1 00:00:00,310 --> 00:00:02,710 Cryptography considerations. 2 00:00:02,710 --> 00:00:04,670 In this lesson, we're going to cover 3 00:00:04,670 --> 00:00:06,810 kind of a hodgepodge of different things 4 00:00:06,810 --> 00:00:08,860 inside the world of cryptography. 5 00:00:08,860 --> 00:00:10,470 So we've talked about all the things you need to know 6 00:00:10,470 --> 00:00:12,030 really in-depth for the exam. 7 00:00:12,030 --> 00:00:13,440 And these are just a couple of things 8 00:00:13,440 --> 00:00:15,040 that are on the list of objectives. 9 00:00:15,040 --> 00:00:16,270 So I want to make sure I cover them 10 00:00:16,270 --> 00:00:17,950 so at least you've heard of them before. 11 00:00:17,950 --> 00:00:20,020 But you're not going to get a lot of questions on these. 12 00:00:20,020 --> 00:00:21,890 And really, if you know the definitions, 13 00:00:21,890 --> 00:00:24,450 that's about as deep as you need to go right now. 14 00:00:24,450 --> 00:00:26,060 These are all things that are kind of new 15 00:00:26,060 --> 00:00:27,560 to the world of cryptography. 16 00:00:27,560 --> 00:00:29,250 And that's why there's some of these considerations 17 00:00:29,250 --> 00:00:30,550 you have to think about, 18 00:00:30,550 --> 00:00:32,910 because they're kind of on the fringe of cryptography. 19 00:00:32,910 --> 00:00:34,920 But really when we talk about cryptography, 20 00:00:34,920 --> 00:00:36,310 we are really going to be focused 21 00:00:36,310 --> 00:00:38,550 on symmetric and asymmetric encryptions, 22 00:00:38,550 --> 00:00:40,620 as we talked about in the rest of this section. 23 00:00:40,620 --> 00:00:42,430 So what are some of these terms? 24 00:00:42,430 --> 00:00:43,950 It's things like blockchain, 25 00:00:43,950 --> 00:00:46,070 and quantum, and post quantum, 26 00:00:46,070 --> 00:00:49,100 and ephemeral, and homomorphic encryption. 27 00:00:49,100 --> 00:00:50,920 So let's go through each of these 28 00:00:50,920 --> 00:00:52,840 to introduce you to the concepts. 29 00:00:52,840 --> 00:00:54,520 Now, the first one is blockchain, 30 00:00:54,520 --> 00:00:56,370 and you've probably heard of this before. 31 00:00:56,370 --> 00:00:58,830 A blockchain is a shared immutable ledger 32 00:00:58,830 --> 00:01:00,460 for recording transactions, 33 00:01:00,460 --> 00:01:02,900 tracking assets, and building trust. 34 00:01:02,900 --> 00:01:04,430 Now, when we talk about the blockchain, 35 00:01:04,430 --> 00:01:06,840 you're probably thinking about cryptocurrencies 36 00:01:06,840 --> 00:01:08,090 because these are some of the most 37 00:01:08,090 --> 00:01:09,800 famous examples out there. 38 00:01:09,800 --> 00:01:12,500 For example, Bitcoin has been all the rage 39 00:01:12,500 --> 00:01:13,710 for about a decade, 40 00:01:13,710 --> 00:01:16,230 and this was really the first commercially available 41 00:01:16,230 --> 00:01:19,340 type of thing that was using the blockchain. 42 00:01:19,340 --> 00:01:21,020 Now, when we talk about the blockchain, 43 00:01:21,020 --> 00:01:22,990 the way it works is it's essentially 44 00:01:22,990 --> 00:01:24,900 a really long series of information. 45 00:01:24,900 --> 00:01:27,730 And each block contains information in it. 46 00:01:27,730 --> 00:01:30,670 That block is this ledger that we're talking about. 47 00:01:30,670 --> 00:01:32,500 In it, you're going to have the previous hash 48 00:01:32,500 --> 00:01:33,850 for the block before it. 49 00:01:33,850 --> 00:01:35,570 So if I'm looking at block 11 here, 50 00:01:35,570 --> 00:01:36,900 you can see that previous hash 51 00:01:36,900 --> 00:01:38,960 is actually the hash of block 10. 52 00:01:38,960 --> 00:01:40,090 Then we have the timestamp. 53 00:01:40,090 --> 00:01:42,610 When was the last time this block was modified. 