Lecture 6: Data Encryption Standard (DES): Key Schedule and Decryption by Christof Paar

Поділитися
Вставка
  • Опубліковано 16 лис 2024

КОМЕНТАРІ • 136

  • @Zenwork
    @Zenwork 10 років тому +157

    I did just panic for the first 10 seconds in German.. Thank you for your effort appreciated

  • @chrispap2292
    @chrispap2292 5 років тому +22

    I love the structure of this class. It is very important to stop and wonder every now and then why we learn certain things and where is their place in the big picture. I am in a cryptography class (grad student) and this series helps me put all the pieces together. Great professor.

  • @anythingeverything6610
    @anythingeverything6610 8 років тому +16

    I am doing my masters in computer science 'information security' , thank god i find your video on DES ... it is really awesome....and fun learning to. And yes it does help when u say wake up!....:P...thank u once again..:)

  • @mr.shanegao
    @mr.shanegao 3 роки тому +9

    Key schedule 3:30
    DES decrypt 25:50
    DES security 51:00
    DES alternatives 1:03:00

  • @nathansteain914
    @nathansteain914 10 місяців тому

    The best teacher i have ever seen in my life THANK YOU A LOT

  • @nabeelakausar101
    @nabeelakausar101 4 роки тому +1

    Dr paar I m going to start my Ms research in cryptography. Your lectures are very helpful. Greetings from Pakistan.

  • @thev1cification796
    @thev1cification796 7 років тому +2

    Thank you very much professor for this lecture series. I was already loosing hope to pass my Introduction to Cryptography lecture, as I barely managed to complete the exercise sheets, due to not being able to follow the lecture or understand our script, but thanks to your lecture videos and textbook they have become doable again. Many thanks!

  • @introductiontocryptography4223
    @introductiontocryptography4223  8 років тому +29

    No, COPACOBANA is from the pre-GPU era :) It is essentially a bunch of FPGA (= progammable hardware devices). Some ciphers, especially DES, are very hardware friendly. On FPGAs, one achieves really high encryption rates for such ciphers. However, there are many instances where modern GPUs are better suited for code breaking, especially for public-key algorithms. regards, christof

    • @MohammadHizzani
      @MohammadHizzani 6 років тому +1

      so far, I found problems with video 1 and this lecture, I watched the video at your website its OK, but here at UA-cam I think because of maybe some youtube modification, the video is like being in rollercoaster

  • @lablnet
    @lablnet 2 роки тому

    Thank you so much for providing great lectures series free of cost.

  • @florianwege7563
    @florianwege7563 2 роки тому

    The interpretation of the Feistel round as a stream cipher to understand how the decryption works was really enlightening, also how the other elements work. Rather than being artistic, this seems well thought out.

  • @naveenpavithran5545
    @naveenpavithran5545 10 років тому +1

    Thankuu sir.. well explained... now I'm very much interested in cryptography. .. greetings from India.. !!!

  • @nicolasmagee1780
    @nicolasmagee1780 4 роки тому +1

    Very good lecture.
    But, as people have commented, the camera distortions are somewhat annoying.

  • @chamilajayamali
    @chamilajayamali 6 років тому

    Thank you professor its really good to enjoy your lecture. I will do my best in exam with help of you lectures

