Blog Post

Crypto Primer: Understanding Encryption, Certificates, Public/Private Key & Digital Signatures

Play Crypto Primer: Understanding Encryption, Certificates, Public/Private Key & Digital Signatures
Sign in to queue


If you Bing (or Google!) "Crypto Primer", an article I wrote on my blog some time ago will come back as the first result. It seems to have been a very popular read and is linked from all over the Internet. From the email I've received about it, I think people have always been vaguely curious about what goes on under the covers when they use certain security APIs, or have to set up certificates in a specific order and that blog post explains it.

Well, now I've created a video; a "cartoon" if you will, of the blog post which explains crypto in animated form. You should walk away with a good understanding of how public/private key works and why things like digital signatures, certificates, hashing, CAs, PKI and so on end up as part of the crypto conversation. Maybe if you find it very intriguing, you might want to watch it then read the article at your own pace.

Hope you enjoy the video.





Download this episode

The Discussion

  • User profile image

    Great talk, thank you! Smiley

  • User profile image

    Thanks bPratik. Hope it helped your understanding...

  • User profile image

    Collisions for MD4 have been known for more than 15 years. These days finding a collision takes less than one second. Likewise, collisions for MD5 can be found in less than one minute. Both are considered totally broken from a security point of view.

    Amateurs shouldn't be writing about cryptography.

  • User profile image

    Hi carstenbh,

    Thanks for the insight. I had considered posting some example collisions - there are examples on the net. Ron Rivest predicted collisions for MD4 many years before it was released, which was 23 years ago and the creation of collisions for fixed-length function outputs have been known for many hundreds of years.

    Yes - there are groups who assert that MD4/5 are broken, with the availability of modern high-speed computers. MD4/5 are still heavily used as the digest in many systems and protocols so I guess we live with what's out there in the real world. We have to be realistic about what we want to change and what's already in circulation

    What you say about finding MD4 collisions is interesting. When you say they "can" be found in less than one second do you mean "it has been shown to be possible to do it in less than 1 second" or "you will find a collision in less than 1 second". I didn't know that, if it's the former. Could you post some example code that would do it? - and I'll add that factoid in to the video. It'd certainly make it more interesting showing a demo spewing out MD4 collisions at 60 per minute! That'd be incredible!

    "Amateurs shouldn't be writing about cryptography" - I guess you can please all of the people some of the time, or some of the people all of the time - but you can't please all of the people all of the time Sad 

    Thanks for the expert insightful observations on MD4 collisions.


  • User profile image
    Captain K

    Your vid is a great intro to crypto. You don't say anything in it that's wrong. It's just that since the widespread use of GPUs it's become possible to calculate hundreds of millions of hashes a second. Also there are weaknesses in MD4/5 that allow you to calculate collisions directly - not sure how fast you could generate them though. You'll see MD4/MD5 used less and less as time goes forward in preference to other hashing functions.

    It's a good vid that does a good job of explaining what most see as a black art. You demonstrate the math but you even emphasize that you don't understand why it works that way. I say that's enough for most people. It's not the math that's important to developers who use crypto APIs, it's the principles. That's what your vid captures.

  • User profile image

    I wish I'd watched this before I tried to get SSL working on IIS. It all makes perfect sense now. It's more than I need to know but it fills in all the blanks and I'm sure it's given me the background I need to troubleshoot next time I get a certificate error...

  • User profile image

    planky (weird name but cool) this is a really good overview. i saw the written version on your blog too. ive sent lots of workmates to have a look and watch the vid. neat job. its untangled lots of questions I used to have. thanks.

  • User profile image

    one of the best explanation i read recently. thanks.

  • User profile image

    Really great explanation, thank you!

  • User profile image
    Digital signature certificate

    Thanks for sharing such an awesome post. This is very informative and helpful, share more post
    like Thank you so much for providing such useful content.We are also provide in digital signature certificate in Delhi.

Add Your 2 Cents