54 00:01:42,610 --> 00:01:44,420 We have that route transactions. 55 00:01:44,420 --> 00:01:46,010 And under there, we have hashes 56 00:01:46,010 --> 00:01:48,220 for each of the different transactions that have occurred. 57 00:01:48,220 --> 00:01:51,260 And these things all roll up as you see transaction zero, 58 00:01:51,260 --> 00:01:53,620 and transaction one each had their own hash. 59 00:01:53,620 --> 00:01:56,840 Then we combine those to give us a Hash01 together. 60 00:01:56,840 --> 00:02:00,260 And then we can combine Hash01 and Hash23 61 00:02:00,260 --> 00:02:03,280 and put those together to give us the transmission route. 62 00:02:03,280 --> 00:02:06,020 All of this kind of feeds up into that one block 63 00:02:06,020 --> 00:02:09,470 and there are millions of blocks inside this blockchain. 64 00:02:09,470 --> 00:02:11,200 Now, when we talk about the blockchain, 65 00:02:11,200 --> 00:02:12,910 the other thing we have to think about is what's known 66 00:02:12,910 --> 00:02:14,420 as a public ledger. 67 00:02:14,420 --> 00:02:17,060 Now the public ledger is a record keeping system 68 00:02:17,060 --> 00:02:18,840 that maintains participants identities 69 00:02:18,840 --> 00:02:21,180 in a secure and anonymous form. 70 00:02:21,180 --> 00:02:22,830 This also keeps track of the respective 71 00:02:22,830 --> 00:02:24,510 cryptocurrency balances if we're dealing 72 00:02:24,510 --> 00:02:27,230 with cryptocurrency, and it has a record book 73 00:02:27,230 --> 00:02:29,160 for all the genuine transactions 74 00:02:29,160 --> 00:02:30,100 that have been executed 75 00:02:30,100 --> 00:02:32,510 between different network participants. 76 00:02:32,510 --> 00:02:34,830 So as we start dealing with the blockchain, 77 00:02:34,830 --> 00:02:37,810 everyone is a part of this massive peer to peer network. 78 00:02:37,810 --> 00:02:39,120 It is decentralized. 79 00:02:39,120 --> 00:02:41,540 And because of that, we use this series of hashes 80 00:02:41,540 --> 00:02:44,010 to make sure that everything is being recorded properly, 81 00:02:44,010 --> 00:02:47,030 and then nobody can change it without proper permission 82 00:02:47,030 --> 00:02:49,420 that gets authenticated throughout the blockchain. 83 00:02:49,420 --> 00:02:51,230 In addition to talking about cryptocurrencies 84 00:02:51,230 --> 00:02:53,500 with the blockchain, there are commercial uses 85 00:02:53,500 --> 00:02:54,900 for the blockchain too. 86 00:02:54,900 --> 00:02:56,150 One of the biggest people out there 87 00:02:56,150 --> 00:02:59,420 who really likes to push blockchain is IBM. 88 00:02:59,420 --> 00:03:02,440 IBM is really focused on getting the blockchain 89 00:03:02,440 --> 00:03:05,620 into use inside of the commercial environment. 90 00:03:05,620 --> 00:03:07,210 One of the ways they've been doing this 91 00:03:07,210 --> 00:03:10,150 is to be using what's called a permissioned blockchain. 92 00:03:10,150 --> 00:03:11,430 Now a permissioned blockchain 93 00:03:11,430 --> 00:03:13,410 is going to be used for business transactions 94 00:03:13,410 --> 00:03:15,810 and it promotes new levels of trust and transparency 95 00:03:15,810 --> 00:03:18,010 using this immutable public ledger, 96 00:03:18,010 --> 00:03:21,160 meaning we can know everything about that particular piece 97 00:03:21,160 --> 00:03:23,530 of information that's being stored in the blockchain. 98 00:03:23,530 --> 00:03:25,020 Now, one of the places they're trying to use 99 00:03:25,020 --> 00:03:27,130 the blockchain is in the supply chain. 100 00:03:27,130 --> 00:03:29,000 This way we can have a fully traceable 101 00:03:29,000 --> 00:03:30,970 and transparent supply chain. 