Master Encryption Basics: Public Key, SSL & Cipher Suites ๐
Discover essential encryption techniques to secure your network! Learn about Public Key Encryption, SSL, and Cipher Suites in this easy-to-understand guide. Perfect for beginners wanting to boost their cybersecurity knowledge.
Network Direction
17.4K views โข Nov 12, 2019
About this video
Learn how to keep your Network secure by understanding the basics of Public Key Encryption, SSL and Cipher Suites. This video is for you!
Thereโs symmetric cryptography, and asymmetric cryptography (Also called public key encryption). And they work in different ways. Symmetric uses keys that are shared with all parties that need to encrypt and decrypt the information. Sharing the keys among everyone can be tricky to do securely.
On the other hand, asymmetric encryption is completely different. This uses a pair of keys, public and private, which are always used together. Either can encrypt, but the other is used to decrypt. The problem is that this is a very slow process.
Good thing we can combine the two to get the best of both worlds. We can use public key encryption to generate and share private keys (as well as perform authentication), and then we can use these keys with a symmetric cipher for the bulk of the secret information.
These ciphers, along with a security protocol (like SSL, TLS, Kerberos, IPSec), a mode of operation, and a hashing algorithm, make up a cipher suite.
But itโs probably easier to understand with an example, such as an HTTPS connection between a client and a web server.
The client and server will send a โclient helloโ and โserver helloโ message, which includes random numbers, suitable cipher suites, and the serverโs certificate.
If they agree to proceed, the client can then generate the pre-master key, encrypt it with the servers' public key, and send it. Both sides can then use their three numbers to generate session keys, which are used with the symmetric cipher for the bulk of encryption.
But any of these ciphers can be found to be insecure in the future. There are a few tricks to learn to keep your systems secure...
Overview of this video:
0:00 Introduction
0:26 Symmetric vs Asymmetric (public key encryption)
3:36 Security Protocols and Cipher Suites
6:23 An SSL Connection
9:07 Staying Secure
Links, for more information:
https://www.ssl.com/article/ssl-tls-handshake-overview/
https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work/20847#20847
https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html
https://cheatsheetseries.owasp.org/cheatsheets/TLS_Cipher_String_Cheat_Sheet.html
https://www.ssllabs.com/ssltest/
(Affiliate Link) Network Security book:
https://click.linksynergy.com/link?id=RL4E*8CmbSY&offerid=145238.1193272&type=2&murl=http%3A%2F%2Fwww.informit.com%2Ftitle%2F9780137156375
Patreon information: https://networkdirection.net/patreon/
LET'S CONNECT
๐ https://www.youtube.com/c/networkdirection
๐ https://twitter.com/NetwrkDirection
๐ https://www.patreon.com/NetworkDirection
๐ https://www.networkdirection.net
#NetworkDirection
#cybersecurity
#cryptography
Thereโs symmetric cryptography, and asymmetric cryptography (Also called public key encryption). And they work in different ways. Symmetric uses keys that are shared with all parties that need to encrypt and decrypt the information. Sharing the keys among everyone can be tricky to do securely.
On the other hand, asymmetric encryption is completely different. This uses a pair of keys, public and private, which are always used together. Either can encrypt, but the other is used to decrypt. The problem is that this is a very slow process.
Good thing we can combine the two to get the best of both worlds. We can use public key encryption to generate and share private keys (as well as perform authentication), and then we can use these keys with a symmetric cipher for the bulk of the secret information.
These ciphers, along with a security protocol (like SSL, TLS, Kerberos, IPSec), a mode of operation, and a hashing algorithm, make up a cipher suite.
But itโs probably easier to understand with an example, such as an HTTPS connection between a client and a web server.
The client and server will send a โclient helloโ and โserver helloโ message, which includes random numbers, suitable cipher suites, and the serverโs certificate.
If they agree to proceed, the client can then generate the pre-master key, encrypt it with the servers' public key, and send it. Both sides can then use their three numbers to generate session keys, which are used with the symmetric cipher for the bulk of encryption.
But any of these ciphers can be found to be insecure in the future. There are a few tricks to learn to keep your systems secure...
Overview of this video:
0:00 Introduction
0:26 Symmetric vs Asymmetric (public key encryption)
3:36 Security Protocols and Cipher Suites
6:23 An SSL Connection
9:07 Staying Secure
Links, for more information:
https://www.ssl.com/article/ssl-tls-handshake-overview/
https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work/20847#20847
https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html
https://cheatsheetseries.owasp.org/cheatsheets/TLS_Cipher_String_Cheat_Sheet.html
https://www.ssllabs.com/ssltest/
(Affiliate Link) Network Security book:
https://click.linksynergy.com/link?id=RL4E*8CmbSY&offerid=145238.1193272&type=2&murl=http%3A%2F%2Fwww.informit.com%2Ftitle%2F9780137156375
Patreon information: https://networkdirection.net/patreon/
LET'S CONNECT
๐ https://www.youtube.com/c/networkdirection
๐ https://twitter.com/NetwrkDirection
๐ https://www.patreon.com/NetworkDirection
๐ https://www.networkdirection.net
#NetworkDirection
#cybersecurity
#cryptography
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
17.4K
Likes
349
Duration
11:59
Published
Nov 12, 2019
User Reviews
4.6
(3)