  • @samueleagostinelli5346
    @samueleagostinelli5346 6 років тому +2

    Very interesting! Excited to learn about AES next :D

  • @Mr850man
    @Mr850man 5 місяців тому

    Thanks for uploading teacher

  • @DeckSeven
    @DeckSeven 10 років тому +1

    This is the 6th lecture I've watched so far and I enjoyed all of them! Very great!
    However, the entire series of lectures and semester took place in 2010-2011. This was before Edward Snowden's revelations in 2013 about NSA's global espionage, so the Professor may have not known the full story and told his students only what he has been told at that time, on why the NSA and their contractor IBM have not told anyone about the DES attack vulnerability (S-Box configuration). But cypherpunks and german crypto developers like me have a different opinion or theory today... It is more likely that NSA wanted to build in a backdoor in DES on purpose in the first place, in order to be able to break in and spy on any company, bank or targeted individual who used the popular DES cipher algorithm over the last 20-30 years. Just take a look at "Heartbleed" vulnerability in SSL online encryption which was revealed this year! The NSA knew about it, didn't tell anyone and exploited it for years! This may all sound like a conspiracy theory, but seriously, today everyone knows that the U.S. government and NSA do all these surveillance and espionage operations on the internet, especially against us Germans, even if they deny it. Edward Snowden revealed it himself, so nobody will argue about that today. It's not a conspiracy theory any longer but a conspiracy fact.
    But alright, let's assume the story was like the Professor said, that the NSA kept the vulnerability secret in order to be safe from attacks, which I find a bit sloppy for a "National Security Agency" with a budget of billions of dollars! You think the NSA would be so stupid and let IBM develop a half-secure cipher for themselves?? No no, that sounds like plausible deniality to me. I don't believe it. I think normal cryptographers have not been told the true reason why NSA kept the vulnerability secret. That's my personal opinion. You can't trust the NSA on this. They tell you one thing, but there may be more to the story as people think. Global industrial espionage have always been a big thing. There are many cipher algorithms today on the internet which people can download and use, but which have secret backdoors embedded for the government to break in silently and read all your encrypted messages easily. So be careful! These things don't happen, because NSA made a mistake. Don't be too naive to believe such a thing! NSA does not make mistakes. They want to spy on everyone on the global internet and they know what they're doing. It is more likely that DES was a clever spy scheme or fraud by the NSA. A malicious Cipher algorithm designed on purpose by NSA! But I don't want to insult the DES developers or anyone who loves DES. All I'm saying is I don't believe the story about the secrecy of the DES attack vulnerability.

    • @Mr850man
      @Mr850man 5 місяців тому

      You didn't understand, DES is safe to the attack. It was deemed unsafe later with the technologic advances. You are right on the spying tho

  • @aayushiagarwaal
    @aayushiagarwaal 5 років тому +9

    sir,at 24 minute one of them ask some question and you answered in german and said that it is exacellent observation or remarl.can you pklz tell me in english.

    • @introductiontocryptography4223
      @introductiontocryptography4223  5 років тому +28

      (Sorry for falling back to German once in a while. The 100+ students in the room are all 1st year students and I am "not really" supposed to teach in English :)
      What I said was in summary: One can certainly merge PC-1, the Left Shifts and PC-2. This would give us a single permutation whose output would be subkey k1. However, the merged permutation that give us k2 would be different. And the one of k3 would be different too, etc. Thus, we would need 16 different permutations.
      Rather than having 16 different permutation tables, it is easier to have just one PC-2 which generates all 16 subkeys together with the Left Shifts. Hope this helps. cheers, christof

    • @aayushiagarwaal
      @aayushiagarwaal 5 років тому +5

      Thanku sir for the quick response and it's really ok sir german is your native language m concern for that observation because if u r saying that's something excellent I should know that 😊well thanks again

    • @cud0s
      @cud0s 4 роки тому

      @@introductiontocryptography4223 thank you for the explanation, and for uploading these lectures 🙏

  • @SebasLube
    @SebasLube 9 років тому

    Thanks a lot for sharing lectures this way, greetings from Argentina!~

  • @user-em9mw9ch3y
    @user-em9mw9ch3y 5 років тому +11

    3:22 cool effect of DES.

    • @jackcoleman1632
      @jackcoleman1632 3 роки тому

      Do you mean that the video has gone thru a DES encode-decode to get that "wavy" video effect??

  • @abbbb5625
    @abbbb5625 3 роки тому

    56 bits instead of 64 it is because the ASCII was at the time coded in 7 bits as a signed byte. It is only after during the 90's that the 8th bit was used to encode special characters related to specific language and was dependent of the language of the OS. Clearly, you do not want a cipher being dependent of the locale.

