Encryption is the fundamental technology underlying Tor. In this video, Mike Chapple explains how cryptography works.
- [Instructor] Cryptography is one of the most important controls available to information security professionals. Encryption protects sensitive information from unauthorized disclosure in many different environments and many other security functions depends upon cryptography including the Tor network. So before we dive into the technology behind Tor, let's quickly cover some basic cryptography. Cryptography is the use of mathematical algorithms to transform information into a form that is not readable by unauthorized individuals but provides authorized individuals with the ability to transform that information back into readable form by again using a mathematical algorithm through decryption. Cryptography depends upon two basic operations. The first, encryption converts information from plaintext form into an encrypted version that is unreadable. This is known as ciphertext. The second operation, decryption performs the reverse transformation using an algorithm to transform encrypted information back into plaintext form. Now I've used the term algorithm a few times. If you're not already familiar with algorithms, they're simple a set of mathematical instructions that you can follow to achieve a desired result. Think of an algorithm as a mathematical recipe. Algorithms are very similar to computer code and in fact, computer code is often designed to implement mathematical algorithms. Let's take a look at a basic algorithm designed to convert temperatures from Fahrenheit into Celsius. The algorithm has an input for temperature in Fahrenheit and then it takes that input through a series of steps. First, it subtracts 32 from the input then it multiplies the result by five and divides that result by nine. Then it provides the final result as output which is the Celsius equivalent of a temperature that was input in Fahrenheit. Encryption algorithms work in similar ways except that the steps are different. They have two inputs: the plain text message and an encryption key. The algorithm then goes through a series of mathematical steps that transform the message using the key. The important thing to know is that these steps are complex in nature and the use of a strong encryption key makes them impossible to reverse without access to the key. The output of this encryption process is an encrypted message. If you were to open up the message, you'd find that it's no longer readable to the human eye. It would look just like a bunch of digital garbage. When you do need to reverse the encryption operation and access the original data, you do so using a decryption function. Decryption functions also have two inputs: the encrypted message, otherwise known as the ciphertext and the decryption key. The function then uses the decryption key to follow another series of complex mathematical steps on the ciphertext message. These steps reverse the encryption process and restore the original data. It's important to know that you can't decrypt a message without access to the appropriate decryption key. Protecting the secrecy of the decryption key preserves the security of the encrypted data. The output of the decryption process is that plaintext data and that's how encryption works.
- What is the dark web and who uses it?
- The purpose of the Tor Browser
- Cryptography and perfect forward secrecy
- Installing the Tor Browser
- Accessing the standard internet with the Tor Browser
- Safeguarding privacy on Tor
- The role of hidden servers on the dark web
- Locating and accessing hidden websites
- Vulnerabilities in Tor