback!
Richard Riche (2 years ago)
at last.... i finally got this.
itfreetraining (2 years ago)
Glad we could help!
Dale Wiggins (2 years ago)
I think I get it now. Can anyone vouch if this simple way to explain it is accurate? ---------- Think of public keys as means to encrypt data, and private keys as a way to decrypt data. They are generated in pairs and go together. A client asks for the server to store a copy of its public key on the server (adding its public key to authrorized_keys file) When that client requests permission to the server, the server generates a random id, password, or token that the client will have to decrypt in order to "pass". The server encrypts/hashes this random password using the client's own public key and sends it back. Along with that, the server generates a private/public keypair of its own and sends the public key back to the client also. The client has the right private key to decrypt the password the server encypted and sent back, and does so. Now the client must send back the answer to the password to the server for verification, but do it securely. So it encrypts the password using the public key the server sent with with the original challenge, and sends to server. The server still has the private key it generated matching this public key, decrypts the password sent, and verifies it matches the random passord it generated for the request. At this point, they could/do continue to use this password as a common private "symmetric" key in order to be able to send data back and forth securely and quickly (common private key is faster).
Samin Kalhor (6 months ago)
https://youtu.be/YEBfamv-_do
itfreetraining (2 years ago)
The problem with using the private key is that everyone has the public key and thus can decrypt the information. However the private key can be used to generate a digital signature. See this video for more information. https://www.youtube.com/watch?v=LRMBZhdFjDI
Pedro Palacios (2 years ago)
It would not be so silly to use the private key to encrypt, in fact, we should use both. If you encrypt with the private key it assures you who is the owner and that the message hasn't been altered
itfreetraining (2 years ago)
Paragraph 1 The keys are essentially that same. So if you called them 1 and 2. If you encrypt with 1 you use 2 to decrypt. If you used 2 to encrypt you would use 1 to decrypt. To make things simple, when two keys are created, one is called private and one is called public. So public key is used to encrypt and private is used to decrypt. You could use the private key to encrypt, but this would be silly because everyone has the public key and would offer no security. Paragraph 2 Using public and private keys is very slow. Using one key is very quick. So you want a way to exchange a single key. So the client chooses a key. Uses the public key to encrypt it. Sends it to the sever. The server decrypts it with it's private key. It now knows the clients key. It uses this to encrypt it's own random key and sent it to the client. Or they can both use the same shared key. Either way, public and private keys are used to have a shared secret between both parties. For example, https uses this method. In regards to authentication. This can be done many different ways. For example, the server asks the client a question which it answers using it's password. It then sent this answer back to the server. Since the answer can only be calculated using the password which both sides know, the server knows the client has given the right password. Even though the password is never sent over the network. Hashing it when you put the password through an function which changes it to a random string of data. Same principal, the hash goes over the network rather then the password. Paragraph 3 The client generally does not have a private key. This is stored on the server. Once a secure channel has been set up using the private and public key to exchange a shared secret, it allows secure transmission. However, system likes Active Directory store a hash of the password and not the original password. So Active Directory does not know what the password is. So it will sent a challenge to the client which the client will use the password with. The server compares the answer with the hash it has stored. This way it can show the client knows the password even though the password is never transferred over the network. Paragraph 4 Yeap, that sounds correct. Once they have either a shared symmetric key or they both know each others symmetric key, they can sent data back and forth very quickly and securely.
Rasengan M (2 years ago)
thanks a lot! ;)
itfreetraining (2 years ago)
+Dilyor Mihidinov You're welcome! Thanks for watching!
Maryam Ishaq (2 years ago)
thanks! this will help me pass my exam.. wish me luck🙏🏼
Justin MC (1 year ago)
just joking
Justin MC (1 year ago)
I hope you fail it!
itfreetraining (2 years ago)
+Maryam Ishaq We wish you luck on your exam!
