Key Exchange Problems - Computerphile

Computerphile · Intermediate ·🧠 Large Language Models ·8y ago

Key Takeaways

The video discusses key exchange problems, specifically the flaw in Diffie Hellman and the potential for a man-in-the-middle attack, with Dr Mike Pound explaining how to factor it in.

Full Transcript

we had a few interesting questions on the diffie-hellman video so let's explore a little bit more about what we can do with diffie-hellman and what we can't do or shouldn't do with tiffy hellmann um so let's talk about man in the middle attacks and how they're a real problem for different helm when it's used on its own and that's where we bring in rsa or public key encryption uh to help us we won't go over too much of diffie-hellman again right plenty of videos on that already but let's remember we've got good ol alice and bob and we have some shared parameters already so a generator g and a large prime number n and they're going to share some information and calculate a shared key so alice is going to generate a private value a bob is going to generate a private value b they're going to share and i'm going to simplify the notation you know a lot here just so we don't spend eight is writing it out but alice broadly speaking will send bob g to the power of a like this so g to the power of a and bob will send g to the power of b and they use that to both calculate g to the a b all mod n right so g to the a b what this allows us to do is share two values in public and use them to calculate with our private value something no one else can do right that's really helpful but what this doesn't do is provide any protection from someone sitting in the middle here and intercepting these messages so let's look at a different version of this where there's someone nefarious in the middle let's call him sean so same again alice and bob and now we have shawn sitting in the middle now sean has control of this network that's the issue right so you can not only read the message but you can also intercept messages transmit messages again you know this kind of stuff so let's say you're a rogue admin or something like this so alice produces her value a right so maybe bob is a server maybe bob is a shop and alice is a client so she's going to send the initial message that says i'd like to talk to you let's establish a shared secret so alice is going to calculate g to the a and send it off to bob now sean doesn't let that through right that's the problem sean intercepts that message and stops it and pretends to be bob from then on so sean comes in here and goes oh yes i'm bob right and he isn't so he generates a private key s and a value g to the s and sends it back and as far as alice knows this is g to the b yeah there's nothing in here that says this is particularly sean bob could have generated the same we're calling it s but it's just a number it could have been progenerated by anyone so he sends this back they perform a normal key exchange and they end up with g to the a s so sean has now an established shared secret with alice so far so good now sean then then knows that alice wanted to talk to bob originally so then sean says my name's alice can i establish a shared secret with you so sean sends g to the s over to bob and bob goes ah brilliant and sends off g to the b back to shawn and they establish a shared secret g to the sb or bs or you know whatever right g to the s b what sean has done by sticking himself in the middle here is calculate two different keys both of which he knows and he can then use them to intercept every single message between alice and bob so alice then sends some actual http traffic or something like this encrypted with a key derived from this sean can immediately decrypt it re-encrypt it with sb send it off to bob and essentially act as a man in the middle every step so every time a message is sent decrypt it read it do whatever you want change it re-encrypt it and send it on right this is a huge problem because diffie-hellman provides no way of stopping this that's not what it's designed for it's designed for two parties i suppose that trust each other to generate a shared secret if you start throwing other people into it the whole thing breaks this is where rsa and other public key cryptographic schemes come in and rescue us to me straight away d helmand is dead in the water right right jeffy helmet's in real trouble here um but luckily it isn't the only public key protocol we've got um so this is what rsa does let's imagine that bob is a server so he has a public key and a private key associate let's say rsa or dsa it's not important so we have alice and bob again i'm going to get tired of naming these i should have just put a and b bob has a a private key and a public key so remember that back to the video that rob did on public and private key and the things we discussed in the past anything you encrypt with key a can only being decrypted with key b like on wannacry and so on the public key is given out freely it's not probably on bob's certificate um the private key he holds back so this time alice wants to talk to bob what we want to do is ensure that no one is sitting in the middle of this conversation also as it happens we'd quite like for bob to verify his identity because we want to make sure we trust the server so we can bring that in as well alice sends g to the a over to bob just as normal we're assuming that the generator and the and the prime number have already been established we're not worrying about this bob is going to send over g to the b but to stop anyone from sitting in the middle he's going to bring his private key and make sure that alice knows only he could have sent that message he sends g to the b as well as a a hash of this message or a digital signature of his message signed with his private key which would be you know something like a hash of g to the b that's too many brackets and then all signed by k private so if he's signed it with his private key the only thing that can decrypt that makes sense of it is his public key yes that's right so what alice will do is something called a signature verification so she will take g to the b perform the exact same process and then apply the public key to his encrypted version and see if they match and if they do she knows that only he could have done that because only he has the private key this is assuming he hasn't given the private key away we hope we like to make that assumption otherwise everything breaks what he does by sending this over is alice still gets g to the b like she did before but she can combine with a to get g to the a b but shawn or any other anyone else nefarious are when the first people are available if they try and use a different value they won't be able to sign it with the private key that bob had right if they can that's a real problem but they can't so bob is able to send a message to alice but not only shares his diffie-hellman parameter which is something that needs to be done anyway as part of the key exchange but also sign it to ensure that only he could have sent that message now this is this is a fundamental part of numerous internet key exchanges so the ike protocol that's used in vpns and the handshake using tls or anytime you see https this is the kind of thing you're going to see i mean in fact if we go to a standard website this is google chrome's security overview that is telling us what the handshaking tls establishes as a cipher suite for our communication with this server and you can see we're using tls 1.2 elliptic curve jeffrey hellman and rsa so we're not using diffie-hellman on its own we're combining it with rsa in this kind of mechanism such that no one can be a man in the middle and intercept our messages and interfere with them it does sound like we are potentially over complicating this i mean if we've got rsa why do we need diffie-hellman um yeah you're right so technically speaking we don't right technically speaking we can use rsa in let's say a tls handshake and historically that's what's been done so what would happen in that situation is alice would generate a shared key and encrypt it with bob's public key such that that way she knew only bob could ever read that secret key and then they'd carry on the conversation the the issue is one of something called perfect forward secrecy so the problem is that if you did this if you if you used only rsa ever to perform encryption right then if anyone ever breaks that rsa key or hacks into the server and obtains it or hardly turns up and gives it away then someone who's been recording messages between the two suddenly can decrypt everything right they've to go for all the handshakes so they can decrypt that symmetric key every time and decrypt every single historic message that's been sent between alice and bob so diffie-hellman is a more of a kind of per session deal right yeah diffie-hellman rsa keys are established and dsa keys are established over a long period of time let's say one or two years and to to save us a real problem if they get broken we don't tend to use that for the actual encryption what we tend to do is generate something called an ephemeral diffie-hellman key ephemeral meaning we do it pretty much every time and um we general we actually use them to generate the shared secret and we use rsa to provide this authenticity right so it's a combination of both diffie-hellman gets us a very quick way to establish a shared secret but it's only used a few times rsa gives us a way of verifying bob's identity and making sure there isn't a man in the middle and we don't tend to use rsa anyway for long-term encryption because it's too slow for a whole message so that's why we use it to derive symmetric keys and use something like aes which is much much faster and this time is 2048 bits so our private key is going to be some this is our a and this here is our g to the a mod n and they're roughly roughly the same size this will be slightly smaller