  • @sharan9282
    @sharan9282 10 років тому +1

    Very well explained. Thank you sir.

  • @mojtabakomeili
    @mojtabakomeili 8 років тому

    I really enjoyed this set of lectures so far and Prof. Paar is a very enthusiastic teacher with great teaching abilities. However, the only annoying thing that happens sometimes during these videos is that some of them look kinda skewed and distorted if the camera moves. I wish this could be fixed.
    Nonetheless, this does not degrade the reach knowledge that can be learned through these series. I hope we could see more topics by Prof. Paar. I am particularly interested in topics such as Homomorphic Encryption. It will be great to see a lecture by you on that (of course in English ;-)

  • @hipsterkennyrogers909
    @hipsterkennyrogers909 Рік тому

    After about the 3rd lecture, I bought his book.

  • @azamikram9270
    @azamikram9270 8 років тому +5

    What was the answer to the question that why we should not merge left shift into PC to make them a single permutation?

    • @hansen1101
      @hansen1101 8 років тому +11

      it is possible to merge the shifts into the permutations, but then you'll need 16 different permuatation tables (one for each round key), which is not as memory efficient as 1 permutation table and 2 left shift operations. that's why they don't combine them here.

    • @guilhermedantas5067
      @guilhermedantas5067 5 років тому

      Viele danke, mein Freunde. :) Leide die Deutsche in diese Video ist zu schwer für mich :p

    • @amynguy
      @amynguy 5 років тому +1

      @@hansen1101 wont be hardware friendly also

  • @arash8195
    @arash8195 10 років тому +2

    Thanks was very helpful for me!

  • @willliu1306
    @willliu1306 6 років тому +1

    Professor Paar, Thanks for your great lecture, during the explanation of decryption, it's important to make Key16, be the same as K1 decrytion, so is that mean in the decryption steps, We routes the key scheduling hardware wire in reversal order of the encryption hardware ?

  • @dr-Jonas-Birch
    @dr-Jonas-Birch 14 днів тому

    Prof Paar, great series. So this was back in 2011. How many bit keys would you say is possible to brute force today, generally? JB

    • @introductiontocryptography4223
      @introductiontocryptography4223  13 днів тому +2

      The general assumption is that 128 bits is out of reach, even for large-scale attackers such as large intelligence agencies. My *personal* guess is that 80 bits is within reach of such attackers. To be on the safe side, it is prudent to use crypto systems that offer a security level of at least 128 bits

    • @dr-Jonas-Birch
      @dr-Jonas-Birch 13 днів тому

      @@introductiontocryptography4223 Thank you prof. -JB

  • @R0M4ur0
    @R0M4ur0 7 років тому +2

    Thank you Professor for such an interesting and informative lecture. I have a question re the key schedule in the decryption process. Shall I assume that the algorythm generating the keys is reversed too as opposite to the one used during the encryption? i.e. an inverse permutation followed by two 1- or 2-bit right shifts? Thank you in advance. Mauro

    • @introductiontocryptography4223
      @introductiontocryptography4223  7 років тому +7

      basically: yes :) The decryption key schedule generates the subkeys in the reverse order, i.e., it computes k16 first, then k15, ... and finally k1. The permutation PC1 and PC2 are the same in the encryption and decryption key schedule. The only thing that has to change are the shifts: one has to replace the left shifts with right shifts. One has to watch out in which rounds there is a shift by 1 position and in which there is a 2-position shift.
      (Remark: Note that the shifts are really rotates.)
      cheers

  • @sarthakgupta1165
    @sarthakgupta1165 8 місяців тому

    In the encryption, we have IP in the beginning and IP^-1 in the end which means that the initial permutation has been sort of cancelled by the inverse of initial permutation. Why do we need IP and IP^-1 in the decryption if the effect of permutation has been nullified during the encryption? Maybe I am missing something here. Thanks for your time in reading my question (and hopefully answering it).😃

