How End-to-End encryption Works?
In this video I explain End to End encryption within the context of WhatsApp. I explain how encryption and TLS works then the problem of having a centerlized server decrypting the traffic, I then talk about how end to end encryption (e2e) can help mitgate that and finally I explain the problems with e2e encryption
* Classic Encryption Example 1:00
* End to end encryption 3:25
* Problem with E2E 7:30 Web Trust? Fingerprints/CA (QR whatspp)
🏭 Software Architecture Videos
• Software Architecture
💾 Database Engineering Videos
• Database Engineering
🛰 Network Engineering Videos
• Network Engineering
🏰 Load Balancing and Proxies Videos
• Proxies
🐘 Postgres Videos
• PostgresSQL
🚢Docker
• Docker
🧮 Programming Pattern Videos
• Programming Patterns
🛡 Web Security Videos
• Web Security
🦠 HTTP Videos
• HTTP
🐍 Python Videos
• Python by Example
🔆 Javascript Videos
• Javascript by Example
👾Discord Server / discord
Support me on PayPal
bit.ly/33ENps4
Become a Patreon
/ hnasr
Stay Awesome,
Hussein
Пікірлер: 73
Great video Hussein. If I may explain this for your audience with some math - · Bob generates a private key number X · Alice generates a private key number Y · There are publicly known numbers A and N provided by the server. · Bob does A raised to X and sends the number to Alice · Alice does A raised to Y and sends the number to Bob · They both raise what the other sent with their own secret key i.e. Bob now has A raised to YX and Alice now has A raised to XY which is the same number. They also mod it with N to get a manageable number between 0 and N. They now have the same secret key without knowing each other's private keys and without the server knowing the final key. The server only knows A and N. The trick is to make X, Y and N sufficiently large to make reverse engineering near impossible.
@hnasr
4 жыл бұрын
Thank you for sharing the math behind DH!! So easily explained!
@hnasr
4 жыл бұрын
Your comment inspired me to redo the TLS 1.3 video in more details! Check it out goes out this Saturday. I also shout you out.. you have been great contributions to the community
@inquisitive8086
4 жыл бұрын
@@hnasr Awesome ! Your content is always amazing
@jivanmainali1742
4 жыл бұрын
But how would then server get headers where to send data??
@nathansherrard4111
3 жыл бұрын
Point of clarification - it's actually important Bob and Alice send A^x mod N and A^y mod N, respectively. The "mod N" is not just for getting things down to a manageable number at the end - it's also the foundation for the "hardness" of Diffie-Hellman, i.e., the discrete logarithm problem. It's only difficult to find X given A^X when you're in the discrete case: A^X mod N.
man you're the most backend youtuber in the entirety of KZread, love your content 👍❤❤👍
Even without graphics and illustrations - this was an excellent and clear explanation !
And I really thought WhatsApp works with Asymmetric all the time. Each user has their own private/public key pair. But you made it clear now that it works similarly to TLS 1.3 Diffie Hellman. 👌
You look good in groomed beard and I agree that you are the rarest of backend youtuber.
Great video Hussein. I have a doubt. I read that private key is stored locally. So, if you log out all your previous data is lost (even if it's stored on server, it will be encrypted and since you lost the private key, you lost those messages). So, how does telegram works. Like I can log-out and log-in, use different devices and, I get all of my messages. So, are they storing private key somewhere? Or how does it work?
Nasser, I like your way of explanation bruh. BTW I found you a double. Search Syed Shafaat Ali, your lost brother, he's too an engineer, but he turned comedian and imitation performer. You both are prominent in your profession. Godspeed
The explanation couldn't have been any better... Great job🤝
Great explanation!! Can you explain the Signal Protocol. The Double Ratchet Algorithm !!
Such a great explanation. Thanks, Hussein!
@hnasr
4 жыл бұрын
Thanks Uli!
Buddy your videos are really addictive.
That last CA you talked about was DigiNotar....darket diaries made a video about that.
You are awesome Hussein! please upload more. Thank you for this video.
fantastic, so basically double encryption
Great video. Thank you! Btw for persistence do we store that encrypted thingy in the DB directly?
