FPS comments, for people like me who can't read quite that quickly (I think this is all of them): oops, 2.5 fps - sorry! strong cct vibes frame-rate mismatches are painful huh maybe you're wondering how this happened? because 2.5fps is rather an unusual framerate this camera was used for a different piece of work sean (the fool) forgot to check the settings normally this camera (a canon xa50) stays in the bag for computerphile shoots but, having used it to timelapse something it was set to 4k 25fps but on a 10x settings maybe an ai frame interpolator can help... or make mike look like 'the flash' better, or worse? i kinda like it...
Thank you for this! I now just need to block out the bottom half of my screen, so they do not distract me anymore. -- Edit: @Computerphile I don't mind reading the explanation, but please, not like this. The short, almost subliminal-like messages making your 2.5 FPS excuses at the bottom of the screen were very distracting from the lecture itself. Had to constantly pause/rewind. Basically, I forced myself to watch a sup bar video twice.
2.5fps with that smooth transition is absolutely trippy and satisfactory. Especially when writting, the text just pops up into existence randomly, amazing
Funnily enough I was maxing my CPU at 100% compiling software inside docker containers and I thought I had glitched something, even though my browser was "niced". I niced the container and pressed back to watch it again, it was funny.
For me it kinda looks like writing in cheap animations, where the hand just slides in the writing direction, bobbing up and down a little randomly and the text just appears behind it.
The idea of pre-computing a large part of the decryption for each prime number is similar to how GSM and later mobile phone encryption systems were broken - we called the pre-computed data ‘Rainbow Tables’
@@iammeok yes, they are often called that way, but the term is misused in that case imo. Those are simply hash tables, while rainbow tables use a mechanism of chaining reduction functions, as described in Oechslin‘s paper from 2003.
The real problem with mobile phone encryption (at least back in the GSM days) was that it was made deliberately weak due to pressure from spy agencies.
If you're wondering how pi was used to get a prime, there should be rounding down (floor) brackets in there. From RFC 2409: "The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. Its hexadecimal value is FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 FFFFFFFF FFFFFFFF"
@@threeMetreJim RFCs are technical documents used for things like internet protocol definitions. I'd start by looking at RFC 2409. If not, I believe there's at least one method to verify whether a number is prime. They shouldn't be hard to find.
It's not a property of the prime number itself. The key exchange requires the choice of two separate, publically-disclosable numbers: the giant prime that was mentioned, and a generator, which is allowed to be small
Outstanding vid, it's great that people can get such an approachable insight into not only what goes on behind the scenes of something they do every day, but the to and fro of the conflict that is being carried out to break (and keep safe) their communications.
I remember being tasked at the time with building a group policy for our windows servers to remove compromised cipher suites as available options. Its cool to finally understand what was really going on with that, since at the time all I understood was there was a downgrade attack that was possible.
A safe prime in RFC is "probably" broken.. and now elliptic curve is used, but, as far as I remember some defaults for elliptic curve are part of RFC and it was mentioned in an older Numberphile video that elliptic curve might be broken too..
You simply configure the server to not permit weak schemes. open vpn server actually allows to define a dhparam file. I use a 4096 bit one, it contains p and g, were p is the 4096 bit public prime and g is the generator. Just generating the prime took a few dozen minutes.
Seriously... why is there a Pi in the prime for Oakley Group 2? I think even 2Blue1Brown would have sleepless nights tracking down the hidden circle in that little nugget.
Lol I love the little text explanations in the corner of the video about the atrocious 2.5 FPS issue 😂 make sure to give Sean two and a half smacks, one for each frame per second lmao
Sounds like bit encryptions should be upgraded to say 16k bit encryptions for the foreseeable future and then later 128k bit encryptions, sure it sounds a bit ridiculous but on the other hand by the time the encryptions are broken the information would likely be no longer valuable.
I remember hearing that there is people (probably governments?) just stockpiling encrypted data in the hopes that they'll be able to use quantum computing to just decrypt all of it a few years from now.
One would hope that in 2023 servers would be smart and simply refuse to use known-weak ciphers. Although I suspect many servers still have to support weaker ciphers because they have to support ancient clients that themselves only support weaker ciphers (e.g. people stuck with ancient smartphones that don't support the latest stuff or people stuck on things like Windows XP for some reason)
Too much beer - I felt I understood most of that. My appreciation of both purple pens and the security algorithms definitely increased - it all seems very cerebral until you realise that your own credit card details are at stake.