    • @introductiontocryptography4223
      @introductiontocryptography4223  8 місяців тому +1

      Good point, IP and IP^-1 do NOT serve any security purpose. Most likely they were introduced to make the mapping for incoming data in blocks of 8 bits into blocks of 64 bits as needed for DES easier. --- Remember that DES was designed in the early 1970s where 8-bit buses where state of the art :)

    • @sarthakgupta1165
      @sarthakgupta1165 8 місяців тому

      @@introductiontocryptography4223 Many thanks for your answer. I understand your point. Now that I have got your attention, let me also ask about the lecture notes on your follow-up class "Implementation of Cryptographic Schemes" which you mentioned in the comment section of lecture 24. You said that they can be downloaded at: www.emsec.ruhr-uni-bochum.de/teaching/literature/
      However this link gives an error 404. Could you fix that please (by updating the link maybe).

  • @rajshahi97
    @rajshahi97 10 років тому +2

    Could you please explain the answer of the question regarding having PC-2 and LS separately and not combining them to do the job. The discussion was in German for about a minutes. Have no understanding of German language. Sorry...

    • @introductiontocryptography4223
      @introductiontocryptography4223  10 років тому +11

      Sorry for the late reply. --- One could combine PC-2 and LS in a single 56-to-48 permutation. However, that would then require 16 different permutations which need to be stored. The beauty of the PC-2 and LS approach is that the subkeys can be computed on the fly since both operations are very fast relatively to computing the actual round function.

    • @BITATAbir
      @BITATAbir 8 років тому

      +Introduction to Cryptography by Christof Paar Can you explain the part of concatenation between the left and right sides of the sub key Ki, i mean the pc2, wich bits are droped and in what order do we place the 2 sides?

  • @avrelyy
    @avrelyy 10 років тому

    Great tutorial on DES! Many Thanks!

  • @bogdanpoznyak3828
    @bogdanpoznyak3828 7 років тому

    thanks for your lectures!!! very exciting and interesting:)

  • @damejelyas
    @damejelyas 3 роки тому +1

    DES Initial Permutation can help in diffusion as most plain text that would be encrypted is binary representation of asci code and we have only 26 english charachters that means at the entry only the right part 4 bits change a lot but the left part mostly the least significant bit can change from time to time, but with IP the changes touch the left and the right part.?
    in later video you state that you have met with creator of DES and he told you it was only engineering and circuit design so you can ignore my comment :), by the way your channel is a hidden gem
    (Edited)

  • @egorjanidem2655
    @egorjanidem2655 7 років тому +1

    Nice Class, thanks so much

  • @nima9625
    @nima9625 Рік тому

    I have a side-channel question! 😁 I am wondering what kind of video CODEC is used after text mark added. It reminds me strong magnetic fields effect on analog TVs!

  • @J12647
    @J12647 6 років тому +2

    24:15 Can anyone tell me what he Dr. Paar says here? I understood he's saying that software allows us to do all permutations at once. But I'm not sure. Thanks in advance. I'm learning Crypto and German at the same time xd.

    • @introductiontocryptography4223
      @introductiontocryptography4223  6 років тому +4

      The (correct) answer that one of the student gave was/is:
      We could actually merge PC-1, the Left Shifts LS_i and PC-2 into one permutation that maps 64 bits to 48 bits. However, for each round we would need an individual permutation of this type, i.e., there would be a key permuation KP1, KP2, ..., KP16. They could be precomputed, of course, but there would not be any real advantage to it. And extra storage...

    • @J12647
      @J12647 6 років тому

      It makes more sense now. Thanks a lot for both your reply and your lecture Dr. Paar! I found them very useful. Grüssen aus Mexiko!

  • @Meatchop
    @Meatchop 8 років тому +1

    Is COPACOBANA using gpu computing? What language does it use?

  • @potapow8684
    @potapow8684 2 роки тому

    Beatiful!