Marvin Dyer (2 years ago)
It seems to me you're trying to make it too complex. Take two identical dictionaries give every defined word a number than use a system with say! with 10,000 or 10,000,000 single individual digit. Give every number or word its own individual digit after that your options are almost endless.
itfreetraining (2 years ago)
+Marvin Dyer There are a large number of different encryption systems that can be used. The idea you have is a good one that will work in a certain situations. However, for things like SSL used in shopping carts it could not be used. So a system like this is required.
Odko Nanjid (2 years ago)
Thank you.
itfreetraining (2 years ago)
+Odko Nanjid You are most welcome.
Digant Shah (2 years ago)
Very well explained. Thank you.
itfreetraining (2 years ago)
+Digant Shah You're most welcome. Thanks for watching!
arctictoothpaste (3 years ago)
Why not cover the maths? The people who would watch this would need to understand it, would they not
Dr Bill (2 years ago)
+itfreetraining With all due respect, a simple example would go a long way, even if the results with small numbers were not actually secure. These presentations come out to be little more than talking about chemistry by telling people how useful chemicals are.
itfreetraining (3 years ago)
+arctictoothpaste The inner workings of encryption is too large to encompass in this one video.
sendeth (3 years ago)
finally. someone finally explained the one part no one else could.
itfreetraining (3 years ago)
+sendeth Thank you, we're glad our videos were able to help you
Behnam Anisi (3 years ago)
amazing you saved my life
Behnam Anisi (3 years ago)
Any time I wish you taught at our university
itfreetraining (3 years ago)
+Behnam Anisi We're glad that our videos were able to help you. Thanks for watching.
yumri4 (3 years ago)
some just use a private key then just image the system across all allowed computers and nothing else allows no one on but is more secure and never changes without changing it for everyone with a new OS image with the new key .... the best way to do it and the most annoying to the ppl who use the encrypted network
saurabh chatterjee (3 years ago)
nice explaination. Thanks
itfreetraining (3 years ago)
+saurabh chatterjee You're welcome.
Arnaud de La Taille (3 years ago)
Something is confusing: the private key is used to decrypt. But you placed it under the guy on the left.Having seen the first example, we expect the data to be sent to the guy on the right => the private key should be under him.Thanks for sharing this though :)
Arnaud de La Taille (3 years ago)
Thanks for your answer !
itfreetraining (3 years ago)
+Arnaud de La Taille Yes, I understand what you are saying. We will look at making it a bit clearer when we up date the video.
Chris Athanasiadis (3 years ago)
Awesome job dude, i dont know how i didn't find this channel earlier :)
itfreetraining (3 years ago)
+Chris Athanasiadis Thanks great. We're happy you found the video helpful
Erik Nijland (3 years ago)
thanks for the video, just one question I get that the user sends data to the server encrypted with the public key but only the server can descrypt it with the private key. But what about the stuff that the server sends back to the user (e.g. profile information after logging in, confirmation of orders) this isn't protected with the private key. Otherwise the user wouldn't be able to decrypt it. So from what I understand the servers response isn't using symetric encryption. Am I missing something?
itfreetraining (3 years ago)
+Erik Nijland Using public key and private key is very slow. For this reason, they are often used to get a session key or shard secret on both sides.For example, the client could chose a random session key and sent it to the server using it's public key. The server has the private key so it can get the session key. Now both sides have the same key. Using the same key on both sides is a lot faster. So the public and private keys are used to exchange the session key.
Luis Hernandez (3 years ago)
very good
itfreetraining (3 years ago)
+Luis Hernandez Thank you
Steff Young (3 years ago)
Thank you :)
itfreetraining (3 years ago)
+Steff Young You're welcome
Mares Fillies (3 years ago)
Awesome. :D
itfreetraining (3 years ago)
+Mares Fillies Thank you
Dhruvak Chokshi (3 years ago)
Thanks for posting informative video
itfreetraining (3 years ago)
Thanks, glad you found the video helpful!
jekennedy108 (3 years ago)
great explanation, thank you
itfreetraining (3 years ago)
Thank you, glad it helped!
asafel (3 years ago)
thanks for a great explanation
itfreetraining (3 years ago)
Thank you, we're glad you found the video helpful
Bobby Thomas (3 years ago)
I did not get how the transfer of key to 2nd user securily?
