The Mathematical Mesh

All these videos can be found on the Mesh Video Channel

An introduction to information security using cryptography.

This first module describes the principle of Work Factor and how it distinguishes modern cryptography from the pencil and paper puzzles that went before.

In the previous module we looked at Work Function and how keys play an important role in cryptography, the more keys, the more functionality. In this module we look at how we can do some really interesting and useful cryptography without using any keys at all.

Message Digest functions are the basis for many important cryptographic and non-cryptographic applications and services including Google, Akamai, the GIT source code manager and of course BitCoin and every other Blockchain type scheme.

The third part of PHB's cryptography course describes the use of message digest functions and introduces the idea of one way sequences.

In the first of two modules on symmetric encryption, PHB describes the use of stream ciphers and a cipher that is mathematically impossible to break and how that impossible to break cipher was broken.

PHB continues his account of encryption with a description of block ciphers and how to use them.

In this module, PHB describes the use of a secret key to protect integrity. A standalone integrity check is called a Message Authentication Code. But standards groups have recently started encouraging the use of cipher modes that provide integrity and encryption in a single pass.

At this point in the course we have all the technologies we need to develop a practical security infrastructure capable of protecting information assets within a large organization. Although Kerberos was designed in the mid 1980s, it is still in widespread use as part of Windows. If quantum computing should ever prove practical, we may need to return to these principles.

Kerberos is a powerful key distribution infrastructure. But it only works for a closed community such as a university campus or a corporation. Kerberos is not quite powerful enough to make Internet commerce possible because it requires us to have pre-established a shared secret with a key distribution center before we can have secure communications.

Public key cryptography lifts that restriction by introducing separate keys for separate roles. The key that is used to encrypt information cannot be used for decryption.

Public Key cryptography can also be used to protect integrity. Anyone with the verification key can verify a digital signature. But the signatures themselves can only be created using the separate signature key.

In module 7 we saw that Kerberos allows us to apply symmetric cryptography to encrypt and authenticate data in closed communities. Public Key Infrastructure allows those same capabilities to be provided in large, open communities including the Internet.