"If I wanted to send you something and you want to make sure it came from me, I would encrypt with my private key and only my public key can decrypt". Not exactly, this is not "encryption" per se, this is called signature. You sign with your private key and the public key confirms the message came from you. The message contents might still be intercepted. If you want confidentiality, you need to encrypt the message with the recipient public key and only the recipient private key can decrypt.
yeah, thats what I was thinking. I assume he wanted to simplify to convey the general idea. Im sure the fact that RSA decryption and signing, and encryption and verification are the same fundamental algorithms respectively :p
Thanks, I was so confused. If I were to encrypt stuff with my private key and my public key can decrypt it what would even the point in encrypting it in the first place? It’s not secure lol.
I'm so glad i found your videos. I just graduated with my degree in IT and realized i had a lot of theoretical knowledge and not much hands in experience and there are some many topics you've discussed in more detail than my classes were able to. Watching your videos exposed me to how much more knowledge there is for me to gain.
Hi, David! I’m now studying IT-security and your videos help me a lot to understand the things I couldn’t catch on my lections. Thank you for your videos.
Most lecturers upload a single piece of paper with questions and expect the students to research and do the entire assignment in Harvard standards without teaching anything.
Encrypt with your private key is not how you should call it. That operation is called signing. To encrypt something you use a public key of someone else (or establish a shared secret and use that) and you could also sign it with your private key.
Technically you do can decrypt anything with the private key as well (or by having it to be precise), as it contains the modulus and public exponent, which is the base for the public key derivative.
Private Key Encryption - Document signing where docs are signu using Private key and anyone can validate it with public key. Public Key Encryption- Whatsapp - Sender encrypt message with ReceiptA's public and only ReceiptA can decrypt it with their private key.
If you want to share data with a user A, to maintain confidentiality and non repudiation, you need need encrypt the data with User A's public key, the user A can decrypt with user A's private key
I like to think of it as real keys and locks. Imagine everyone has an unpickable lock of their own and a key to open their and only their lock. They each has access to each other's lock but not their key. And for example, when you want to send your friend a package, you take their lock and lock the package then ship it. Now no one's gonna be able to open it because they don't have the key for your friend's lock. And when it arrives, your friend takes that lock and open it with their key. Same goes for private and public keys. You get your friend's public key and encrypt the data with it before sending. And when they receive the data, they decrypt it with their private key. This is mostly used for ssh authentication and e2e encryption. Also like demonstrated in this video, you sign something with your private key and other people use your public key to verify if it's really you. It's called digital signature.
I think you might have made it a bit confusing for some on this. The public is typically used to encrypt the data and the private is used to decrypt it. If someone wants to talk to you then they get your public key to encrypt their message to you then when that’s sent over then you will be available to use your private key to decrypt it.
0:50 _"smth encrypted with pub-key can only be decrypt with priv-key. smth encr with priv-key can only be decr with pub-key"_ ohhhhhw, it goes both ways.... aaahw. i didnt know that. thats why i got confused. as pub-key encr is required when a sender wants to send u a confidential info. but priv-key encr is required when u want to establish trust-of-origin-source, say when distributing a software or a mass message. finally i learnt smth new from ur videos after so long. what a blast 😇😇
I am probably misunderstanding but a public key is only used for encryption. It can then only be decrypted by the private keys. If you go the other direction the other person must encrypt with your public key.
Just correcting david not to make fun of him or to be disrespectful because i really like his content and learn from him. Basically public key goes one way it can only encrypt for it's private key, private key can do both encrypt or decrypt. If public key was able to decrypt something. it won't be publicly accessible like david was able to retreive public key from ssl cert in the video that's the whole point.
Ok but it doesn't make sense, since the package is encrypted with the private key and the public key is, well, public, then anyone who has your encrypted package can decrypt it using the private key. Plus, you first have to send the private key right ?? So you will literally share your private key on the first connection without it being encrypted, so it's not so private anymore. So I still don't understand how do these keys work to make data transfers secure ??
This is how TLS is utilized in many cases; A receiver will initiate a request to a website by; ENCRYPTing their public key with the website's public key, received from their certificate. The website will then; DECRYPT the payload with their private key, Providing the website with the receivers public key. The website will then; ENCRYPT the data requested with the receivers public key, The receiver will then; DECRYPT the data received from the website with their private key.
Literally same with your email Public key is your email address.. its is accessible and available Private key is your email password. when someone is sending you a message using your email address ( Public key) and only your private key can decrypt it (Your password to access and see it) and when you will need to send it using your private key (when you are connected to your email accoun and you write your email) and it uses your public key to send your message to the other person ( your email address when it appears to the messages of the other person mailbox) that is your public key.