Original Description

Diffie Hellman has a flaw. Dr Mike Pound explains how a man in the middle could be a big problem, unless we factor it in... Public Key Cryptography: https://youtu.be/GSIDS_lvRv4 Elliptic Curve Cryptography: Coming Soon! https://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Computer Science at the University of Nottingham: https://bit.ly/nottscomputer Computerphile is a sister project to Brady Haran's Numberphile. More at http://www.bradyharan.com
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Computerphile · Computerphile · 0 of 60

← Previous Next →
1 Follow the Cookie Trail - Computerphile
Follow the Cookie Trail - Computerphile
Computerphile
2 EXTRA BITS - Follow the Cookie Trail - Computerphile
EXTRA BITS - Follow the Cookie Trail - Computerphile
Computerphile
3 Musical Floppy Drives - Computerphile
Musical Floppy Drives - Computerphile
Computerphile
4 The Hair Algorithm - Computerphile
The Hair Algorithm - Computerphile
Computerphile
5 Getting Sorted & Big O Notation - Computerphile
Getting Sorted & Big O Notation - Computerphile
Computerphile
6 Quick Sort - Computerphile
Quick Sort - Computerphile
Computerphile
7 Hyper History and Cyber War - Computerphile
Hyper History and Cyber War - Computerphile
Computerphile
8 Entropy in Compression - Computerphile
Entropy in Compression - Computerphile
Computerphile
9 Original Elite on the BBC B - Computerphile
Original Elite on the BBC B - Computerphile
Computerphile
10 IP Addresses and the Internet - Computerphile
IP Addresses and the Internet - Computerphile
Computerphile
11 A Career in Video Games - Computerphile
A Career in Video Games - Computerphile
Computerphile
12 Error Detection and Flipping the Bits - Computerphile
Error Detection and Flipping the Bits - Computerphile
Computerphile
13 Programming BASIC and Sorting - Computerphile
Programming BASIC and Sorting - Computerphile
Computerphile
14 Birthplace of the World Wide Web - Computerphile
Birthplace of the World Wide Web - Computerphile
Computerphile
15 Punch Card Programming - Computerphile
Punch Card Programming - Computerphile
Computerphile
16 Programming Paradigms - Computerphile
Programming Paradigms - Computerphile
Computerphile
17 CERN Computing Centre (and mouse farm) - Computerphile
CERN Computing Centre (and mouse farm) - Computerphile
Computerphile
18 Error Correction - Computerphile
Error Correction - Computerphile
Computerphile
19 Home-Made Code - Computerphile
Home-Made Code - Computerphile
Computerphile
20 Security of Data on Disk - Computerphile
Security of Data on Disk - Computerphile
Computerphile
21 Gesture Controls - Computerphile
Gesture Controls - Computerphile
Computerphile
22 How Intelligent is Artificial Intelligence? - Computerphile
How Intelligent is Artificial Intelligence? - Computerphile
Computerphile
23 Encryption and Security Agencies - Computerphile
Encryption and Security Agencies - Computerphile
Computerphile
24 Virtual Machines Power the Cloud - Computerphile
Virtual Machines Power the Cloud - Computerphile
Computerphile
25 Hacking Websites with SQL Injection - Computerphile
Hacking Websites with SQL Injection - Computerphile
Computerphile
26 How Huffman Trees Work - Computerphile
How Huffman Trees Work - Computerphile
Computerphile
27 Cracking Websites with Cross Site Scripting - Computerphile
Cracking Websites with Cross Site Scripting - Computerphile
Computerphile
28 Cloud Computing (Cloudy with a Chance of Pizza) - Computerphile
Cloud Computing (Cloudy with a Chance of Pizza) - Computerphile
Computerphile