Mohnish Desai (3 years ago)
+itfreetraining okay I got it , thanks for making it clear!
itfreetraining (3 years ago)
+Mohnish Desai What do you mean? The public key can be transfer using any method. Generally for information to be transferred, a share key is created between the two computers and shared using certificates.
Mohnish Desai (3 years ago)
+itfreetraining The private key would be kept secure but how did the intended party get the information ? , in this case the person on the right hand side of screen ?
itfreetraining (3 years ago)
+Bobby Thomas Public key can be transported without any risk. Does not matter if someone reads it since data can only be read using the private key. The private key however should be kept secure.
JohnLiuFromHK (3 years ago)
In public key encryption, sender use his public to encrypt the data, but to decrypt it , the receiver must use the private key. But how can the receiver get the private key?
vijay shah (29 days ago)
JohnLiuFromHK y
walid Bashar (1 month ago)
JohnLiuFromHK the data is encrypted using the recipient public key 🔑 and decrypted is the recipient private key 🔐
Samin Kalhor (6 months ago)
https://youtu.be/YEBfamv-_do
Σ5 (1 year ago)
hamza assia a public key can only encrypt and can't be used to decrypt
hamza assia (1 year ago)
but if hacker intercepts when bob sends the message using the public key, he has the public key and he may decrypt it
Amazing and super-interesting stuff...thank you for your effort and generosity to share! I am a music teacher and publisher of music manuals in PDF format... Q 1. Client 1 purchases my manual. How do I set up my Adobe PDF document so even if he shares it with someone else, it will not open on other computers? Q 2. If I use the Public Key encryption, do I have to give the client the private key?   Q 3. Can he pass the key to other people to open my PDF if he shares it? Q 4. Does Public and private key encryption apply to communications and also to documents? Much obliged...my lessons are also free for practice at www.youtube.com/iLearnMusic4Free  in case you would like to subscribe...i subscribed to your excellent work! David Livianu [email protected] 
Syed Faizyab (10 months ago)
keraa ke pharaa maarya thai comment kare mathai ja soor bharwa kutaa loosi
William Heckman (3 years ago)
Why does the thief have to have a 5 oclock shadow and jail clothes ?
jekennedy108 (3 years ago)
I thought it was cute. Although it did make me question my shaving habits!
itfreetraining (3 years ago)
I though that graphic would be interesting rather then a regular graphic of a person, but essentially it is just a 3rd party ears dropping on the conversation.
Ben Keeping (3 years ago)
How did you know he was a thief? He's mostly just referred to as "a third party"?
HydroTekZ (4 years ago)
Great video! :)
itfreetraining (3 years ago)
Thanks very much.
rajit bansal (4 years ago)
Can u tell what is an private key and what is an public key?
itfreetraining (3 years ago)
Public key is used to encrypt and private key is used do decrypt. Private key you should not give to anyone, however the public key you can give to anyone.
Edward Torvalds (3 years ago)
+rajit bansal you can freely distribute public key, but for private key you keep it secret i.e. you dont show it to anybody
Andy Kerr (4 years ago)
Brilliant. Thanks for that
itfreetraining (4 years ago)
Thanks very much.
Laith (4 years ago)
The only other place where I see so many Indians commenting is on a Bollywood movie. LOL
Ran Y2J (3 months ago)
So you just compare a networking video with Bollywood. I am pretty sure after typing this, you laugh in awe on how smart you were. Fucking salty Spic.
oinam lemba (5 months ago)
WWE and Cricket is there
Fairuz (7 months ago)
The only other place I see comments like this are on forums frequented by illiterates. LOL
Jay Love i came here to comment "send bubs n vagene" not to get complemented like this
Jay Love (1 year ago)
I guess they're smart and have their priorities right. I think Indians are the smartest people in the world.