Asymmetric encryption is at risk of failing in the next decade due to advances i quantum computing. I recommend IT security experts at least begin to inform themselves about Post-Quantum/Quantum Safe cryptography. Even if you don't personally perceive it as a large threat, government and security agencies do and eventually it will be mandatory to switch to those new methods.
It's wrong... if we do something with the private key first then it is called signing where the public key can be used to verify. To encrypt, you need to do it with the public key then the contents can be deceypted using the private key.
So it goes both ways? I always thought only Data encrypted with a public key could be decripted with the corresponding private key, Not the other way around!
Bro its the other way around. The sender can send something to you that they encrypt with your public key and only you as the recipient can decrypt it with your private key
If I use pub key from google, then only google can see it. That's what's happening on the browser when I send data to backend, but when we get data from google?
Not quite. Unfortunately while using Google's certificate as an example of a public key is useful to set context, when it's used as part of an https (or other TLS) session it's a lot more complicated. You want to look at DH Key Exchange.
I'm studying for my Sec+, and not an expert but basically... Google is a certificate authority (a root CA), so they can issue certificates to domains including thier own, using a public/privatekey signing process. They or another CA can issue certificates to your browser as well. Then they will run the hashing algorithms, as long as the as the keys work and none of the of the certificates are on the CRL (certificate revocation list), you will be able to decrypt any info that comes from Google or any approve site.
yeah, but how do you provide the clients with the public key without the message been intercepted because the attackers have access to the same public key?
Yes, the purpose of cryptography like this isn't to hide information but to verify that a message came from you. Going the other way, though, anybody can encrypt a message with your public key, and then you'll be the only person who can decrypt and read it (unless your private key gets stolen).
@@Soundwave-F7Z there are other types of encryption for that-essentially, information is as secure as the key needed to unlock it, so if a public key can unlock it, it's not secure. If you wanted to hide data, you'd use a key that others _don't._ Even signing it with your own public key would accomplish that.
It was said a bit inaccurate in the video. It's not quite like an encryption, but a signature. By signing with his private key, he does not release any information about the private key, but everyone on the internet can verify that it was sent by him, because the public key will only fit to his signature.
Wrong!!! You create a session key, encrypt the message, then encrypt the session key with public key. You dont’r try to encrypt a message with a 1024/2048 public key.
So does that mean if someone intercepts my document that is encrypted with my private key, and gets hold of my public key, he can open the document? If So, then a hacker just needs to intercept the document and the public key
Did you know this? And that digital signatures use private and public keys?
Yes
Had to learn this when I became a middleware admin. What tripped me up later in my career was cross-signed certificates.
@@mr2ti41be me 😂 my head spins
It's the central premise of the Public Key Infrastructure (PKI).
Yes I playing with this back in 2000 when i did some code in VB based on rsa cryptography
Thanks David, please make more videos on Cryptography for beginners.
Do you want more shorts? Or long form videos? Or both?
@@davidbombal A long video on this would be great!
@@davidbombalboth would be fantastic
@@davidbombalthis short was very beneficial for me as a beginner in the crypto world!
Both. But more about creating your own private keys.
"If I wanted to send you something and you want to make sure it came from me, I would encrypt with my private key and only my public key can decrypt". Not exactly, this is not "encryption" per se, this is called signature. You sign with your private key and the public key confirms the message came from you. The message contents might still be intercepted. If you want confidentiality, you need to encrypt the message with the recipient public key and only the recipient private key can decrypt.
yeah, thats what I was thinking. I assume he wanted to simplify to convey the general idea. Im sure the fact that RSA decryption and signing, and encryption and verification are the same fundamental algorithms respectively :p
😂 I was thinking where the encryption/decryption here
Thanks, I was so confused.
If I were to encrypt stuff with my private key and my public key can decrypt it what would even the point in encrypting it in the first place? It’s not secure lol.
I am now about 13 years in IT career, i always love your way of simplifying things, your shorts are very short and useful, thank you 😊
I'm so glad i found your videos. I just graduated with my degree in IT and realized i had a lot of theoretical knowledge and not much hands in experience and there are some many topics you've discussed in more detail than my classes were able to. Watching your videos exposed me to how much more knowledge there is for me to gain.
Hi, David! I’m now studying IT-security and your videos help me a lot to understand the things I couldn’t catch on my lections. Thank you for your videos.
Most lecturers upload a single piece of paper with questions and expect the students to research and do the entire assignment in Harvard standards without teaching anything.
This made my understanding of keys even better. Simple but effective explanation! Thank you!!
Computerphile has a very good video explaining exactly how public and private keys word with some good analogies.
