I wrote a cryptography post quite some time ago which has proven quite popular. I thought I’d make a cartoon video of it so you could just sit back and enjoy it without having to take an active part in “reading” it…

You can always just go through the previous post in your own time absorbing each of the little details if anything in the video attracts your attention.

Hi Planky

That presentation was excellent, really educational and entertaining. I wish you had the time to cover the material at the end in more depth (once you started talking about SSL sessions it seemed to get faster) but obviously there is so much to cover and only so much time.

Thank you very much for the time you put into it, and enjoyed the humour as well.

Hi AccessIT and thank you. I wrote a blog post describing specifically how SSL works. You can get that detail here:

blogs.msdn.com/…/crypto-primer-how-does-ssl-work.aspx

Planky

As an IT security professional, sometimes, not often, I come across an exceptional presentation. This is one of those exception. Well done Planky!

Thanks secure4u. Nice to know I'm on target from time-to-time…

If this kind of thing interests you – have a look at a project I'm running. The prime Challenge (http://primechallenge.org). Also, the DeepZoom of the world's largest known prime number http://aka.ms/DeepZoomPrime

Have fun/

I can't see any video.

Hi Singh. Try going directly to the channel 9 site with the video.

channel9.msdn.com/…/Crypto-Primer-Understanding-Encryption-Certificates-PublicPrivate-Key–Digital-Signatures

Planky

@plankytronixx

Hi Planky,

Your post is amazing, but I have question .

To open a file which is password protected without knowing the password requires brute force attack as per cyrptography.

The file is secure only because using brute force will require billons of combinations and even the best super computers in the world require hundrends of years.

Now with big data technology in place, distributed computing becomes cheap. Can an attacker use big data technology to distribute the work of trying billions

of combinations to millons of computers?. In that case brute force attack instead of taking hunderds of years, might just take days….

Will big data technology make offline secured information prone to brute force attack ?

Thanks

Purojit

Hi Purojit – Yes, there is a real risk that keys could be cracked using clusters of millions of computers. In fact. calculating primes on a modern computer is fairly trivial. I ran a challenge about a year ago called "The Prime Challenge". The aim was to use cloud computing to see how big a prime number you could calculate using the free Azure hours you get from an Azure subscription. Even in that, the biggest prime we had was 324,000 decimal digits from a continuous run of less than 24 hours. When you consider that keys for SSL are usually only 2,048 *binary* digits it makes prime calculation for the purposes of cryptography look trivial. The biggest prime ever found is 17.5 million *decimal* digits.

I'd say this is more of a big-compute problem than a big-data problem. Using millions of computers to do millions (or billions) of simultaneous calculations in a brute force attack. Cloud computing and the ready availability of compute-nodes certainly makes this much easier. I guess we'll start to see brute force attacks that do indeed harness that compute. And I'm imagining the response will be even longer keys. Or quantum computers. Or some other technology.

Yes, indeed, this is an arms-race.

How is (27/10 + 4) x 3 equal to 50? (2.7 + 4) x 3 = 6.7 x 3 = 20.1, not 50. Am I missing something obvious/important? Thanks!

Good point, well put. That post has been up for almost 2 years and you're the first person to notice it.

You therefore win a T-Shirt. Email me at splank@microsoft.com with your address and I'll send it over…

Take the spirit of what I say in that part of the article, even if the facts are wrong!