📢 *Holiday & New Year Promotion* 👉 Practical TLS for only $55 _(originally $297)_ 💻 Use code *FROM2024TO2025* --> pracnet.net/tls 📅 Offer expires Jan 4
I am not an IT professional of any sort. I like learning new things. TH-cam has opened a world of knowledge to anyone. People like you lead the way to that end. I found your videos to be the best in your field. They are truly the easiest to understand both by the way you explain and the video graphics. I think your true calling is to be a teacher because you are a natural. I am from a country were teachers are highly respected. Unfortunately this not the case everywhere. I appreciate all your hard work.
Thanks for the kind words, Admin. Messages like this are a great encouragement to continue producing videos. I hope I can continue to contribute to the knowledge of world. Again, thank you.
Thank you for this amazing series! Now that you're done with the concept, hope you could also include real life examples on how this works (e.g. Inspection of Certificates, observing records on Wireshark, etc.) Anyway, keep it up dude! Love how you discuss these things.
Not done yet =). In the upcoming weeks I'm releasing videos on RSA, DH, and DSA. All that other stuff (certificates, records, wireshark, etc...) is covered in the full TLS course: classes.pracnet.net/courses/practical-tls
As usual, through and complete explanation, looking for DNS, F5, Multicast, BGP, and Security related Advance stuff from you in coming days. Thanks a lot, Ed.
Thank you again for dedicating the most important thing we have (our time) in making really well made videos.Your videos are the most technical i've seen.greetings from a TLC engineer..best regards.Paolo.
Thank you so much for making this series. You have presented information extremely well and I have been able to follow your tutorials completely. One quick question - At 5:37 of this video titled "How SSL & TLS use Cryptographic tools to secure your data - Practical TLS", you mention that the Certificate is signed by CA and it provides authentication. Should it be authentication + integrity? From the previous lesson on Signatures, I understood that signatures provide authentication and integrity.
When Asymmetric Encryption is used to perform secret key exchange, it requires 4 keys - 2 for the server (1public+1private), 2 for the client(1public+1private). This illustration shows only the server side of the asymmetric key pair. Who generates the corresponding pair for the client and how?
From what I understand, the Client just uses the Public Key of the Server to encrypt the Symmetric Key, so that the Server gets a copy of the symmetric key. Not sure why it needs the key pair from the client, since it already has a copy of the symmetric key.
Great explanation, what if MITM occur during sharing of Secret key and attacker replace the secret key with his and encrypt it with server public key and send it to server . What will be the mitigation in this scenario
Great question, Rahul! You should consider the course, I have a feeling you would love it =). To answer your question.. in such a case, remember the Client is still going to be using the value they generated and sent to the server (which was interrupted by the MITM). So even if the MITM and the Server end up with identical session keys, it _will not_ be the Session Key used by the Client -- therefore, there is no possibility of compromising data. It's as if the MITM has it's own, independent, SSL connection with the Server.
Thaaaaaanks a lot. Your vid’s are Greta! Have a question: Why does a client trust a ca? Or how can a client make sure the certificate that a server provides which is signed with the private key of a ca is actually trustworthy and belongs to the server?
how do you 'combine' hashing with encryption? if you're sending the MAC over the internet, aren't you defeating the purpose of encryption, given that the message is sent unencrypted with the digest embedded in it?
Hey I have a couple questions. If my wording is not the best please ask for clarification lol. 1. I notice the host does not have a pub/priv key pair. Is this just to simplify the demonstration? If not, then how would asymmetric key encryption work? 2. MAC and CA work together by using the certified public key to encrypt the hash. If the host can unencrypt the sent hash with the public key, and then calculate the hash of the message, it ends up proving the integrity and the authentication. Now my question is; what if it is client-client communication? Will they instead resort to signing messages, or will they generate some kind of their own certificate. Thanks a bunch man you are really the G.O.A.T. I will be looking into your course for sure if i can scrap up the money. (Broke 16 year old moment)
1. Correct, typically only the server has a Public/Private Key pair 1a. The exception is if DH is used as a key exchange, in which case both client and server have "public key and private key" (but they aren't used for encryption.... more details in the link below). 2. You're confusing Signatures and MAC.... Signatures use _Asymmetric Keys_ ... MAC uses _Symmetric_ keys. To learn more about Asymmetric Crypto: www.practicalnetworking.net/practical-tls/rsa-diffie-hellman-dsa-asymmetric-cryptography-explained/
Brother in CIA A is not authN nor authZ, rather availability (read highAvailability) but I'm sure you already know that and here your A is the AuthN part only... keep up the great work that you are doing
🥳🥳- Promotion Ended - Congrats @Paolo Nervi 🥳🥳 For the rest of you, you can use this discount code for $100 off the course: YT100 classes.pracnet.net/courses/practical-tls Subscribe + Notification bell to increase your odds of winning when the next video (and giveaway) releases! 📢📢 Practical TLS - Course Giveaway 📢📢 I'll be picking a random person from all the comments in the next 7 days on this video to give a scholarship for free access to the full Practical TLS course. All you have to do is make a post to enter. Check back in a week to see if you won. =)
I really enjoy all of your content I am able to learn without brain fog I would love if you could teach me all about CISSP I'm sure I would pass with flying colors if you teach it. Thanks
@@calebchapman9119 Hi Caleb, Glad you are able to learn from my content =). The CISSP is a monster of a cert =). Good luck! It's unfortunately not a Cert I hold or would be comfortable trying to train (it's too much memorization for my taste).