  • @devendrasharma7999
    @devendrasharma7999 8 років тому

    Sir , as u have explained below that IP and IP^-1 cancel out effect of each other which i think should mean L0(d) == L16(e)... can u please explain where i m going wrong...

  • @iam_subh5035
    @iam_subh5035 8 років тому +1

    At the end of the round 16 during encryption a swap happens using IP^-1, Why don't we swap during the round 1 of decryption using IP?

    • @yurilsaps
      @yurilsaps 5 років тому

      this made me lot of counfusing also!!!

  • @happinin
    @happinin 9 років тому

    a question for fellow cryptographers out there,
    key scheduling is only done once in ECB mode. the same key is used in that mode for each round.
    Can someone tell me which modes of operation require key scheduling to a point where a different key is used for each round? and in reverse order for each round for decryption? im talking with respects to CBC and CTR mode. do they both use different keys for each rounds? or the same key like ECB?

  • @tcpipman4638
    @tcpipman4638 2 роки тому

    So the reason we can do the decryption is that at the end of the key scheduler we have rotated all the bits a full time (28 shifts), thus K0 is the same now as K16 ..This is why we have done 28 bit shifts in total so we have fully shifted the register where the key value is?

    • @introductiontocryptography4223
      @introductiontocryptography4223  2 роки тому

      Yes, you are correct, at the end of the key schedule the C and D registers have each been rotatet by 28 bit positions. Thus, C16 is identical to C0 and D16 to D0. This makes decryption *easier*.
      Please not that it would still be possible to do the decryption *without* this property. In this case, the decrypting party could initially simply execute the encryption key schedule, and store the subkeys k1, ..., k16. Then, one could run the decrypting algorithm using the stored subkeys. --- This is how it is done with AES and many other modern block ciphers.

  • @AZz-u1c
    @AZz-u1c Рік тому

    Why can't we merge the left shifts of the Cs and Ds into one left shift? We could easily generate 16 permutations that way, I don't get why we have to split the 56 bits in half before doing LS?

    • @introductiontocryptography4223
      @introductiontocryptography4223  Рік тому

      Good thought. However, the "left shifts" are not actually shifts but rotations. These rotations happens WITHIN the left 28 bits and WITHIN the right 28 bits. That's why we need to split the 56 bit of the key.
      But you are right, one can generate 16 permutations, each of which computes one subkey (= round key) from the original 56 key bits. The drawback of this is that one has to store those 56 permutations and to compute them. In most applications it is simplier easy to compute them the way it is presented in the lecture. But again, there is nothing wrong with generating 16 permutations and using those.

  • @andyfawcett4666
    @andyfawcett4666 11 місяців тому

    Using an index origin of 1 for bit mapping really throws a curve! (i.e. bit 1 to 64 instead of the more natural 0 to 63). Maybe FORTRAN forced this convention?

  • @sanyamjuneja61
    @sanyamjuneja61 4 роки тому

    Hi professor,
    Thank you so much for such an informative lecture.
    I didn't understand why Co=C16 at 17:47?
    I did not understand the logic used here

    • @thomasliaigre7622
      @thomasliaigre7622 4 роки тому +1

      If you look at the schema at 16:40, the key of 56 bits is splitted in two equal parts (C0 and D0) of size 28 bits (56/2). If you perform 28 left rotation on an entry of size 28 bits, you come back at the initial value, so C0=C16 and D0=D16

  • @LATIFAHMOHDNOR-zy1mq
    @LATIFAHMOHDNOR-zy1mq Місяць тому

    Page 396
    encryption (Comp) Encoding data to make it incomprehensible to those without decoder. See decryption.

    • @LATIFAHMOHDNOR-zy1mq
      @LATIFAHMOHDNOR-zy1mq Місяць тому

      Page 307
      decryption (Comp) The recovery of a plain message from an encrypted one.