102 00:03:30,970 --> 00:03:33,000 If you think about from a food perspective, 103 00:03:33,000 --> 00:03:35,200 it would be really nice to know exactly 104 00:03:35,200 --> 00:03:38,870 when and where and how that food was grown, 105 00:03:38,870 --> 00:03:40,900 when and where and how it was picked, 106 00:03:40,900 --> 00:03:42,810 when and where and how it was shipped, 107 00:03:42,810 --> 00:03:44,970 where and when and how it was processed, 108 00:03:44,970 --> 00:03:46,630 all the way through the sales chain 109 00:03:46,630 --> 00:03:48,250 until you finally got it. 110 00:03:48,250 --> 00:03:50,330 This way, you can know all the information 111 00:03:50,330 --> 00:03:52,680 about that particular food to make sure 112 00:03:52,680 --> 00:03:54,630 it is following the right procedures, 113 00:03:54,630 --> 00:03:56,760 and you have all the information you need. 114 00:03:56,760 --> 00:03:59,260 Because it's inside the immutable public ledger, 115 00:03:59,260 --> 00:04:00,460 nobody can modify it. 116 00:04:00,460 --> 00:04:02,950 And we all know exactly where it's been. 117 00:04:02,950 --> 00:04:05,770 Now, the next thing we're going to talk about is quantum. 118 00:04:05,770 --> 00:04:07,950 Now, there's really three areas we have to talk about. 119 00:04:07,950 --> 00:04:09,120 When we talk about quantum. 120 00:04:09,120 --> 00:04:11,200 We need to talk about quantum computing, 121 00:04:11,200 --> 00:04:14,300 quantum communications, and post-quantum cryptography. 122 00:04:14,300 --> 00:04:16,470 The first is quantum computing. 123 00:04:16,470 --> 00:04:18,700 Now quantum computing is where we take a computer 124 00:04:18,700 --> 00:04:21,020 that uses quantum mechanics to generate 125 00:04:21,020 --> 00:04:23,570 and manipulate quantum bits known as qubits 126 00:04:23,570 --> 00:04:26,690 in order to access enormous processing power. 127 00:04:26,690 --> 00:04:28,710 Now, I know this is a weird definition 128 00:04:28,710 --> 00:04:29,950 because in the definition 129 00:04:29,950 --> 00:04:32,580 we're actually using both terms inside of it. 130 00:04:32,580 --> 00:04:35,200 We're using the word quantum and the word computing, 131 00:04:35,200 --> 00:04:36,550 or computer in this case. 132 00:04:36,550 --> 00:04:38,300 And I really don't like doing that in a definition, 133 00:04:38,300 --> 00:04:40,780 but there's really no better way to explain this. 134 00:04:40,780 --> 00:04:42,460 When you think about a classic computer, 135 00:04:42,460 --> 00:04:44,960 like the one you're watching this course on right now, 136 00:04:44,960 --> 00:04:47,920 it uses ones and zeros to process information. 137 00:04:47,920 --> 00:04:50,900 And the faster you can process those ones and zeros, 138 00:04:50,900 --> 00:04:53,550 that means the faster you can get information done, 139 00:04:53,550 --> 00:04:55,400 and that's going to be a faster computer. 140 00:04:55,400 --> 00:04:56,500 Well, at a certain point, 141 00:04:56,500 --> 00:04:58,970 we can't make our computers really any faster. 142 00:04:58,970 --> 00:05:00,850 And we run out of computing capability. 143 00:05:00,850 --> 00:05:03,180 So what we ended up doing was taking single processors 144 00:05:03,180 --> 00:05:05,820 and putting in two processors, or we made quad-core, 145 00:05:05,820 --> 00:05:08,360 which had four processors, or make octa-core, 146 00:05:08,360 --> 00:05:09,630 which has eight processors. 147 00:05:09,630 --> 00:05:11,980 And that's the way we've been able to speed up computers. 148 00:05:11,980 --> 00:05:13,150 Well, with quantum computing 149 00:05:13,150 --> 00:05:15,480 is a completely different ball game. 150 00:05:15,480 --> 00:05:17,280 Instead of using ones and zeros, 151 00:05:17,280 --> 00:05:20,690 we use these things known as quantum bits or qubits. 