0:32

And also, you should be able to identify two different types of

cryptography that arise as a result.

It might be helpful throughout our discussion to imagine the physical

security analogy of encryption.

Which could be, we're actually taking some written information on a piece of paper,

placing it in a box, and locking that box with a key.

And that's actually quite a helpful analogy for what we're about to describe.

So let's consider some basic terminology now.

So plaintext is going to represent the information we're trying to protect.

1:01

We're going to convert that, to make it confidential,

into something called ciphertext,

which is going to be unreadable and it's not going to make any sense.

We're going to allow an attacker to observe ciphertext as it's sent across

a communication channel, and hopefully,

they will learn nothing about the plaintext as a result.

The person we're sending the data to, hopefully,

will be able to somehow get the plaintext back from the ciphertext.

So that's the challenge.

Now the means by which plaintext is converted into ciphertext will be by means

of an encryption algorithm.

And an algorithm is really just a recipe.

So it's a bunch of instructions that say scramble up the plaintext

in the following way.

And it's converted into ciphertext.

And then the decryption algorithm, something known to the recipient, allows

them to deconstruct that ciphertext, and recover the plaintext from it.

So this is best seen by means of an example, a very, very simple example.

And this is something called the Atbash cipher.

So the Atbash cipher is represented by a table, there are blue letters on top,

red letters underneath.

And we just look up this table to convert our plaintext message consisting of blue

letters, into a ciphertext message consisting of red letters.

And the encryption algorithm, in this case, is very straightforward.

It just says look up the table, and replace the blue letter by the red letter,

and the decryption algorithm is the reverse.

Let's look at an example.

So the plaintext, top secret, would just be converted

into a ciphertext, G L K H V X I V G, by looking at that table.

And hopefully, an attacker who observes G L K H V X I V G sent across

a communication channel will be able to make no sense of it at all.

However, the recipient, knowing we're using the Atbash cipher, can deconstruct

the message from the same table and recover the plaintext, top secret.

So the question is,

do we really get confidentiality from use of this Atbash cipher?

2:58

Well, in fact, there are many reasons why the answer is no,

the Atbash cipher is not a very good way of scrambling data.

Perhaps the most fundamental one, though, is that if you think about the way we want

to use cryptography in modern technologies,

it's important that everybody understands how security is provided.

If we're going to go and tell somebody we're using the Atbash cipher,

then actually, we're revealing completely how our data is scrambled.

Because there's only one way in the Atbash cipher of replacing letters by letters.

Letter A is always replaced by Z, the letter B is always replaced by Y, etc.

Anyone knowing or using the Atbash cipher can immediately recover a message.

The decryption algorithm is immediate.

So we need to basically do something a bit cleverer.

Now if we go back to the model of encryption, what we need to do is

introduce something into this model that changes and can change over time.

And that's the role of a key.

So once again, to convert plaintext into ciphertext,

we're going to feed the plaintext into an encryption algorithm,

which is a recipe, but that's also going to take an encryption key as input.

And the ciphertext that's produced will depend not just on the encryption

algorithm, but also on the encryption key.

Likewise, the recipient will need a decryption algorithm to unscramble.

But they'll also need a decryption key, and

that's the thing that changes over time.

And once again, this is probably best seen by an example.

4:20

So again, we're going to use an encryption algorithm that's a lookup table,

we're going to place letters in the top by letters underneath.

But instead of having only one way of doing this,

we're going to make it the case that the letters underneath can be

represented in any number of different ways.

What's going to have to happen is the sender and

receiver are going to have to agree how the encoding is done.

The algorithm will still be a table,

take the letter on top, replace it by the letter underneath.

But the particular letter that's chosen will be the key, and

that will be unknown by an attacker who observes this ciphertext.

So, for example, if we take the following table,

where a is replaced by D, b by I, c by Q, etc.

In that case, the message, top secret,

is now replaced by the ciphertext P R J W T Q U T P.

5:05

But on the other hand, if we have a completely different key and

replace a by N, b by R, c by A, then on this occasion,

the plaintext top secret is converted into ciphertext X V J B K A D K X.

And you can see that now there are many,

many different ways in which we can replace the plaintext by ciphertext.

And they all depend on different keys.

Keys the receiver has agreed with the sender before the encryption was used.

Now, in general, we're going to need lots and lots of keys.

And in fact, that way of encrypting we've just discussed is sometimes called

the simple substitution cipher.

And the question is, how many different ways could we have scrambled that message

top secret?

And the answer is 40,000 times more than the number of stars in our universe,

which is a lot.

So there is no way someone is going to chance on the correct key under this kind

of system, if they just try them at random.

Now that simple substitution cipher is fundamentally flawed in lots of different

ways, which we'll not talk about.

6:07

What is important to realize is that modern encryption algorithms,

like the Advanced Encryption Standard, which is in many of the technologies we

use every day, doesn't have these kinds of flaws.

It, in itself, is a recipe, a way of scrambling data.

Rather like just replace the plaintext letter by the ciphertext underneath.

It's much more complicated, but

it scrambles data in a particular way, according to a particular recipe.

And it too takes in a key, and there are many,

many more keys than even that simple substitution cipher.

But it's fundamental to realize the difference between the recipe and the key.

And these are two critical features of any encryption process.

Now there are two very different types of encryption system, and

this is something that's worth flagging right now.

And if you go back and remember the analogy for

encryption is locking information away in a box,

it's actually helpful then to think about locks and keys for a moment.

Because there are two types of locking mechanisms we use

in the every day physical world.

There are locks where we need the same key to lock a box, and

we need that key to unlock the box, and we need the key on both parts of the process.

But there are also keys, like padlocks, for example,

where anyone can lock the box just by snapping the padlock shut, and

only the person who holds the key can unlock the box.

And if we think about unlocking as being decryption, what this tells us is in any

encryption mechanism, the decryption key will have to be a secret.

It has to be something held only by the intended recipient of some information.

But the locking key, the encryption key doesn't necessary have to be a secret.

And this defines two types of cryptography.

So in symmetric encryption, the encryption key and

the decryption key are the same thing.

And therefore, have to be secret.

But in public-key cryptography, rather like the padlock analogy,

the encryption key can be a piece of public information.

So anyone can encrypt something, and only the decryption key needs to be a secret.

We'll come back to the importance of that in a later lesson, but it's important at

this stage to realize these two very different types of cryptography exist.

So, in summary, encryption algorithms are recipes, they're ways of scrambling data.

And keys play a critical role,

because keys allow the data to be scrambled in different ways,

many different ways, more ways than there are stars in the universe, hopefully.

And there are two very different types of cryptography.

In symmetric cryptography, the encryption key and

decryption key are the same, and need to be held secret.

Whereas in public-key cryptography, the encryption key could be

something everybody knows, and only the decryption key needs to be held secret.

[MUSIC]