Iffy. With all the database breaks, I have to assume ALL of my information is out in the wild. While this is useful for particular instances (nation state snooping), on the whole, security is shot.
So if we assume nation starts are collecting data right now using 2000bit keys for encryption, given current processing power gains, when would a nation state sized bad actor be able to break these? Can you build dedicated asics to do this even faster than using general purpose hardware?
I wonder if there's been any studies on how many years it would take to break 2000 bit primes compared to processing power capabilities over the next 30 years.
Nothing like a new Mike Computerphile video :D
Even in 2.5 FPS!
Yes the FPS were kind of creepy....
…talking about cryptography ❤
Yeah...I got interested in cryptography because of this guy
Didn't know Mike had changed his last name, that's some serious dedication!
FPS comments, for people like me who can't read quite that quickly (I think this is all of them):
oops, 2.5 fps - sorry!
strong cct vibes
frame-rate mismatches are painful huh
maybe you're wondering how this happened?
because 2.5fps is rather an unusual framerate
this camera was used for a different piece of work
sean (the fool) forgot to check the settings
normally this camera (a canon xa50)
stays in the bag for computerphile shoots
but, having used it to timelapse something
it was set to 4k 25fps but on a 10x settings
maybe an ai frame interpolator can help...
or make mike look like 'the flash'
better, or worse? i kinda like it...
Thanks for this :) -Sean
Lol I saw the first one, but didn't even notice I was missing any others
Reminds me times when as a teenager I attempted to load the latest games on an outdated PC. Humbling experience ;)
Thank you for this! I now just need to block out the bottom half of my screen, so they do not distract me anymore. -- Edit: @Computerphile I don't mind reading the explanation, but please, not like this. The short, almost subliminal-like messages making your 2.5 FPS excuses at the bottom of the screen were very distracting from the lecture itself. Had to constantly pause/rewind. Basically, I forced myself to watch a sup bar video twice.
Somehow, I kind of like the 2.5fps, but maybe the explanation is better at the very end.
That's some serious powerpoint at the paper drawing scenes.
I enjoyed the little side-plot at the bottom
@@rhoharane 2:59
@@rhoharane 6:04
2.5fps with that smooth transition is absolutely trippy and satisfactory. Especially when writting, the text just pops up into existence randomly, amazing
Funnily enough I was maxing my CPU at 100% compiling software inside docker containers and I thought I had glitched something, even though my browser was "niced". I niced the container and pressed back to watch it again, it was funny.
@@monad_tcp Haha
Actually I was starting to think this was AI generated :P
For me it kinda looks like writing in cheap animations, where the hand just slides in the writing direction, bobbing up and down a little randomly and the text just appears behind it.
Magic marker :)
The idea of pre-computing a large part of the decryption for each prime number is similar to how GSM and later mobile phone encryption systems were broken - we called the pre-computed data ‘Rainbow Tables’
Rainbow tables exist in a lot of contexts and are quite an old concept.
The tables containing precomputed hashes (for password cracking) are also referred to as Rainbow tables.
@@iammeok yes, they are often called that way, but the term is misused in that case imo. Those are simply hash tables, while rainbow tables use a mechanism of chaining reduction functions, as described in Oechslin‘s paper from 2003.
The real problem with mobile phone encryption (at least back in the GSM days) was that it was made deliberately weak due to pressure from spy agencies.
Fry: Not sure if B-roll footage is 2.5fps, or…
…my heart is just THAT excited to see another Dr. Poundtown cryptography/attack video on Computerphile.
Glad i want the only one seeing that.
It says so on the video
@@santiagog UA-cam mobile makes it really dumb to read the descriptions beyond about 4 words.
@@Cynyr It's literally on screen 1:00
Some footage is being downgraded to 2.5 FPS by a malicious actor ;)
If you're wondering how pi was used to get a prime, there should be rounding down (floor) brackets in there. From RFC 2409:
"The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
Its hexadecimal value is
FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381
FFFFFFFF FFFFFFFF"
Thank you, I was wondering how a transcendental number could possibly be part of a prime.
What calculation was used to prove that it is a prime number?
how do we know [ ] means round to the nearest and not round downwards? This could introduce an off by one error.
@@charlieangkor8649 Square brackets only mean round down. I've edited my comment to clear that up.
