If you're seeing this message, it means we're having trouble loading external resources on our website.

If you're behind a web filter, please make sure that the domains *.kastatic.org and *.kasandbox.org are unblocked.

Main content

What should we learn next?

Help decide what's next! What do you want to learn? Created by Brit Cruise.

Want to join the conversation?

  • male robot hal style avatar for user Alex Kuznetsov
    I have a question for you, Brit:
    How secure is public Wi-Fi? How much confidentiality you can expect when using it in some cafe?
    There must be some encryption between my phone / laptop and web-site i am browsing (e.g. when logging in Facebook). But Wi-Fi point owners can have access to all the data which is going through it... or can't they?
    (229 votes)
    Default Khan Academy avatar avatar for user
    • male robot hal style avatar for user Cameron
      WEP is like Swiss cheese...full of holes. WEP can now be broken with a standard laptop in under 10 minutes.

      Almost everything about WEP was implemented very poorly. It is a really great case study demonstrating 1) why non-cryptographers shouldn't develop encryption schemes 2) why it is a really good idea to publish your encryption schemes (Much better to have a friendly cryptographer break your scheme and tell you your scheme has problems, than keep it secret, and think it is secure while a criminal breaks it and doesn't tell you) This is the one thing they got right with WEP.

      WPA fixed some things with WEP, but the community is poking holes in it too. The community has broken WPA-TKIP in under 20 minutes now.

      WPA with AES appears to be okay for now, but many people are not using it (many people have older routers that don't support it ).
      (228 votes)
  • male robot hal style avatar for user Cameron
    How does the encryption/decryption for DVDs and Blue Rays work ?
    (292 votes)
    Default Khan Academy avatar avatar for user
    • mr pink red style avatar for user brit cruise
      Vote up Camerons question if interested in Advanced Access Content System (http://en.wikipedia.org/wiki/Advanced_Access_Content_System). Good idea!

      In the meantime, this is a really interesting excerpt from an article I read on this subject - Interesting how time sensitivity plays a role in the studios strategy:

      Since some of you might now be gearing up to buy a Blu-ray player, here's how it works. Studios will hire software developers to encrypt their latest releases. Someday, hackers will find a flaw, crack the encryption and post the movie on the Internet. Once the movie is out in the wild "there is no way to make it unplayable," Kocher said. "You can't put the genie back in the bottle."
      The studios, however, are banking on the idea that it might take months to crack a particular encryption scheme. By that time, the studios will have hoped that they have already pulled in the bulk of the revenue from that movie or title.
      "Their business model is to make money in the first few weeks of release," he said.
      That doesn't work with "Lawrence of Arabia." Film fans will likely be renting or buying that for years, so the studios will lose money on future sales.
      But "Harold and Kumar Escape from Guantanamo Bay" or "Predator versus Alien versus Martin Lawrence as Big Momma"? How many people will be renting those movies three months after the initial release date on Blu-ray? I mean, other than film students writing a thesis? It's not like were talking about "Die Hard with a Vengeance" here.
      Think of it. Go to your local video store and look in the section where they keep the movies from the 80s. When was the last time you had a burning desire to see "Ladyhawke?" It's like visiting a refugee camp.
      Once a given encryption scheme is cracked, the studios then can shift to a new encryption scheme to start the cycle all over again. Hackers could try to break Blu-ray by creating a virtual copy of the hardware and thus fool the encryption on the disks, but that will be tough. "A Blu-ray player is a complicated piece of hardware," he said.
      (91 votes)
  • piceratops ultimate style avatar for user bennette1916
    Just Curious: What is Quantum Cryptography? Is it just using a specific atoms quantum state to get a seed for a pseudorandom number, or is it something completely different? If it's different, could you please explain what it is?
    (125 votes)
    Default Khan Academy avatar avatar for user
    • leaf green style avatar for user Kris Kalavantavanich
      There are different ways of quantum encryption: quantum entanglement for example, and each works differently.
      I was first introduced to the BB84 protocol, what I am about to explain below (in a nutshell). In normal classical encryption, you can't detect whether Eve's listening to your message. However, in quantum encryption, you can detect it. There is more to it, and that require Brit Cruise and his team to enlighten us.
      (52 votes)
  • leaf orange style avatar for user ☢Arjun Peddireddy☢
    Hi brit i was wondering when will some new videos be put up. I really enjoy watching your videos so I go to khan academy every hour just to see if you have a new video put up.
    (39 votes)
    Default Khan Academy avatar avatar for user
  • blobby green style avatar for user stanelburger
    How does one prevent Man in the Middle attacks?
    (56 votes)
    Default Khan Academy avatar avatar for user
    • aqualine seed style avatar for user Daniel Beecham
      +wariolandgoldpiramid that's what a MITM (Man In The Middle) attack is.
      For example; say you have a wireless network called "strong_net". What you aren't seeing searching for wireless networks however is that there are multiple access points to this network, and the computer will just pick the strongest one.

