Public key cryptography - Diffie-Hellman Key Exchange

I remember doing the RSA factoring challenges on my school’s new server stack. I got away with it for a while until they got a competent person working for them who not only immediately noticed the servers running at 100% all the time, but knew it was me and told me to stop. My fingerprints were all over it since I had to sign in, so anyone could’ve easily seen that. I was just amazed at how long I was able to use the servers unchecked. Ah, I miss all that computing power. I wasn’t that good at it (better than an average person, but my formulas and programs could’ve used drastic overhauls), but it was fun.

In fact, I would argue that this has nothing to do with public key cryptography. Diffie-Hellman is used to mutually generate a key for private key cryptography. It is called a public key exchange algorithm, so I can understand the confusion.

edit: But this was a very informative video about Diffie-Hellman. I liked the video, even if the post wasn’t titled properly.

I have a basic understanding of how public key cryptography works and this video only confused me. I was just left thinking “am I stupid?”

They should dwelve into why does 31213 mod 17 = 31312 mod 17 instead of spending time on the useless first 3 minutes. This is the neat trick that makes it work, and is brushed under the rug.

if I came across as harsh, I thought you did a great job with your video. I have a lot of respect for people who teach.

Something that bothers me about programming communities is that people only seem to want to comment on whatever is wrong, no matter how small. It’s something I need to work on myself. Keep up the good work mate!

The problem is rarely in the algorithms and most hacks aren’t the result of bruteforce or finding some weakness in the algorithm. Usually hacks are the result of finding vulnerabilities in the system implementing it, either social engineering or lazy programming/administration. Apple’s done a good job of securing their system by creating a good implementation and not sharing the information the FBI would need to engineer a back door. The FBI isn’t asking Apple to weaken the cryptography, because that’s not really possible. The FBI wants to provide them with a way to unlock a phone that gets around Apple’s security measures, for example by sending a one-time signal to the phone telling it to unlock using UUID (basically, a push notification to unlock it). Apple’s argument is such a tool could be potentially be exploited by people who want to do harm so it’s better if they never create it to begin with.

However, this has nothing to do with the phone and more to do with a precedent. I think it’s crazy to believe the iPhone is a perfect implementation of information security and encryption. Numerous backdoors and zero-days already exist and the government owns many of them. If the information was that important, they could get other areas of the federal government to cooperate (like the NSA). But this is just an example of the FBI trying to exploit people’s fears to get something they don’t deserve as easily as possible.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top