0:05

Hi, folks.

I want to talk about some protocol here called Diffie-Hellman Key Exchanges

that I think is just absolute the most marvelous thing,

the most marvelous contribution from cybersecurity to computer science.

I don't think there's any question that this is the greatest thing we,

as cybersecurity people have done for the larger discipline.

But I want to back you up a little bit and

talk about something called the Turing Award.

So the Association for Computing Machinery,

ACM is our oldest professional society focused on computing.

There's another one called IEEE, which has a broader reach.

That's been around a longer a little longer,

but ACM has been kind of at the forefront of computing for many years.

They publish a magazine called communications of the ACM,

CACM which has always been kind of our best journal.

And I hope some of you, if it's possible,

maybe through work or whatever become members of the ACM.

But they give out this award each year called the Turing Award,

named after Alan Turing and it's really our version of the Nobel Prize.

For us, it's probably the greatest award you can win with Diffie and

Marty Hellman won it for the protocol I'm going to be showing you.

I asked with Diffie once what it was like to win the award and he said,

he got the phone call and he was numb.

It was so excited and it was right before the RSA conference.

There's a conference each year held in California.

He wanted ACM to announce it, because the conference was just coming up.

It was sort of the first security guys who'd won the award.

So, we were all excited and I think ACM was willing to move the award date up to

be coincident with our conference.

The point is that it's funny how cybersecurity and

computer science sort of intertwine and this concept that I'm going to share with

you right now is just so fundamental to everything you do on the internet today.

So, let's make sure you understand it.

I want to make sure, that's why let's sort of focus

one video on a very simple concept, but absolutely marvelous.

Now you remember,

we said if I encrypt using the public key of a recipient, I get secrecy.

If I encrypt using the secret key of the sender, I get authentication.

If I do authentication and

then secrecy by doing successive operations with a message,

I get this Diffie-Hellman exchange that we said gave us secrecy and authentication.

But we were concerned that we lost the efficiency of single DES,

triple DES, whatever algorithm you're using for block encryption.

Conventional encryption.

So I want you to imagine Alice and Bob not just having the public secret key pairs,

but also having a bulk encryption algorithm.

Let's say, it's triple DES.

Why not?

And what we would want is a key distribution center or somebody that would

give us the key, K1, 2, 3 or just K1, whatever we'd be using.

Let's just call it K for each triple DES.

Here's what Diffie and Hellman came up with and this is what [INAUDIBLE].

They said, don't make message M just some message.

Make it the key.

3:53

And now, generate a triple DES key locally.

Make that the message M, the key.

Use Diffie-Hellman key exchange to get it to a recipient.

And now, you've got keys at either end with no key distribution center.

It's a way of solving a problem that preserves the inner operability.

It fix the scaling.

It keep secrecy of authentication.

It takes the middle men out.

You don't need the key just to be at the center.

Every way you look at this thing, it's just magnificent.

They deserve a Turing Award.

They deserve to win everything they won here.

Because it's in my mind, one of the great contributions in communications.

You want to make sure you take some time to understand that idea,

that the message M is a key and that use it to preserve the usefulness of block or

bulk encryption in conventional cryptography and

you get rid of that key distribution center.

Absolutely wonderful concept and

something I want to make sure you have highlighted in your learning.

So, we'll see you in the next video.