      If I set up a computer network which mimics this network (i.e. same name), your computer will connect to my network instead (without you knowing). Now I can transparently reroute your traffic through my computer and onto the internet. When you log into a site, I can read your information.

      MITM attacks, then, is more of a computer science question, not so much a cryptography question. Cryptography assumes a MITM attack, but the middle man cannot read the information anyway (I'd be Eve!).

      Also, the Sony breach is not a MITM attack, but an attack called "SQL injection". This is already turning into a wall of text, so I'm not explaining it right here, but you can search for it.
      (28 votes)
  • blobby green style avatar for user sherlock310
    An understandable intro to hashes is sorely needed, I haven't found much help elsewhere on the internet. Also, a discussion of key sizes and why DES has given way to AES and Twofish would be another great advanced lesson.
    (42 votes)
    Default Khan Academy avatar avatar for user
    • mr pink red style avatar for user brit cruise
      I agree. I didn't explicitly mention them yet, though we can easily define them now since random mapping has been introduced. I'll definitely start with hash functions before getting into block ciphers and substitution permutation networks
      (24 votes)
  • blobby green style avatar for user danielkonge
    Hi Brit, I was wondering how the cryptography changes as the computers get faster and faster, primarily I am thinking about quantum computers here - how do they affect the current encryption and which kind of new encryption are considered? Is there something entirely new coming or is it just a "expansion" of the currently working?
    (31 votes)
    Default Khan Academy avatar avatar for user
    • leaf red style avatar for user Ruud Koot
      As regular computers get faster we can simply increase the size of the encryption keys. Quantum computers, however, are able to solve many of the difficult computational problems underlying cryptographic systems much faster (technically, in the RSA cryptosystem a regular computer would need an amount of time that is exponential in the size of the key in order to factor it into prime numbers, while a quantum computer can do it in polynomial time using Shor's algorithm.)

      However, the laws of quantum mechanics also allow for a new kind of quantum cryptography. This works by encoding each bit of a message we want to transmit as a qubit, a quantum bit. Roughly speaking, instead of storing simply a zero or a one like a regular bit, it can store an arbitrary superposition of the state zero and the state one. Think of this as a sort of angle. For example, Alice and Bob can agree that an angle of X degrees represents a zero, while an angle of X + 90 degrees represents a one. Measuring the qubit at X degrees will then give us a zero if the qubit was in the X state and a one if the qubit was in the X + 90 degrees states. However if we measure at X + 45 degrees, we have a 50% chance of getting a zero and a 50% chance of getting one. The result is that an eavesdropper Eve is unable to intercept the message if she doesn't know the angle X that Alice and Bob agreed on. Another interesting effect of quantum mechanics is that measuring a qubit changes its state. Alice and Bob are thus able to detect that Eve is trying to eavesdrop on them.
      (35 votes)
  • male robot hal style avatar for user Wayming
    Could you tell us more about encryption, computer security, etc? I think it would be great if we could learn about how an antivirus program, say AVG, works to find and destroy viruses. You could even tell us how the cookies that keep us logged in on Khan Academy work.
    (30 votes)
    Default Khan Academy avatar avatar for user
  • male robot hal style avatar for user Patrick Farrell
    This series really paid off with the Diffie Helman and the RSA videos! I've never seen a more comprehensible explanation that starts to get into the nitty gritty of the algorithms.