@@threeMetreJim RFCs are technical documents used for things like internet protocol definitions. I'd start by looking at RFC 2409. If not, I believe there's at least one method to verify whether a number is prime. They shouldn't be hard to find.
I could listen to Mike all day 🎉🎉
7:03 due to the accidental low framerate, it looks like Mike writes "mod" by drawing a straight line
The man in the middle managed to corrupt the paper and pen scenes 😂
"And it has a generator of 2" Such an unremarkable number for such a remarkable prime
It's not a property of the prime number itself. The key exchange requires the choice of two separate, publically-disclosable numbers: the giant prime that was mentioned, and a generator, which is allowed to be small
i was expecting him to add the whole "floor" or something since he put pi in the prime generation and that definitely can't be a whole number.
"Such an unremarkable number" 2 is the MOST interesting number out there. wdym?
How is it a prime if it's times by/added to pi in there? isn't pi transcendental?
@@isaaccunningham2042 probably floor to remove the decimal part
Outstanding vid, it's great that people can get such an approachable insight into not only what goes on behind the scenes of something they do every day, but the to and fro of the conflict that is being carried out to break (and keep safe) their communications.
I remember being tasked at the time with building a group policy for our windows servers to remove compromised cipher suites as available options. Its cool to finally understand what was really going on with that, since at the time all I understood was there was a downgrade attack that was possible.
Well now we need a video on how number field sieve works!
4:03 "the p looks a bit small"
heard that one before
Mike's explanations are just the best everytime
13:37 Mike... Stop. Promising. Videos. you are a computerphile hydra at this point 😂
Hydra... 🤔🤔 They should do a video on hydra as well if they haven't
I Remember this my university’s research team worked on this attack!
3:26 You wasted a golden opportunity for "It's an older code, sir, but it checks out."
The 2.5fps subtitles could have referenced a møøse
A møøse once bit my sister...
appreciate the unexpected bonus content about FPS issues :)
You know it's a good day when Mike uploads a video
Love Computerphile videos. Keep up the good work.
Mike, the hero of explaination.
The Canon subplot was fun
Thanks for the very clear presentation.
14:48 well that looked pretty magical! I wish I could write at 2 fps 😊
Geez that slow FPS made me replay those sections. Thanks for the comments, I was ready to diagnose my network.
Love the step that's just called "Linear Algebra"
These guys are freaking awesome!
Computerphile is amazing! I'm so grateful for new vids 😍
This is absolute gold. Many thanks Dr. Mike😊
Love this video and how it's explained even with the technical issues it was still really interesting and engaging
Would love to see some videos around optimization, specifically LP/ MILP solvers, branch and bound, feasibility pump, etc.
These always baffle me at least a bit, but I enjoy watching them all.
Absolutely loved this, great to hear you speak about this subject
I see the poundmiester, im watching it
Log Jammin is a highly underrated film by Jackie Treehorn
The big lebowski, I understood that reference!
The man in the middle turned out be an expert. Would someone please flush my brain?
Mike’s taught me more than all my professors combined
This video have amaizing "dreamy" vibe in it.
Imagine how pucker-inducing dropping a paper like this is for security professionals. 😄
There is nothing more devious than the malicious purple pen.
Very interesting and meaningful video. Good to know the Internet moved away from this potentially insecure versions. Thank you!
Spot on and thoroughly entertaining - Thanks for putting this together!
I've gotten addicted to computerphile
The 2.5 fps writing is weirdly cool. It’s like Mike is a speedster who has to slow down so we can see his work
I love this guy!
A safe prime in RFC is "probably" broken.. and now elliptic curve is used, but, as far as I remember some defaults for elliptic curve are part of RFC and it was mentioned in an older Numberphile video that elliptic curve might be broken too..
With the 2.5fps storyline going on, this was like 2 videos in one!
Does this fall under the category of the law of unintended consequences, regarding the original decision to limit exporting of powerful encryption?
Mike delivered as always.
You simply configure the server to not permit weak schemes. open vpn server actually allows to define a dhparam file. I use a 4096 bit one, it contains p and g, were p is the 4096 bit public prime and g is the generator. Just generating the prime took a few dozen minutes.
Finally Dr Mike Pound! Love the guy :)
NSA: Sorry Timmy. It's more important that we use that money to read your parent's emails rather than give you food and healthcare.
