Elliptic Curve Cryptography & Diffie-Hellman

Поділитися
Вставка
  • Опубліковано 13 гру 2024

КОМЕНТАРІ • 63

  • @ndabenhlemhlongo7231
    @ndabenhlemhlongo7231 3 роки тому +2

    Dude you are simply the best. Clean and simple explanation

  • @LapFox
    @LapFox 9 років тому +5

    Nice! Helped me a lot understanding the graphical view of this exchange. It's one thing to see the equations, another to see the points visually. Thanks for the great explanation!

  • @SaDa-fp4dk
    @SaDa-fp4dk 8 років тому +16

    It would be also nice if you have really took a "String" and take some parameters and show the whole process like you have done in the previous video "Intro to Cryptography"

  • @kmacdough
    @kmacdough 6 років тому +3

    "It's obvious that it's computationally infeasible..." It's not obvious because, as you mentioned, after decades of thoughts, no one has found a good solution, but also no one has proved any degree of difficulty.

  •  7 років тому +7

    It would also be nice if you'd talk about why it is easy to create the public key, but hard for an attacker to compute it...
    Which is the main reason why a cryptographic system should be used.

    • @qwerty.760
      @qwerty.760 3 роки тому

      it is hard to find the public key because addition and multiplication in elliptic curves is different and is hard to reverse.

    • @potenciagg6843
      @potenciagg6843 Рік тому

      logarythm discrete problem for eliptic curves

  • @yashavantharao2817
    @yashavantharao2817 7 років тому

    The beginning explanation of point additions makes rest of the presentation easy to understand. Amazingly explained. thanks to you.

  • @claudioasfilho
    @claudioasfilho 7 років тому +1

    This is a very well done and informative video. Thanks a lot!

  • @nightwolf905
    @nightwolf905 7 років тому +1

    very good explanation, helped me remember it since I didn't used it for a while

  • @vksingh1231
    @vksingh1231 7 років тому +1

    Question: Since each point such as A represent a point in plane, say (x,y), what does A+B represent?

  • @maheshbabuundru9070
    @maheshbabuundru9070 4 роки тому +1

    Where does they exchanged message? I dont see any message was exchanged.... All I can see that they just computed same point R.

  • @universumpi
    @universumpi 4 роки тому +1

    10:43 I understood how they secretly passed each other value R, but this value depends only on their private keys, I don't understand how this can be used to pass some kind of message or even just a number. Anyone?

    • @youtubepooppismo5284
      @youtubepooppismo5284 3 роки тому +1

      At the end of the process they both have a secret point R. Then you can model and use it as you want, you can use it as a key for a symmetrical encryption algorithm.

  • @pumbo_nv
    @pumbo_nv 6 років тому +1

    One thing I can't understand. How is it feasible to multiply generator point by private key (P = d x G), considering `d` is a very large number? Do you need to calculate it step by step with point addition or is there any shortcut to do the multiplication?

    • @baatar
      @baatar 6 років тому

      I think that's the point: there is no efficient way to find out the private key without manually adding the generator point by hand until you hit upon a match.

  • @williamwallace6506
    @williamwallace6506 2 роки тому

    Amazing work, thank u

  • @nourahsaad9810
    @nourahsaad9810 5 років тому

    Amazing work

  • @muralidharang6594
    @muralidharang6594 7 років тому +1

    Hey, that was a great explanation, is there any way u could help me, in order to Know more about that generator point (G),

  • @rohanghige
    @rohanghige 8 років тому +4

    Amazing explanation... Thanks :)

  • @MrJzimnowo
    @MrJzimnowo 6 років тому

    Very good explanation !!

  • @vksingh1231
    @vksingh1231 7 років тому

    Diffier-Hellman algorithm: 05:14

  • @JohnBolka
    @JohnBolka 6 років тому +1

    super helpful, thanks!

  • @vksingh1231
    @vksingh1231 7 років тому

    Elliptic curve equation 00:42

  • @Ajaykrishna97_
    @Ajaykrishna97_ 5 років тому

    How R is calculated at each end. Will Alice keep Q as generator point and compute d*Q. Can someone please explain this part

  • @ayman8423
    @ayman8423 6 років тому

    Does G require to be regenerate every time Bob and Alice want to exchange key, or G is fixed number.?