    How does signing work? Specifically, what do the decryption algorithms do to allow Alice to verify Bob's message wasn't altered by Eve? What's the difference between signing a message and signing a key... algorithmically? I don't expect answers in this forum, but those were the things on my mind as I finished this trail. Great work, Britt!
    (22 votes)
    Default Khan Academy avatar avatar for user
  • blobby green style avatar for user David
    I would enjoy listening to something on bits of entropy and how it relates to password strength. Also, on some of the attacks used to break or weaken cyphers.
    (20 votes)
    Default Khan Academy avatar avatar for user
    • mr pink red style avatar for user brit cruise
      Entropy will be fleshed out in the next series on Information Theory - stay tuned. In short: a password which is chosen at random is strongest, period. This is because it's equally likely to be anything. Entropy is a measure of uncertainty (expressed in bits), so we would say higher entropy = stronger password.

      I agree attacks should be be explored. We just need to decide what kind of attacks we look at first. Please vote up stanelburger's question on man in the middle so we can help set priority.
      (11 votes)

Video transcript

You've reached the first checkpoint in the Journey to Cryptography series. And now I want to talk about what's next, because I'm working on a new series. However, this one won't end here. And if anything, we're kind of at the beginning still. So I'm going to do three different checkpoint videos. This one is on advanced lessons. However, I also want to eventually talk about tasks and challenges and what we can do with more interactive explorations and computer science lessons as it applies to cryptography. But for now, let's talk about advanced lessons. And when I say advanced, I don't necessarily mean harder lessons. I mean more detailed. And let me give you a conceptual idea for what I think this series could be, and future series. I like to think of each series as the trunk of a tree, where I took you from prehistoric times to around the 20th century, which is here, with a few different threads. And these ideas kind of branch apart. Once you hit the 20th and 21st century, they start getting highly specific. And way down here on the leaves are current research questions, which over here might be problems related to prime number distribution, and over here some very specific work being done on randomized algorithms or hash functions. And, say, up here, we might have new public key protocols because RSA was just the first. Or we also have encryption standards such as DES and AES. We would have a whole new branch on quantum cryptography. So as you can see, there's so many different things that branch out of this series. And I couldn't possibly do justice to them all. So I think of this video as living right here. It's kind of a junction point. Now I could branch off with the help of the community and possibly other video creators to fill out this tree gradually over time, specifically with the help of the community. And I'm really excited about the question and answer community and the work being done to improve how people can help people on Khan Academy. So for example, in terms of where one of these branches can go, I've noticed clusters of questions kind of leading into a common branch. For example, under the pseudo-random number generator-- I have two questions here, one by Sonnie and one by Drakain. Drakain's question is, "Why has he suggested that time in milliseconds is a suitable random seed? This is a huge no-no in security. The time it is on your machine is the time is on my machine, give or take 100 milliseconds, which can be brute force attacked." And again, this is a great question, too, because it speaks to the need that I didn't present a cryptographically secure pseudo-random generator. So the middle squares method is back here in the early 20th century. But up till today, we are not using the middle squares method. And that's a whole interesting branch. And it's these sort of questions which cluster together and really drive new content. And I want to show you a really interesting example of how this has happened already. This is a question Samuel asked on the One-Time Pad video. He said, "Wouldn't a computer be able to test all possibilities very fast?" And Chumpatrol basically asked the same question here. I see this happening a lot, similar questions. All speak to the need of a new video. So I went and created a video on perfect secrecy, which really nails down how you can't beat randomness in the world of encryption. And out of this video, Dawn made a really great comment. And what they did was basically summarize my video in two sentences. So this is what I want to try to do more of in filling out these branches-- take questions, make new content, and have this kind of feedback loop, and see what we can do. So now what I would really love is for you to ask questions below this video, which arise after watching the entire series. So not specific details about certain videos, those can go with the videos. But new questions, which are kind of opening a new can of worms. And what I think will be fun to do is your question will lead to answers by both me and the rest of the community. So we'll have multiple answers. And what I can do is take this body of answers, and out of this, draft up a rough script for more advanced videos on specific topics that subsets of the community care about. So hopefully out of the discussion below, over time we can grow a bunch of new videos. And I want to be clear. This is an ongoing process. So this won't happen tomorrow or next week. I hope it can happen months and even years from now. We can still be building out new videos off this series, and these videos can be a collaborative effort between myself and the community and perhaps other video creators down the road. So let me know what you think below and let's get started.