Fascinating! Thank you for this good story, nicely explained as always 👍
Seriously... why is there a Pi in the prime for Oakley Group 2? I think even 2Blue1Brown would have sleepless nights tracking down the hidden circle in that little nugget.
The formula doesn't even return an integer. Unless it assumes some finite precision of decimals?
The hard brackets notation around [2^894 * pi] indicates that it should be rounded to the nearest integer.
He uses round brackets in the video, not hard/square.
This is Computerphile, not Numberphile. They don't know that pi is an irrational number.
@@InappropriatePolarbear And if it's 1.50 what is the value of [1.50]? And [-1.50] ?
The 🐐 Dr. Mike Pound
You missed the opportunity to make "Log jammin'" jokes
2:22 If it hasnt been done already, I think a video about the Crypto Wars would be a really interesting topic to have on computerphile.
good thing 99% of people can't see over 2.5 fps
Lol I love the little text explanations in the corner of the video about the atrocious 2.5 FPS issue 😂 make sure to give Sean two and a half smacks, one for each frame per second lmao
Do mathematicians into BDSM use a safe prime?
So what you're saying is that Uplink was actually quite accurate!
@4:04 "They just noticed the P looks a bit small. Eh"
- story of my life
Ah young Diffy Hellman lad, always getting into a spot of bother. His parents were quite mad!
Frame In The Middle
Never thought Computerphile would be talking about Logjammin' :D
Hi Dr. Pound! Hi Sean!
Lesson : If it's just beyond the edge of possibility , assume its already been done ...
Computerphile is ahead of the elliptic curve
Sounds like bit encryptions should be upgraded to say 16k bit encryptions for the foreseeable future and then later 128k bit encryptions, sure it sounds a bit ridiculous but on the other hand by the time the encryptions are broken the information would likely be no longer valuable.
I also knew Mike was a super hero. Never knew he was The Flash!
I love this channel. Fascinating stuff.
These things make me wonder if there are already similar attacks done and most importantly the threat of storing data to decrypt later.
I remember hearing that there is people (probably governments?) just stockpiling encrypted data in the hopes that they'll be able to use quantum computing to just decrypt all of it a few years from now.
Not the malicious purple pen!
Man I feel nostalgic now 🙂
4:03 I like this phrase taken out of the context😂
The frame rate is slow but the image is very sharp, I think is better than the usual
Brilliant 😊
Amazing
One would hope that in 2023 servers would be smart and simply refuse to use known-weak ciphers. Although I suspect many servers still have to support weaker ciphers because they have to support ancient clients that themselves only support weaker ciphers (e.g. people stuck with ancient smartphones that don't support the latest stuff or people stuck on things like Windows XP for some reason)
I have a question. Back in 2015 when they used the 1024 bit security, couldnt they just use the 2000 one? Why go fir the lower?
Too much beer - I felt I understood most of that.
My appreciation of both purple pens and the security algorithms definitely increased - it all seems very cerebral until you realise that your own credit card details are at stake.
Iffy.
With all the database breaks, I have to assume ALL of my information is out in the wild. While this is useful for particular instances (nation state snooping), on the whole, security is shot.
So if we assume nation starts are collecting data right now using 2000bit keys for encryption, given current processing power gains, when would a nation state sized bad actor be able to break these?
Can you build dedicated asics to do this even faster than using general purpose hardware?
Encryption grows at 2^n
2000 bit encryption wouldnt be broken
hahaah I had just seen that interview a week ago, how lucky
I wonder if there's been any studies on how many years it would take to break 2000 bit primes compared to processing power capabilities over the next 30 years.
He would almost be the perfect teacher if it wasn't for the weird way he writes his "p"
10:45 blew my mind... it's the same number every time?!
Please make a video on ring signatures and RingCT.
Please make a video about lattice-based cryptography...
5:16 hurt my brain with that artifact.
Neat. And terrifying
Dr. Mike Hungus presents : Logjammin'
Guys, CCTV POV is an artistic choice.
So when on Sept 10, 2001 they said they lost 2.3 Trillion dollars, i wonder how many heavy decryption machines were made?
Weird that the RFC specifies the base in a 1-digit number. Not necessary as far as I'm aware.
I mean, as a client, i always notice the small P
Is there a video on how these videos are edited and made? This is a really clear way to convey a topic..
You can stop listening at 6:00 you have gotten the gist of it.
You could have said "do the diffie hellman" was a dance move and i would have believed it
the ai interpolation helped a ton -- no more seasickness, at least