  • @ardiris2715
    @ardiris2715 7 років тому

    How is the S-box compression reversed? Expanding the string from 4 bits to 6 bits via the table gives 4 possible values. How is the correct value chosen?

    • @introductiontocryptography4223
      @introductiontocryptography4223  7 років тому +2

      Good question. You never have to reverse the S-box. During the decryption phase, you just have to re-compute the S-Box. Note that the actual encryption does NOT take place with the S-Boxes. Rather, the data is encrypted using the XOR operation. cheers, christof

  • @agile4733
    @agile4733 3 роки тому

    48:20 Why Ki is replaced by K16, because it is in reverse order? Can you explain that part again? Ty

  • @feisuxiaozhu
    @feisuxiaozhu 7 років тому

    great lecture. thanks!

  • @clwydjones9313
    @clwydjones9313 8 років тому +1

    trivial commrmt, but i love the german! wonderful lecture (not just because of the accent)

  • @vivekjppandey1247
    @vivekjppandey1247 2 роки тому

    I think if L and R start from 0 to 15 then in 'end of encryption' L15 is the last. And at decryption L0 (not L1) is L15.

  • @TheoryAndGames
    @TheoryAndGames 8 років тому +2

    Hey, great class. I am taking cryptography class here in New York: thank god you do give this lecture mostly in English. You are god sent. But my question is, is the textbook that you use in English? if so, could you tell me the title so I can get it, please.
    Thank you.

    • @introductiontocryptography4223
      @introductiontocryptography4223  8 років тому +1

      +Elvis Machuca The class uses "Understanding Cryptography" by Jan Pelzl and myself. The lectures closely follow the textbook (or vice versa :)) and it is reasonably priced. Please visit www.crypto-textbook.com for more information. You may also want to have a look at the book's reviews at Amazon.com, people seem to really like the book. regards, christof

    • @TheoryAndGames
      @TheoryAndGames 8 років тому

      +Introduction to Cryptography by Christof Paar thank you, I hoping to understand how to put together the key schedule. I seem to have gotten lost along the way, and I am not getting the right number of its when I try to encrypt.

    • @TheoryAndGames
      @TheoryAndGames 8 років тому

      +Elvis Machuca for instance where I got lost is, when putting together the feistel function and the key schedule, is like along the code I wrote, I seem to put missed placed something

  • @amsainju
    @amsainju 8 років тому

    Thank you professor

  • @narekarapetyan793
    @narekarapetyan793 7 років тому

    How does the descriptor know what exactly k16 is in its first round?

  • @GapYearProject
    @GapYearProject Рік тому

    Who decided to use Warp Stabilizer on an entire video like this

  • @SG-kn2jl
    @SG-kn2jl 6 років тому

    What was the answer that you gave at 24:17, please I wanna know and in PC-2 which 8 bits are dropped and at 48:56 doesn't '!=' means 'not equal to'

    • @introductiontocryptography4223
      @introductiontocryptography4223  6 років тому +1

      my answer was: Yes, you can merge LS and PC-2 into one permutation, but then you would need 16 different of these merged permutations.
      Re PC-2: Just look a Wikipedia etc for the PC-2 table.
      != means not equal to

    • @SG-kn2jl
      @SG-kn2jl 6 років тому

      Thank you professor as I don't go to any University so u r my only hope

  • @TheoryAndGames
    @TheoryAndGames 8 років тому

    another question, what goes into PC-1 and PC-2, and how do you apply them to the key?