Can u pls explain signal double ratchat algo and how to implement it . That will be very helpful
The topic you talked in this video would by understand by me only if you wold use any animation presentation boss
Great contente. The best backend channel 🖤
Excellent explanation, no need for fancy visuals if it makes sense!
cool video)
Great explanation. Thank you for your efflorts
@hnasr
3 жыл бұрын
Glad it was helpful! thanks Sara for your comment
Many thanks
But since the exchange of the public keys still go through the same service. The Service could just exchange the keys (from A to B and visa versa) and store it for future decryption when messages are being sent. You have to trust that the server does not retain the exchanged public keys. So the most secure way is you could exchange the keys would be exchanged through some other medium (email/sms/piece of paper/verbally etc). But this is very user unfriendly. In order to solve this vulnerability and user unfriendly side effect they employ a technique called the: "Diffie-Hellman" key exchange. See en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange for a graphical explanation.
Great explanation
Sorry but can anyone here please explain to me that what is Security Aspects that he means in the video? Thank you so much
Great talk Hussain, it's been really long since we had a chat. It would be interesting if you talk about certificate pinning.
@hnasr
4 жыл бұрын
Ali its been a while my friend! I was scheduled to come to Bahrain in April but had to cancel :( Thanks for the suggestion Ill need to research that topic.
@AliAlmahdi
4 жыл бұрын
@@hnasr I hope to see you as soon as this epidemic ends. Best of luck bro.
Very nice
Can you please make video about client-side encryption in javascript
Small doubt out of context though. I know CA is the one who verifies the public key we get from https websites. But how does it verify?
@hnasr
4 жыл бұрын
The CA generates certificates for a domain and sign it with its private key. The client verify the certificate by using the CA public key and make sure it matches the signature.. just discussed this in length here Certificates and Certificate Authority Explained kzread.info/dash/bejne/qpN9mLOcY5i2pbQ.html
Great one... which podcast do you listen ?
@hnasr
4 жыл бұрын
Kapil Bagul software engineering daily my favorite check it out!
@kapilrbagul
4 жыл бұрын
Hussein Nasser - Yes I do listen to Software Engineering Daily from last 6 months. Loving yet along with your KZread channel 👍
Bro, give me an answer. Where do you study all this from
@hnasr
4 жыл бұрын
Vrunda ONE in weekends I listen to podcasts, watch youtube videos, read RFCs. And most importantly topics suggested from comments on my KZread channel. 😊
Nice visual explanation😂
gone overhead :( try with some images, diagrams etc
@sanilkhurana3991
3 жыл бұрын
Watch his video on tls 1.3, he has a diagram in that. It is very similar to that
The classical two generals problem
Hey can u talk about searchable encryption
@hnasr
3 жыл бұрын
I did in a members only video and my introduction to database engineering course- homomorphic encryption
WhatsApp video call good r bad answer me bro. End to end encryption
If public part of the keys are meant to be public, why use DH to exchange them ?
Calls for a open-source messenger!
How to get his phone number
like
nice ps2
i don't care if somebody reads my message, but i want to know how to hide it. It's just for fun :D
@hnasr
4 жыл бұрын
I agree ☝️ it is fun!
How to get phone number of this guy
Pro tip, Use More than two hands to explain things..or just use a diagram.
aka Signal Encryption.
@hnasr
4 жыл бұрын
Reading about this now thanks Daniel! We need Signal encryption to completely trust the process. Open source ftw
@danieldaschle
4 жыл бұрын
@@hnasr The problem with the WhatsApp implementation is, that they have a functionality to generate new keys without having the old key. Means Facebook could read your massage if they want. In other words. Your private key is stored on the Facebook servers. There was a Guardian article about that. Because of that, the WhatsApp encryption (implementation of it) is not better than a common transport encryption.
@hnasr
4 жыл бұрын
Aha ! could you probably get a link to the guardian article? If they are storing the keys its a completely useless. I thought the idea is to use DH end to end to generate the keys and the server just relay the messages.
@danieldaschle
4 жыл бұрын
@@hnasr i think it was this: www.theguardian.com/technology/2017/jan/13/whatsapp-design-feature-encrypted-messages
@danieldaschle
4 жыл бұрын
And some rumors says, that police has access to WhatsApp chats if they need. I think that could be true.