  • @alijohnnaqvi6383
    @alijohnnaqvi6383 10 місяців тому

    How can sum of two positive points A and B result in negative value C??/

  • @makkalam807
    @makkalam807 7 років тому

    What will be the public key if G is (2, 3).Plz explain.

  • @nm425
    @nm425 6 років тому

    Thanks for making this

  • @ryanharris9413
    @ryanharris9413 9 років тому

    The Top Encryption Method.

  • @geekelectronics1369
    @geekelectronics1369 3 роки тому

    Nice, so the difference between DH and ECDH is in DH we are using the exponential function to produce a public key but in ECDH we are using the multiplication function. Still not understandable how ECDH is having a significance.

  • @Tetrisboyz
    @Tetrisboyz 7 років тому

    hey can i use some pictures of your video as pictures for my work in university?
    Ill give credit of course

  • @brendawilliams8062
    @brendawilliams8062 3 роки тому

    Thankyou

  • @metalstorm54
    @metalstorm54 7 років тому

    The best explaination

  • @mathmeeple
    @mathmeeple 6 років тому

    Hey! I would like to know more about the importance of the cofactor h, but when I google it most of the sources make reference to ECC D-H with cofactor (as an improved algorithm). Could anyone explain it to me or give some source of trustable information? Thanks:)

  • @kanz831021
    @kanz831021 9 років тому +2

    Neat and Clear ! :) Thanks

  • @illicitsolitude7727
    @illicitsolitude7727 7 років тому

    Very nice.

  • @cardsigner
    @cardsigner 3 роки тому

    Is there a known fact with regards to Eve and Alice in terms of the difficulty to obtain Bob's private key? All lectures always mention that Eve cannot do this and that. But since Alice possessed more information than Eve, is there a proof whether Eve's difficulty is greater than Alice in getting Bob's private key? Or that, Alice and Eve have equal difficulty. Or that Alice has lesser difficulty because she has more information.

  • @JAVIonics
    @JAVIonics 3 роки тому

    Everything made sense, but the process of encrypting and decrypting the message seems to be mostly missing.

  • @reydeleon3050
    @reydeleon3050 7 років тому

    hello there, can I use ECC for enhancing the Tiny Encryption Algo(TEA)?

    • @vikyaths6277
      @vikyaths6277 4 роки тому +1

      COFFEE would be better mate!

  • @ZeeshanAliQureshi93
    @ZeeshanAliQureshi93 6 років тому

    How to draw these curves like y^2=x^3-2x+2 at 0:55.

  • @remyaunnikrishnan2037
    @remyaunnikrishnan2037 6 років тому

    what is n which is the prime order??

  • @UPPERKEES
    @UPPERKEES 6 років тому

    With random private and public keys (as far as I understood), how can you make sure that Alice is talking to Bob and not Trudy (man in the middle)? In RSA there is a CA, but with random keys, how can Alice/Bob verify he/she is talking to Alice/Bob?