152 00:05:20,690 --> 00:05:23,490 Now this can be done in computing or in communications. 153 00:05:23,490 --> 00:05:24,970 When we deal with communications, 154 00:05:24,970 --> 00:05:26,640 we're talking about quantum communications 155 00:05:26,640 --> 00:05:28,410 being a communications network 156 00:05:28,410 --> 00:05:31,300 that relies on using qubits made of photons, 157 00:05:31,300 --> 00:05:34,050 in our case light, to send multiple combinations 158 00:05:34,050 --> 00:05:36,440 of ones and zeros simultaneously, 159 00:05:36,440 --> 00:05:38,140 which will result in tamper assistant 160 00:05:38,140 --> 00:05:40,410 and extremely fast communications. 161 00:05:40,410 --> 00:05:41,930 Again, I know this is very vague, 162 00:05:41,930 --> 00:05:44,120 but hanging in here for a second. 163 00:05:44,120 --> 00:05:45,520 Now, when we talk about quantum, 164 00:05:45,520 --> 00:05:47,320 I keep talking about these qubits. 165 00:05:47,320 --> 00:05:48,700 I talk about the fact that there's difference 166 00:05:48,700 --> 00:05:50,740 between our traditional electrons, 167 00:05:50,740 --> 00:05:54,250 which are either on or off, ones and zeroes, or a qubit. 168 00:05:54,250 --> 00:05:56,130 So what is a qubit? 169 00:05:56,130 --> 00:05:58,990 Well, a qubit is really just a quantum bit. 170 00:05:58,990 --> 00:06:01,460 It's composed of either electrons or photons, 171 00:06:01,460 --> 00:06:04,010 so it can be electrical or made by light, 172 00:06:04,010 --> 00:06:06,120 and it can represent numerous combinations 173 00:06:06,120 --> 00:06:08,600 of ones and zeros at the same time 174 00:06:08,600 --> 00:06:10,960 using something known as superposition. 175 00:06:10,960 --> 00:06:12,600 And this is really the main benefit 176 00:06:12,600 --> 00:06:14,300 of using quantum computing, 177 00:06:14,300 --> 00:06:16,960 because you're not just having a single one or a zero 178 00:06:16,960 --> 00:06:19,200 and you can do multiple combinations of ones and zeros 179 00:06:19,200 --> 00:06:21,860 at the same time with this one qubit, 180 00:06:21,860 --> 00:06:24,110 you can actually crunch through a wide variety 181 00:06:24,110 --> 00:06:26,200 of potential outcomes simultaneously. 182 00:06:26,200 --> 00:06:29,370 And so it's really great for complex math problems. 183 00:06:29,370 --> 00:06:31,520 That's the idea of quantum computing. 184 00:06:31,520 --> 00:06:33,350 When you think about quantum computing, 185 00:06:33,350 --> 00:06:35,700 it's never going to replace the computer on your desktop. 186 00:06:35,700 --> 00:06:37,620 That's not what it's designed for. 187 00:06:37,620 --> 00:06:40,200 It's designed for very specific use cases, 188 00:06:40,200 --> 00:06:42,430 such as very complex math problems 189 00:06:42,430 --> 00:06:44,270 or trying to do something like the modeling 190 00:06:44,270 --> 00:06:47,240 of an atom or some kind of atomic structure. 191 00:06:47,240 --> 00:06:49,540 Now, why should I care about quantum then 192 00:06:49,540 --> 00:06:51,310 if it's never going to be on my desktop? 193 00:06:51,310 --> 00:06:52,610 Well, because there's one thing 194 00:06:52,610 --> 00:06:54,850 that quantum is really, really good at. 195 00:06:54,850 --> 00:06:57,050 And what is that? Math problems. 196 00:06:57,050 --> 00:06:58,140 And I just mentioned that. 197 00:06:58,140 --> 00:06:59,770 And if you think about cryptography, 198 00:06:59,770 --> 00:07:02,400 all cryptography is, is a bunch of math problems. 199 00:07:02,400 --> 00:07:04,840 And so because cryptography is used to secure 200 00:07:04,840 --> 00:07:06,520 our communications and our data, 201 00:07:06,520 --> 00:07:08,770 by relying on how difficult a math problem 202 00:07:08,770 --> 00:07:11,200 is to compute with our traditional computers. 