Nishant Thakur (4 years ago)
gr8
itfreetraining (4 years ago)
Thanks.
Hadiya shailesh (4 years ago)
very useful
itfreetraining (4 years ago)
Thanks
Mohammed Moubasher (4 years ago)
Thank you very much, very useful :)
itfreetraining (4 years ago)
Thanks very much.
송치윤 (4 years ago)
not wendy! it's when data : ) Thanks for the video. It helped me a lot!
Shaun Pedicini (4 years ago)
+itfreetraining I'm pretty sure they're talking about the automatically generated captions as opposed to the correct ones which you as the uploader supplied.
itfreetraining (4 years ago)
What are you talking about?
itfreetraining (5 years ago)
Thanks, glad we could help.
Trung Dang Duc (5 years ago)
i used to be scared about CA, PKI... much better to see these series
itfreetraining (5 years ago)
Thanks very much.
Ganesh V L (5 years ago)
Excellent.. Thank you ..
itfreetraining (5 years ago)
Basically the way it works is that which every key is used to encrypt the data, the other key is need to decrypt the data. So for arguments shake, if you were to use the private key to encrypt data (generally you would not do this) the public key would be needed to decrypt the data. This is how PKI systems work, which ever key is used, the other key is required to decrypt. It make it simple one is called private and one is called public.
itfreetraining (5 years ago)
Much appreciated
itfreetraining (5 years ago)
Great to hear. It's good to know our videos are appreciated. Thanks liptongtr
liptongtr (5 years ago)
Great example on how one type of encryption is used toset up another. Also I never knew how SSL sessions were set up, more great info.
Coineach Pierce (5 years ago)
damn! I am so sorry I didn't say anything sooner to save you time. I watched the video again and got a handle on it. most people don't answer my question and I didn't think you would either. but thank you for taking the time to respond; it's more than I deserve. thanks again so much.
itfreetraining (5 years ago)
It does have some of the same material in it from a previous video. Some of the content may get duplicated as we move towards modular training. This video will be organised into a play list later on based on any course it is relevant to. This means that if you study for 2008 and then later 2012, it saves you watching a second video on the same material if the first video released covered it and it has not changed. It also helps if we want to update the video later on, or add linux videos.
itfreetraining (5 years ago)
4) Since the server now has the pre-master key, it can generate a session key and use the pre-master key to encrypt this key and send it to the client. Now both sides have the same session key which is used for encryption. You can see how even though encryption is supported only in one direction using private and public keys, it can be used to set up another encryption method which works in both directions which is what commonly happens.
itfreetraining (5 years ago)
The way SSL gets around this is the following.For example you are accessing a web site. 1) Public key is obtain by the user. 2) For encryption to happen, both sides now need to agree on a symmetric key and this key needs to be exchanged to both sides. Public key and private key is used to make these exchange happen.Generally the client will generate a pre-master key that is sent to the server using the public key. 3) The server can then obtain this pre master key using the private key.
itfreetraining (5 years ago)
This will allow data to be sent one way. If you wanted to send data the other way you would need another key pair so both sides had their own private key and a public key to give the other side.
Coineach Pierce (5 years ago)
2:11 - 2:55 Very confusing. "public key needed to encrypt traffic. private key needed to decrypt, but private key not needed to decrypt therefore no need to send private key" hmmm! how is he gona decrypt without private key?
EyEvil (5 years ago)
I saw video like that before I think, does this one is improved or it's almost the same?
jeylful (5 years ago)
Excellent, as usual. Thank you for your time towards the thorough videos.
Parashuram Joshi (1 year ago)
Digital signetur

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.