Encrypt with your private key is not how you should call it. That operation is called signing. To encrypt something you use a public key of someone else (or establish a shared secret and use that) and you could also sign it with your private key.
You may think that your explanations helped out but I only heard many times private key and public key😂
Can kind of think of it as a PO box system. The post office has a public key. Individual box owners have private key
Technically you do can decrypt anything with the private key as well (or by having it to be precise), as it contains the modulus and public exponent, which is the base for the public key derivative.
This was explained better than I've ever heard before. Well done!
I have fd over many times with mobiles bc i dont properly understand what im doing. so now i will follow and study your vids.
Thankyou mate
Private Key Encryption - Document signing where docs are signu using Private key and anyone can validate it with public key.
Public Key Encryption- Whatsapp - Sender encrypt message with ReceiptA's public and only ReceiptA can decrypt it with their private key.
better explanation than video!
Thanks excellent well explained
If you want to share data with a user A, to maintain confidentiality and non repudiation, you need need encrypt the data with User A's public key, the user A can decrypt with user A's private key
I like to think of it as real keys and locks.
Imagine everyone has an unpickable lock of their own and a key to open their and only their lock. They each has access to each other's lock but not their key. And for example, when you want to send your friend a package, you take their lock and lock the package then ship it. Now no one's gonna be able to open it because they don't have the key for your friend's lock. And when it arrives, your friend takes that lock and open it with their key.
Same goes for private and public keys. You get your friend's public key and encrypt the data with it before sending. And when they receive the data, they decrypt it with their private key.
This is mostly used for ssh authentication and e2e encryption.
Also like demonstrated in this video, you sign something with your private key and other people use your public key to verify if it's really you. It's called digital signature.
I think you might have made it a bit confusing for some on this. The public is typically used to encrypt the data and the private is used to decrypt it. If someone wants to talk to you then they get your public key to encrypt their message to you then when that’s sent over then you will be available to use your private key to decrypt it.
0:50 _"smth encrypted with pub-key can only be decrypt with priv-key. smth encr with priv-key can only be decr with pub-key"_
ohhhhhw, it goes both ways.... aaahw. i didnt know that. thats why i got confused.
as pub-key encr is required when a sender wants to send u a confidential info. but priv-key encr is required when u want to establish trust-of-origin-source, say when distributing a software or a mass message.
finally i learnt smth new from ur videos after so long. what a blast 😇😇
I am probably misunderstanding but a public key is only used for encryption. It can then only be decrypted by the private keys. If you go the other direction the other person must encrypt with your public key.
Just correcting david not to make fun of him or to be disrespectful because i really like his content and learn from him.
Basically public key goes one way it can only encrypt for it's private key, private key can do both encrypt or decrypt.
If public key was able to decrypt something. it won't be publicly accessible like david was able to retreive public key from ssl cert in the video that's the whole point.
Thank you so much , learned so much from you!!! ❤
Ok but it doesn't make sense, since the package is encrypted with the private key and the public key is, well, public, then anyone who has your encrypted package can decrypt it using the private key. Plus, you first have to send the private key right ?? So you will literally share your private key on the first connection without it being encrypted, so it's not so private anymore. So I still don't understand how do these keys work to make data transfers secure ??
Thanks for making it more complicated 😕
💓 Love from Chennai, India.
I like this. I may need to rewatch it on a much slower rate but that's on me 😂 👍
This is how TLS is utilized in many cases;
A receiver will initiate a request to a website by;
ENCRYPTing their public key with the website's public key, received from their certificate.
The website will then;
DECRYPT the payload with their private key,
Providing the website with the receivers public key.
The website will then;
ENCRYPT the data requested with the receivers public key,
The receiver will then;
DECRYPT the data received from the website with their private key.
Wow sir you are great love from india ❤❤
Literally same with your email
Public key is your email address.. its is accessible and available
Private key is your email password.
when someone is sending you a message using your email address ( Public key)
and only your private key can decrypt it (Your password to access and see it)
and when you will need to send it using your private key (when you are connected to your email accoun and you write your email) and it uses your public key to send your message to the other person ( your email address when it appears to the messages of the other person mailbox) that is your public key.
And big tech guys then behind scenes decrypt all basically ! Lol 😅
Sooo a private key is kinda like your signature, and the public key is a confirmation tool for your signature
That's why my private place can only be open by a public key.
_THATS WHAT SHE SAID_
ahahahahhahaha
I think the formula is interesting as well.
Asymmetric encryption is at risk of failing in the next decade due to advances i quantum computing. I recommend IT security experts at least begin to inform themselves about Post-Quantum/Quantum Safe cryptography. Even if you don't personally perceive it as a large threat, government and security agencies do and eventually it will be mandatory to switch to those new methods.