203 00:07:11,200 --> 00:07:13,550 That's what gives us strength in cryptography. 204 00:07:13,550 --> 00:07:15,760 Well, if quantum computers are really good at doing math 205 00:07:15,760 --> 00:07:17,600 problems and they can do it much, much faster, 206 00:07:17,600 --> 00:07:21,110 that means our cryptography could actually be taken down. 207 00:07:21,110 --> 00:07:23,210 And this is why we have to start thinking about this 208 00:07:23,210 --> 00:07:25,420 because one of the things that we rely on so heavily 209 00:07:25,420 --> 00:07:27,160 in cryptography is key exchanges 210 00:07:27,160 --> 00:07:29,300 using asymmetric communication. 211 00:07:29,300 --> 00:07:31,630 Now, one way we do that is with public key infrastructure, 212 00:07:31,630 --> 00:07:33,520 which we're going to talk about in a little bit, 213 00:07:33,520 --> 00:07:36,460 but the whole concept here is that we want to have a way 214 00:07:36,460 --> 00:07:38,190 for us to do a simple math problem 215 00:07:38,190 --> 00:07:41,610 to create a very complex thing that has a difficult time 216 00:07:41,610 --> 00:07:43,320 of breaking it back apart. 217 00:07:43,320 --> 00:07:45,950 So for instance, if I take two prime numbers 218 00:07:45,950 --> 00:07:49,070 and I multiply them together and I give you the result, 219 00:07:49,070 --> 00:07:51,020 that result is very easy to calculate 220 00:07:51,020 --> 00:07:52,860 if you know what the two prime numbers. 221 00:07:52,860 --> 00:07:54,930 In our case of private and public key, 222 00:07:54,930 --> 00:07:57,060 which again, we're going to talk more about this later. 223 00:07:57,060 --> 00:07:58,360 Now, when you have that result, 224 00:07:58,360 --> 00:08:00,270 though, it might be a really large number, 225 00:08:00,270 --> 00:08:02,570 but there's only two things that can be factored into it. 226 00:08:02,570 --> 00:08:04,110 Those two keys that I just gave you, 227 00:08:04,110 --> 00:08:05,560 those two prime numbers. 228 00:08:05,560 --> 00:08:07,160 Well, with quantum computing, 229 00:08:07,160 --> 00:08:10,130 they can make very quick work of this type of math problem. 230 00:08:10,130 --> 00:08:12,270 Whereas our traditional computers can't, 231 00:08:12,270 --> 00:08:14,020 because they would try taking that big number 232 00:08:14,020 --> 00:08:16,530 and dividing by one and then dividing by two, 233 00:08:16,530 --> 00:08:18,890 then dividing by three and then by five, 234 00:08:18,890 --> 00:08:20,030 and then by seven, 235 00:08:20,030 --> 00:08:21,410 as they keep going through all the primes 236 00:08:21,410 --> 00:08:23,030 until they found the factors. 237 00:08:23,030 --> 00:08:24,570 But with quantum computing, 238 00:08:24,570 --> 00:08:26,750 this becomes a relatively easy math problem, 239 00:08:26,750 --> 00:08:28,820 and it can crack it much quicker for us. 240 00:08:28,820 --> 00:08:31,300 In fact, asymmetric encryption algorithms, 241 00:08:31,300 --> 00:08:33,770 those that are relying on this hard math problem 242 00:08:33,770 --> 00:08:35,030 have been mathematically proven 243 00:08:35,030 --> 00:08:37,270 to be broken by quantum computers. 244 00:08:37,270 --> 00:08:39,170 Now, the only good thing we have going for us 245 00:08:39,170 --> 00:08:42,550 is there's no real quantum computers in use today. 246 00:08:42,550 --> 00:08:44,940 The ones they have are only prototypes 247 00:08:44,940 --> 00:08:46,800 and they are very small scale, 248 00:08:46,800 --> 00:08:48,240 and they have been spending millions 249 00:08:48,240 --> 00:08:50,510 and millions of dollars to create these. 