Okay. Now that we've talked about random and pseudorandom numbers, we're going to talk
about one of their uses namely cryptography. The random and
pseudorandom numbers are used typically as
cryptographic keys. So what do you do
once you've got them? This video five, of lesson eight, is going to talk a little bit
about cryptographic basics. The basics here simply
to orient yourself. We assume that you know how to use
cryptography in general, at least in
the theoretical sense, and we're going to talk about
how to use it in practice. The biggy (phonetic) for
cryptography and surprisingly is not the cryptographic
algorithms, it's the policy. When do you want to use it? What do you want to use it for? You'll see examples of
both of these later on. But the gist of this is, in many cases for example, if you want to protect the file
by encrypting it, well, you can use whole
disk encryption and that gives you the encryption
that you want right there. So there's no need to do the additional step of encrypting it. The second question is, when you say you use cryptography,
why are you using it? Are using it to ensure
that data is secret? Or that the data will only be changed by authorized people? Or are you simply
trying to associate that data with someone else provenance if you like,
or some combination. Each of these requires a slightly different use
of cryptography. Now, just as a very quick review, there are two types
of cryptosystems that we'll be dealing with. The first is called
secret key or symmetric. This is the cipher that was
used in classical times. The sender and
the recipient share a key, or they have a key that, recipient's key can be easily derived from the
sender's and vice versa. The Caesar cipher or shift cipher is
a classic example of this. Where A becomes D, B becomes E, C becomes
F, and so forth. We're going to call the key for this sort of thing secret, and these ciphers hold
either secret key, or symmetric secret key. Because you have to keep
the key secret from everybody but the sender
and the recipient, and symmetric
because both of them have the same key, in essence. The second form which was first discovered in the classified
community in 1969, but later rediscovered publicly by Diffie and Hellman in 1976, and by the way they did not know about the classified work, the classified work
only became public in the mid 1990s in a book Dorothy Denning wrote
called, Information Warfare. In public key cryptography, as it's normally called, the sender and the recipient
have two different keys. The keys cannot be easily
derived from one another. They can be generated easily, but not, given one, it's computationally
infeasible to get the other. Maybe as one of
the keys will be used for enciphering and the
other for deciphering. The enciphering key is public. Everybody knows that
it's put out there, it's typically protected by a certificate or
something like that. I won't get into a discussion of public key
infrastructure because that's very messy and not
particularly germane to this, except for one point that
I'll bring out later. So anyone can get the public key, but no one can get
the private key. At least in theory,
only the owner can get the private key. The private key is typically stored protected on the local, on the recipient, or
on the owner's system