29 Texting Cabbage with a Recorder - Computerphile
Texting Cabbage with a Recorder - Computerphile
Computerphile
30 Hashing Algorithms and Security - Computerphile
Hashing Algorithms and Security - Computerphile
Computerphile
31 How YouTube Works - Computerphile
How YouTube Works - Computerphile
Computerphile
32 How NOT to Store Passwords! - Computerphile
How NOT to Store Passwords! - Computerphile
Computerphile
33 A New Golden Age of Video Games - Computerphile
A New Golden Age of Video Games - Computerphile
Computerphile
34 A Universe of Triangles - Computerphile
A Universe of Triangles - Computerphile
Computerphile
35 Cross Site Request Forgery - Computerphile
Cross Site Request Forgery - Computerphile
Computerphile
36 The True Power of the Matrix (Transformations in Graphics) - Computerphile
The True Power of the Matrix (Transformations in Graphics) - Computerphile
Computerphile
37 The Great 202 Jailbreak - Computerphile
The Great 202 Jailbreak - Computerphile
Computerphile
38 EXTRA BITS - Printing and Typesetting History - Computerphile
EXTRA BITS - Printing and Typesetting History - Computerphile
Computerphile
39 Triangles to Pixels - Computerphile
Triangles to Pixels - Computerphile
Computerphile
40 The Problem with Time & Timezones - Computerphile
The Problem with Time & Timezones - Computerphile
Computerphile
41 The Visibility Problem - Computerphile
The Visibility Problem - Computerphile
Computerphile
42 Lights and Shadows in Graphics - Computerphile
Lights and Shadows in Graphics - Computerphile
Computerphile
43 The Penguin Barcode - Computerphile
The Penguin Barcode - Computerphile
Computerphile
44 Typesetters in the '80s - Computerphile
Typesetters in the '80s - Computerphile
Computerphile
45 The Font Magicians - Computerphile
The Font Magicians - Computerphile
Computerphile
46 The Little Mac with the Big Bite - Computerphile
The Little Mac with the Big Bite - Computerphile
Computerphile
47 EXTRA BITS - More on the Original Mac at 30 - Computerphile
EXTRA BITS - More on the Original Mac at 30 - Computerphile
Computerphile
48 XP to Ubuntu with an 8yr old Hacktop - Computerphile
XP to Ubuntu with an 8yr old Hacktop - Computerphile
Computerphile
49 EXTRA BITS - Hacktop Real-Time Boot Comparison - Computerphile
EXTRA BITS - Hacktop Real-Time Boot Comparison - Computerphile
Computerphile
50 EXTRA BITS - Making a Bootable USB in Linux - Computerphile
EXTRA BITS - Making a Bootable USB in Linux - Computerphile
Computerphile
51 EXTRA BITS - Installing Ubuntu Permanently - Computerphile
EXTRA BITS - Installing Ubuntu Permanently - Computerphile
Computerphile
52 The Dawn of Desktop Publishing - Computerphile
The Dawn of Desktop Publishing - Computerphile
Computerphile
53 What is Bootstrapping? - Computerphile
What is Bootstrapping? - Computerphile
Computerphile
54 Reverse Polish Notation and The Stack - Computerphile
Reverse Polish Notation and The Stack - Computerphile
Computerphile
55 Home-Made Z80 Retro Computer - Computerphile
Home-Made Z80 Retro Computer - Computerphile
Computerphile
56 Should Everybody Learn to Code? - Computerphile
Should Everybody Learn to Code? - Computerphile
Computerphile
57 Programming in PostScript - Computerphile
Programming in PostScript - Computerphile
Computerphile
58 Heartbleed, Running the Code - Computerphile
Heartbleed, Running the Code - Computerphile
Computerphile
59 YouTube's Secret Algorithm - Computerphile
YouTube's Secret Algorithm - Computerphile
Computerphile
60 YouTube Search & Discovery - Computerphile
YouTube Search & Discovery - Computerphile
Computerphile