250 00:08:50,510 --> 00:08:52,310 Right now, the estimate is that 251 00:08:52,310 --> 00:08:54,210 we won't have a working quantum computer 252 00:08:54,210 --> 00:08:57,150 until at least 2025 or 2030 253 00:08:57,150 --> 00:08:59,220 in some sort of a production environment, 254 00:08:59,220 --> 00:09:00,810 maybe even later than that, 255 00:09:00,810 --> 00:09:02,930 but it is something we have to think about. 256 00:09:02,930 --> 00:09:05,460 Because our current encryption algorithms 257 00:09:05,460 --> 00:09:07,110 aren't made to a stand this. 258 00:09:07,110 --> 00:09:10,630 So that brings us to the idea of post-quantum cryptography. 259 00:09:10,630 --> 00:09:12,380 Now post-quantum cryptography 260 00:09:12,380 --> 00:09:14,610 is a new kind of cryptographic algorithm 261 00:09:14,610 --> 00:09:17,360 that can be implemented using today's classical computers, 262 00:09:17,360 --> 00:09:19,840 but would still be impervious to attacks 263 00:09:19,840 --> 00:09:22,960 from future quantum computers when they are available. 264 00:09:22,960 --> 00:09:24,080 Now, there's really two methods 265 00:09:24,080 --> 00:09:25,340 that we can use to try to create 266 00:09:25,340 --> 00:09:27,390 this post-quantum cryptography. 267 00:09:27,390 --> 00:09:29,900 The first method is just to increase our key size 268 00:09:29,900 --> 00:09:31,790 to increase the number of permutations 269 00:09:31,790 --> 00:09:33,530 that are needed to be brute forced. 270 00:09:33,530 --> 00:09:34,770 This works well when you're dealing 271 00:09:34,770 --> 00:09:38,220 with a symmetric encryption algorithm, something like AES. 272 00:09:38,220 --> 00:09:42,330 If I take AES 128 and I increase it to AES 256, 273 00:09:42,330 --> 00:09:44,520 for instance, I doubled the key length. 274 00:09:44,520 --> 00:09:46,920 But I now have actually squared 275 00:09:46,920 --> 00:09:48,660 the number of possible combinations 276 00:09:48,660 --> 00:09:50,160 that are going to have to be figured out 277 00:09:50,160 --> 00:09:51,580 by the quantum computer. 278 00:09:51,580 --> 00:09:54,320 And that extends the time and makes it much stronger 279 00:09:54,320 --> 00:09:55,920 and harder to crack. 280 00:09:55,920 --> 00:09:58,240 Now, the other way we can do this is by working 281 00:09:58,240 --> 00:10:00,090 on other approaches and researchers 282 00:10:00,090 --> 00:10:01,490 are doing this right now. 283 00:10:01,490 --> 00:10:03,970 They're looking into things like lattice-based cryptography 284 00:10:03,970 --> 00:10:07,190 and super singular isogenic key exchanges. 285 00:10:07,190 --> 00:10:09,040 Now, again, both of these terms 286 00:10:09,040 --> 00:10:10,010 are not something you need 287 00:10:10,010 --> 00:10:11,880 to understand or go in-depth on. 288 00:10:11,880 --> 00:10:14,150 In fact, when we talk about quantum computing 289 00:10:14,150 --> 00:10:15,780 and quantum communications, 290 00:10:15,780 --> 00:10:17,640 we think about qubits and all this stuff 291 00:10:17,640 --> 00:10:19,200 we're talking about with the word quantum, 292 00:10:19,200 --> 00:10:21,790 I just want you to associate this with something 293 00:10:21,790 --> 00:10:23,330 that can really break apart, 294 00:10:23,330 --> 00:10:26,030 our asymmetric encryption algorithms pretty quickly. 295 00:10:26,030 --> 00:10:28,160 And remember asymmetric encryption algorithms. 296 00:10:28,160 --> 00:10:30,290 We use those for things like key exchanges 297 00:10:30,290 --> 00:10:32,950 and digital signatures in public key infrastructure 298 00:10:32,950 --> 00:10:34,310 that we're going to talk about later. 299 00:10:34,310 --> 00:10:35,870 So that's really where the threat is 300 00:10:35,870 --> 00:10:37,300 when we start talking about quantum. 