    • @introductiontocryptography4223
      @introductiontocryptography4223  8 років тому +1

      +Elvis Machuca If you have a look at the figure at 6:00 you'll see how PC-2 works. Its input are the 56 bits after the LS shifts. The output of PC-2 is the round key k_i. PC-1 is, unfortunately, not visible in the video (but in the book :)). Its input is the 56bit key of DES, but you have to add a parity bit at every 8th bit location, so that the total input length to PC-1 is 64 bit. NOTE that 8 bits are partity bits which are removed by PC-1, i.e, there are only 56 bits which form the key. regards, christof

  • @zainabbriouga2656
    @zainabbriouga2656 4 роки тому

    anybody knows what the professor was answering in german at 24:44 ? and he was like "very good question"

  • @shivanksharma8389
    @shivanksharma8389 10 років тому

    thanks professor

  • @00000ghcbs
    @00000ghcbs 3 роки тому +1

    3:20 trippy af

  • @zexzinc5138
    @zexzinc5138 3 роки тому

    The fabric of universe got curved many times :)

  • @omega011536886
    @omega011536886 10 років тому

    thanks Professor :D

  • @tanmaykulkarni6627
    @tanmaykulkarni6627 Рік тому

    Can someone please translate what he said at 24:16 to english, i had the same question in my head, but i dont speak german.

    • @introductiontocryptography4223
      @introductiontocryptography4223  Рік тому

      Here is the gist of the discussion (in German :) --- One *can* generate k1 with a single permutation directly from the original key. One can also generate k2 that way. And k3 and ... The drawback is that this would require 16 different permutations. The way it is normally done in the key schedule is much more resource efficient: We have a very regular structure where we only need Left Shift and PC-2, rather than 16 different permutation tables.

  • @jithinvijay5330
    @jithinvijay5330 10 років тому +1

    Good lecture sir :) greetings from India (Y)

  • @dsp6742
    @dsp6742 3 роки тому +1

    Is the video shaking or am I drunk?

  • @kaushikramabhotla4635
    @kaushikramabhotla4635 4 роки тому +1

    why is the screen shaking like woaahh!

  • @justcurious1940
    @justcurious1940 4 місяці тому

    One dangerous hardware fact : Most computer architecture implementations are able to only use 3% of the capability of the CPU, Imagine if they find a way to use 100% of the CPU capability, doesn't this means that all encryption algorithms are breakable by just Brute Force?

  • @tehwinsam3522
    @tehwinsam3522 6 років тому

    Hi , professor chrisof paar . Let say the K=00010011 00110100 01010111 0111001 10011011 10111100 11011111 11110001 how do we know the K+ how it generate from 64 bit key to 56 permutation key ? Beside , this course is undergraduate or postgraduate currently i have just finished my diploma if this is undergraduate programme , what is this programme ? Computer Science ? or Computer Science with computer security ? Thanks

    • @tehwinsam3522
      @tehwinsam3522 6 років тому

      Solved , but can you please answer the second question ?
      Thanks

    • @introductiontocryptography4223
      @introductiontocryptography4223  6 років тому +1

      You have to look at PC-1 ("permutec choice 1"). It is easy to find on the Internet. PC-1 describes which 8 bits are dropped.
      This is a first-year course in our Bachelor program in IT security. The program is a mixture of security, cryptography, computer science and computer hardware. It is taught at Ruhr University Bochum in Germany.

  • @SS-605
    @SS-605 7 років тому

    Professor when one of student ask a question about why they didnt combine PS-2 with a LS and you translate the answer in German :( why professor :( please tell in english here

    • @introductiontocryptography4223
      @introductiontocryptography4223  7 років тому +4

      also, die Antwort ist wie folgt... Just kidding, here it is in English:
      Alternatively, one COULD combine PS-2 with the left shift (and with PS-1). This would then be a single permutation which give round key, say, k1. HOWEVER, one would then need another special permutation which computes k2. And one for k3, and k4, ...
      The DES designer came up with a very elegant way of computing k1...k16 with one single permuation PS-2 which is used over and over again together with LS. regards, christof

    • @SS-605
      @SS-605 7 років тому

      Vielen Dank Professor :) I really like when you mention german along with english it lets me to get few german words :) actually I was also curious about the joke someone made and you reply in german :D (i guess at around 1:00:50 ) but its ok :) thank you so much Professor

  • @lakshaysagarrana3965
    @lakshaysagarrana3965 6 років тому

    what other books do you recommend ?