The video explains the key exchange problem in Diffie Hellman and how a man-in-the-middle attack can be a big problem, unless factored in. Dr Mike Pound discusses the importance of considering security flaws in cryptography.

Key Takeaways
  1. Understand the Diffie Hellman key exchange protocol
  2. Identify potential security flaws
  3. Consider the impact of a man-in-the-middle attack
  4. Factor in security measures to prevent attacks
💡 The Diffie Hellman key exchange protocol has a flaw that can be exploited by a man-in-the-middle attack, highlighting the importance of considering security flaws in cryptography.

Related AI Lessons

Sub-10ms AI Workflows: Accelerating sim.ai with On-Device Semantic Search using Moss
Learn how to accelerate AI workflows with on-device semantic search using Moss, achieving sub-10ms response times and improving user experience
Medium · Machine Learning
Stop Guessing: Guaranteed Structured Output from LLMs in Node.js
Learn to guarantee structured output from LLMs in Node.js and stop parsing JSON manually
Dev.to · Hardik Mehta
Spring AI Tutorial — Your First REST Endpoint with OpenAI (2026)
Build a REST endpoint with Spring Boot 3 and OpenAI to create an LLM-powered API, leveraging the power of AI in your applications
Dev.to AI
Notes: Memory, Context, and Large Language Models (LLMs)
Learn how memory and context work in Large Language Models (LLMs) and potential improvements
Dev.to · Vladimir Panov
Up next
5 Levels of AI Agents - From Simple LLM Calls to Multi-Agent Systems
Dave Ebbelaar (LLM Eng)
Watch →