301 00:10:37,300 --> 00:10:39,880 Again, right now, we don't have any dedicated 302 00:10:39,880 --> 00:10:42,060 quantum resistant cryptography yet. 303 00:10:42,060 --> 00:10:44,200 There is a current ongoing competition 304 00:10:44,200 --> 00:10:46,230 for the National Institute of Science and Technology 305 00:10:46,230 --> 00:10:48,300 to pick one, to become the standard. 306 00:10:48,300 --> 00:10:51,530 And that's supposed to be done by 2022. 307 00:10:51,530 --> 00:10:53,770 The next thing we want to talk about is ephemeral. 308 00:10:53,770 --> 00:10:56,940 When we talk about ephemeral cryptography or ephemeral keys, 309 00:10:56,940 --> 00:10:58,640 we're talking about a cryptographic key 310 00:10:58,640 --> 00:11:00,430 that's generated for each execution 311 00:11:00,430 --> 00:11:02,650 of a key establishment process. 312 00:11:02,650 --> 00:11:04,840 Essentially, when you hear the word ephemeral, 313 00:11:04,840 --> 00:11:07,710 I want you to think about the fact that it is short-lived, 314 00:11:07,710 --> 00:11:08,740 it's something we're going to pick 315 00:11:08,740 --> 00:11:10,910 for a short period of time and then throw away. 316 00:11:10,910 --> 00:11:12,210 If you think back to network plus, 317 00:11:12,210 --> 00:11:14,070 we talked about ephemeral ports. 318 00:11:14,070 --> 00:11:16,050 We pick a port, we use it to create 319 00:11:16,050 --> 00:11:17,310 a connection to the web server, 320 00:11:17,310 --> 00:11:18,640 and then when we're done with that session, 321 00:11:18,640 --> 00:11:21,080 we throw it away and we close that port. 322 00:11:21,080 --> 00:11:23,280 The same thing with an ephemeral key. 323 00:11:23,280 --> 00:11:24,960 Now, when we deal with ephemeral keys, 324 00:11:24,960 --> 00:11:27,420 these are short-lived and they're using things 325 00:11:27,420 --> 00:11:30,100 like the key exchange for WPA3. 326 00:11:30,100 --> 00:11:32,670 This is used to create that perfect forward secrecy 327 00:11:32,670 --> 00:11:35,020 that we talked about back in our wireless lessons. 328 00:11:35,020 --> 00:11:37,810 Next, we need to talk about homomorphic encryption. 329 00:11:37,810 --> 00:11:40,570 Now, homomorphic encryption is an encryption mechanism 330 00:11:40,570 --> 00:11:42,450 that allows calculations to be performed 331 00:11:42,450 --> 00:11:45,100 on data without decrypting at first. 332 00:11:45,100 --> 00:11:46,540 And this is pretty cool. 333 00:11:46,540 --> 00:11:48,460 Now we're not going to get into the technical details 334 00:11:48,460 --> 00:11:49,470 of how this works. 335 00:11:49,470 --> 00:11:51,740 If you're interested in that you can Google this 336 00:11:51,740 --> 00:11:52,970 and learn it on your own. 337 00:11:52,970 --> 00:11:53,990 But for the exam, 338 00:11:53,990 --> 00:11:56,270 when you talk about homomorphic encryption, 339 00:11:56,270 --> 00:11:58,230 I want you to think about the fact that this is a good thing 340 00:11:58,230 --> 00:12:00,820 to use with your cloud providers if they offer it. 341 00:12:00,820 --> 00:12:03,380 Now, the reason is because homomorphic encryption 342 00:12:03,380 --> 00:12:05,350 can be used for privacy-preserving, 343 00:12:05,350 --> 00:12:07,450 outsourced storage and computation. 344 00:12:07,450 --> 00:12:08,780 Now, if you have a cloud provider 345 00:12:08,780 --> 00:12:10,140 who needs to work on your data, 346 00:12:10,140 --> 00:12:11,290 and you can encrypt it with something 347 00:12:11,290 --> 00:12:13,490 that supports homomorphic encryption, 348 00:12:13,490 --> 00:12:15,650 they can still do the calculations for you 349 00:12:15,650 --> 00:12:19,010 without ever seeing the data that's inside that encryption. 350 00:12:19,010 --> 00:12:21,420 And that's the idea of homomorphic encryption 351 00:12:21,420 --> 00:12:23,770 and why it provides us some additional privacy.