  • @akf2000
    @akf2000 Рік тому

    He was encrypted for the first 10 seconds

  •  8 років тому +1

    is this a first semester science computer class? a little bit advanced...

    • @introductiontocryptography4223
      @introductiontocryptography4223  8 років тому +2

      This is the first semester of our B.Sc. program in IT Security. This is a quite popular program with about 150-200 new students every fall. I teach at Ruhr University Bochum, a large public university in North-Western Germany.

    •  8 років тому +3

      I study Science Computer too, and our classes are very poor in details, I'm really thankful for your teaching, well done!

  • @amirtarek7166
    @amirtarek7166 Місяць тому

    If we cut off 'No talking', 'Wake up for the next 5 mins' I think the lecture would be like 15 mins or something.

  • @anoopmourya3574
    @anoopmourya3574 5 років тому

    Thanks

  • @marcuschiu8615
    @marcuschiu8615 5 років тому

    is it just me, or is the video skewing as the camera moves or boards moves

    • @marcuschiu8615
      @marcuschiu8615 5 років тому

      anyways, like the rest of the comments, this video is very good

  • @adrienloridan
    @adrienloridan 6 років тому

    thanks !

  • @VAMSEEKRISHNAKOTHABCE
    @VAMSEEKRISHNAKOTHABCE 5 років тому

    what is the book they are using

    • @introductiontocryptography4223
      @introductiontocryptography4223  5 років тому

      We are using "Understanding Cryptography" by Jan Pelzl and myself. The course is actually based on this book. Please have a look at www.crypto-textbook.com for more information and resources. regards, christof

  • @spdx1
    @spdx1 6 років тому +1

    30:06

  • @Maiiepmaidiep2610
    @Maiiepmaidiep2610 7 років тому +1

    wake up =))

  • @nabeelakausar101
    @nabeelakausar101 4 роки тому

    Worry about your German because I can't understand what you explained in that language

  • @debu000001
    @debu000001 10 років тому

    Professor plz don't shift to German!! Please think about ur international Students too!! Thank you..

    • @introductiontocryptography4223
      @introductiontocryptography4223  10 років тому +21

      Don't worry, after sec 35 I switch to English:) It happened in one or two other videos too that I forgot to teach in English for the first minute or so. --- I am glad the videos are of help for some people.

    • @karthikhebbar9864
      @karthikhebbar9864 10 років тому

      Introduction to Cryptography by Christof Paar awesome work ... Thanks for the video

    • @guilhermedantas5067
      @guilhermedantas5067 5 років тому

      Keine Sorgen! Ich lerne viele Deutsche mit den Videos auch heheheh

  • @hoagie911
    @hoagie911 Рік тому

    It's sad just how much the professor has to stop and try to get the students' attention

  • @psilocyberspaceman
    @psilocyberspaceman 9 років тому +3

    I find it rather disturbing that you in every lecture, often several times, have to ask the students to be quiet. This is supposed to be a university; not a kindergarten.

    • @edmann19592000
      @edmann19592000 8 років тому +1

      confirm! what a strange university!

    • @Nyocurio
      @Nyocurio 6 років тому

      That's what happens when you have zero tuition fees I suppose.

    • @reizhustenistdoof
      @reizhustenistdoof 6 років тому

      I know universities where its totally normal for the students to talk all the time.
      I am a student myself and I don't understand that at all.
      If I plan to not pay attention at all I would not visit the lecture....but then again I have no attendance rate or something.
      But then again at my uni also some teacher complain. some teachers want it to be completly dead silent.
      So even if you just ask a costudent for an eraser, they would already complain ...
      So there's that. And with a classroom of 200 people I understand that he wants the class to be quiet or else it soon gets really really loud ...

    • @MrFramue
      @MrFramue 4 роки тому +1

      It is a German University. That's normal here. The interested guys are sitting in the front rows and the rest is sitting in the back and chatting about the next party. University is free and if you lack of money the government will support you.