    • @Real_Tim_S
      @Real_Tim_S 3 роки тому

      The DSA "digital signature algorithm" - basically it works the same way but opposite direction as the encryption. For encryption, the sending party uses the public key to encrypt the plaintext - only the holder of the private key can decrypt it. For Digital Signatures, the holder of the private key signs the payload with their private key, and anyone with the public key can see if the message is authentic, as the only way that public key and that message will generate the signature is if the signer had possession of the private key for that pair.
      Generally one would want to use both at the same time...
      Sender signs the plaintext using the sender's private key, then encrypts it using the receiver's public key.
      Receiver decrypts the message with their private key, then confirms the message was not tampered with by verifying the plaintext+signature using the sender's public key.
      Same thing done the other way to establish a shared secret.
      It's important to note that even though public key encryption like ECC and RSA are "relatively good" for setting up a secure communication, they are computationally more expensive than a stream cipher like Salsa or ChaCha, or a block cipher like AES or Blowfish. For that reason one would use the the public key encryption to setup a secure link with attribution/authentication, then use the stream or block cipher from then out, using a one time use session key unique to that certain communication. Usually one would not let the other completely control the encryption session - so they would do something like each generate a random number and send that as the plaintext to each other then cryptographically hash the two random numbers to generate a common session key.
      What you were saying about CA (certificate authorities) for RSA isn't exclusive to RSA. Essentially you can't know you're talking to the person you think you are unless you either get the public key from the person you want to talk to - or a person checks and guarantees the information and you trust them because they have a good reputation. The second case is what a CA is.
      A Certificate Authority will provide a certificate with a chain of custody - you say you are you, you give your public key, and you sign the statement saying you are you with your private key. Then you go to a CA to get a certificate from them - they verify that you are who you say you are and then they also sign your statement and your public key, with their private key. Eventually the user wants to verify who you are, so they retrieve your certificate - which has a chain of CA's that signed all the way to a "root of trust". At every step along that signature you can use that CA's public key to verify the signature and statement of truth is valid.
      Your browser for example will just have a list of Root CAs it knows to trust, and if your certificate chain ends at one of those roots of trust, the browser will trust you are who you say you are.

  • @chrissandi9985
    @chrissandi9985 3 роки тому

    how are Bob and Alice agree on point G if they have never even communicated in the first place?

  • @nikhil4sharma
    @nikhil4sharma 6 років тому

    Thank You :)

  • @kamelhamadi5345
    @kamelhamadi5345 8 років тому

    Awesome.

  • @sechaf
    @sechaf 6 років тому

    i need the ppt or any manual on ECC

  • @hichamtribak1944
    @hichamtribak1944 6 років тому

    Dear Sir please send me your paper or website reference so that i can add it into my paper. Kind regards.

  • @leesweets4110
    @leesweets4110 3 роки тому

    I dont understand why the log problem is difficult here... I dont understand why finding the private keys is hard. I understand why it is in standard DHKE, but not in ECC DHKE. Its the ECC thats bothering me here.
    The starting point G on the curve is public knowledge, right?
    Each party chooses a random positive integer n and finds n*G, right?
    So since each party does this anyway, the computation must be relatively easy to achieve relatively quickly, right?
    And it must be a simple enough computation for any eavesdropper to also do, since they also have G.
    So why cant an eavesdropper simply repeatedly add G to its previous sum until it finds a sum that works?
    The eavesdropper is systematically bound to find an n that works.
    I know that "Alice and Bob" randomly choose an integer n for themselves. So what? We know the upper bound on what n can be because its public knowledge, and because generator G will eventually lead to infinity anyway.
    Alice and Bob do NOT computer n*G directly.... rather they systematically add G+G+G+G... n times.
    An attacker doesnt have to guess at n. They just go through the same arithmetical process that Alice and Bob both have to go through anyway, which means its a very linear process.
    A process that anyone can do.
    Just stop when you find an n*G that works.
    If all an attacker has to do is add G+G+G+G+.... = P, in this linear process that Alice and Bob were both perfectly capable of doing themselves, then finding n is a triviality. And you know that n is small enough to be computationally feasible and within the bounds set by p and G. Who said you had to find n directly using some inverse operation? No, you find it indirectly by going through the same direct, forward process.
    The benefit of standard DHKE is that it involves large primes and the difficulty of factor checking to be so effective. I dont see the benefit of ECC DHKE.

  • @vksingh1231
    @vksingh1231 7 років тому

    Addition 1:25

  • @vksingh1231
    @vksingh1231 7 років тому

    Point doubling 3:07

  • @Fighter4473
    @Fighter4473 7 років тому

    What happened to eve?

  • @isabellaswan4590
    @isabellaswan4590 8 років тому

    Gud

  • @ghadeernn6121
    @ghadeernn6121 5 років тому

    Thank u 😭

  • @mahammedhagi98
    @mahammedhagi98 5 років тому

    I still don't get it.

  • @daweiding5618
    @daweiding5618 7 років тому

    can't stop a quantum computer though :D