Public key = Doorlock you can hand out
Private key = Key to said door you should keep safe
It's wrong... if we do something with the private key first then it is called signing where the public key can be used to verify. To encrypt, you need to do it with the public key then the contents can be deceypted using the private key.
So it goes both ways? I always thought only Data encrypted with a public key could be decripted with the corresponding private key, Not the other way around!
When used the other way around it's usually referred to as 'signing'.
It's how you can verify software you're unsure about
@@aronm5329Verify what aspect of the software ?
Bro its the other way around. The sender can send something to you that they encrypt with your public key and only you as the recipient can decrypt it with your private key
Thanks for confusing a little more ❤
Awesome thanks ❤
Quantum computers have entered the chat for deciphering encryption.
This is just PGP I had to learn it for TOR
Okey I'm listening
If I use pub key from google, then only google can see it. That's what's happening on the browser when I send data to backend, but when we get data from google?
Not quite. Unfortunately while using Google's certificate as an example of a public key is useful to set context, when it's used as part of an https (or other TLS) session it's a lot more complicated. You want to look at DH Key Exchange.
I'm studying for my Sec+, and not an expert but basically...
Google is a certificate authority (a root CA), so they can issue certificates to domains including thier own, using a public/privatekey signing process. They or another CA can issue certificates to your browser as well. Then they will run the hashing algorithms, as long as the as the keys work and none of the of the certificates are on the CRL (certificate revocation list), you will be able to decrypt any info that comes from Google or any approve site.
You should go into ps5 jailbrake scene 😂
Not confusing at all. I clearly understand that I have no clue what you're talking about.
We use this daily in winscp for file sharing via sftp 22 port
yeah, but how do you provide the clients with the public key without the message been intercepted because the attackers have access to the same public key?
Still I don't know how its works? How 2 different keys used to lock and unlock the same thing ( in terms of encryption)
I only listened key, key, key, key, key, key, public and private
So If you encrypt a message with your private key, that means anybody with your public key can decrypt it?
Yes, the purpose of cryptography like this isn't to hide information but to verify that a message came from you.
Going the other way, though, anybody can encrypt a message with your public key, and then you'll be the only person who can decrypt and read it (unless your private key gets stolen).
@@jjpaq so if it’s purpose is not to hide information and only verify, then how do you hide it?
@@Soundwave-F7Z there are other types of encryption for that-essentially, information is as secure as the key needed to unlock it, so if a public key can unlock it, it's not secure.
If you wanted to hide data, you'd use a key that others _don't._ Even signing it with your own public key would accomplish that.
@@Soundwave-F7ZYou encrypt with recipient's public key, and only the recipient can decrypt with their private key.
@@jjpaqthis is not really encryption. This is just message signature to ensure authenticity of sender
Wow..thanks alot.
More obviosly it will be with some commands in shell.
Could you show it that way?
Desr UA-cam algorithm, please Show me more reels like this please.
Proton Mail
Asymmetric encryption
Really simple explanation for a complex topic. Thanks.
If it can be decrypted with Public key, then anyone in the internet can decrypt the data...
It was said a bit inaccurate in the video. It's not quite like an encryption, but a signature. By signing with his private key, he does not release any information about the private key, but everyone on the internet can verify that it was sent by him, because the public key will only fit to his signature.
@@Chronologist89 Yes...What he is mentioning are signatures
my brain hurts 😵
Maybe I am asking the wrong question, but which data are shared this way?
thats so true do you do java
i need more of these videos!
You want to team up are you still looking for the trazor bridge
Major Key Alert!!
still confusing
🥶
Hi, I am trying to code sign efi file on my arch linux using my safenet code signing token but not able to do so can anyone help me with that?
You are taking about signature not confidentially and non-repudation
Still confused
So if a hacker has the publoc key, he can decrypt the data?
The public key is public. Everybody can have it. You don’t need to be a hacker.
Can we Crack wifi passwords without using any adapter?
i listen only pub pub pub pub public key
1
😂😂 still don't understand
Pgp
Can you fix it if I accidentally sent a private key on accident `π`|π-;
Create new keys
sorry what?? key key key?
Public key 🗝
Wrong!!! You create a session key, encrypt the message, then encrypt the session key with public key. You dont’r try to encrypt a message with a 1024/2048 public key.
I've 46% hs rate but damn i lack confidence like yours on the omen kill
So does that mean if someone intercepts my document that is encrypted with my private key, and gets hold of my public key, he can open the document? If So, then a hacker just needs to intercept the document and the public key
I really got the windows 10 activation key from chat gpt
Does private key have only one public key? @davidbombal