If you're seeing this message, it means we're having trouble loading external resources on our website.

If you're behind a web filter, please make sure that the domains *.kastatic.org and *.kasandbox.org are unblocked.

## Computer science theory

### Course: Computer science theory>Unit 2

Lesson 4: Modern cryptography

# RSA encryption: Step 1

Introduction to why we would need RSA. Created by Brit Cruise.

## Want to join the conversation?

• Who noticed that he ends videos on cliff-hangers a lot?
• It is not to get you to watch the next one! I think that this whole section is one big video, split into pieces so it's not an hour long. If you look at the end of one and the begining of the succeding snippet, a small chunk is exactly the same. That chunk is on both videos to give you a relatively convenient ending spot, then on the following again to give you a good idea about what the preceding video is about.
• couldn't eve just find the opposite of the public key and add it to the mixture?
• The idea is that she can't. Not easily. Example is bad in a way it uses colors, since you can actually find complementary color very fast. But actual RSA uses real, proven trapdoor function which is explained in the later videos.
• Around Britt says that Alice could openly send the lock to Bob. What if Eve(an interceptor) got it and the open lock never got to Bob?
• Bob could just ask Alice to send another lock.

A bigger problem occurs if Eve intercepts Alice's lock and then sends Bob a lock that Bob thinks belongs to Alice, but actually belongs to Eve. Bob will unknowingly use the lock and send the package to Alice. But Eve could intercept the package, open her lock, read the contents, relock it with Alice's lock, and then send it Alice. Neither Alice nor Bob would be aware that Eve has seen the contents of the package. This is known as a "man in the middle" attack. The solution to prevent this type of attack is for Alice to sign her locks.
• couldnt eve just find the complementary of cyan?
• With colors, if you are a few ppm (parts per million) of each primary color off, you will still get pretty close to the same color at the end right? But with numbers, missing by a couple will make the final answer waaaay off, because with each multiplication, division, combobulatoriation and whatnot, the number you are off by gets bigger and bigger.
• Aren't red and green complementary colors?
• Yellow = Red + Green
Orange = Red + 1/2 Green
Blue = Blue
Purple = Red + Blue
RGB tells us that Red and Cyan are complementary. Red and Green gives Yellow (see top).
• Isn't this kind of like the Diffie-hellman key exchange?
• I think they look very similar. It seems to be the same basic concept of encryption, but the twist is how it is used with multiple communication lines. See verses
(1 vote)
• Starting from , the example given with colors requires that Alice sends the complementary color of red (cyan) and Eve intercepts it, then Eve can get the secret red from getting the complementary color of the cyan which she intercepted and is not too hard to do. When Bob sends his color, then Eve will have the red to be able to find the secret color. Is this a flaw in the explanation, my reasoning, or is it more complex and difficult in a way not easily demonstrated by this example?
• Here's the misconception in the above:
"Eve can get the secret red from getting the complementary color of the cyan which she intercepted and is not too hard to do "

In the example, from to , it says that, for the purposes of the example, figuring out complementary colors is assumed to be hard to do i.e. it require the machine that only Alice has
(1 vote)
• How would Alice communicate to Bob? In this case, only Bob can communicate to anyone else.
• She would do the same -- get Bob's public key and encrypt messages using it.
• How well would it work if Eve could stop the communication, Eve is shown like this:
E
A-^-B
What if it was more like this:
A-E-B
Couldn't Eve pretend to be both and have an apparently secure connection to both?
(1 vote)
• Yes, Eve could launch a man in the middle attack, which is why it is very important for public keys to be signed so that they can be authenticated by their users. In practice, public keys are signed by a Certificate Authority (see https://en.wikipedia.org/wiki/Certificate_authority) which people trust.