Hi Sir, I will always remain indebted to you. Thanks for going that extra mile to make this day a success with such a useful video. Thanks Waiting for next one 👍✌
📢 *Holiday & New Year Promotion*
👉 Practical TLS for only $55 _(originally $297)_
💻 Use code *FROM2024TO2025* --> pracnet.net/tls
📅 Offer expires Jan 4
I am not an IT professional of any sort. I like learning new things. TH-cam has opened a world of knowledge to anyone. People like you lead the way to that end. I found your videos to be the best in your field. They are truly the easiest to understand both by the way you explain and the video graphics. I think your true calling is to be a teacher because you are a natural. I am from a country were teachers are highly respected. Unfortunately this not the case everywhere. I appreciate all your hard work.
Thanks for the kind words, Admin. Messages like this are a great encouragement to continue producing videos. I hope I can continue to contribute to the knowledge of world.
Again, thank you.
Honestly, you're still the best at this. I enjoy the enlightenment you bring. You're gifted. Thank you.
Thanks again, Azza =)
I'm here again. I'm never gonna miss any of your videos. You're my best option.
Hi Azza! Thanks for the kind words!
Just wanted to say a big thank you for these helpful videos
Hello Saurabh. You're very welcome!
Thank you for this amazing series! Now that you're done with the concept, hope you could also include real life examples on how this works (e.g. Inspection of Certificates, observing records on Wireshark, etc.) Anyway, keep it up dude! Love how you discuss these things.
Not done yet =). In the upcoming weeks I'm releasing videos on RSA, DH, and DSA.
All that other stuff (certificates, records, wireshark, etc...) is covered in the full TLS course:
classes.pracnet.net/courses/practical-tls
WOW WOW WOW from 2024 !!!!!!!!!! Thanks alot for this amazing playlist!!!!!!
I have watch many of this series videos and plan to share them as part of my training library. Thanks for the amazing work
You're welcome, Gerald. I'm glad you enjoyed this series. Thank you for your support in sharing this content =)
Awesome bro. Very good explanation. As always, only you can explain things in simple words. Thanks again for making these contents free.
Glad you enjoyed it, Ajay =). Thanks for the kind words.
We need a cyberSecurity course by you!!! You are so great! Linux, networking, cryptogtaphy. If you can teach us this topics will be a great thing!
This video was amazing. The way you explain is so good.
I'm planning to watch the entire playlist of SSL and TLS deep dive.
Thank you for your videos and articles. They really helped me finally understand how things work and I got a dream job. Thank you!
Wohoo! Congrats! What is the job? That's awesome you got your dream job!
Yet another wonderful session.. Thanks!
You're welcome, Mustafa!
As usual, through and complete explanation, looking for DNS, F5, Multicast, BGP, and Security related Advance stuff from you in coming days. Thanks a lot, Ed.
Cheers, Vishal. Glad you enjoyed this one too!
Thank you again for dedicating the most important thing we have (our time) in making really well made videos.Your videos are the most technical i've seen.greetings from a TLC engineer..best regards.Paolo.
You're very welcome, Paolo. Thank you for the kind words =). Cheers!
Congrats, Paolo, You won the free course giveaway. Message me on Discord to claim your prize: pracnet.net/discord
@@PracticalNetworking Thanks for the course! (More fortinet)... greetings from Paolo.
Awesome, thank you for the regular uploads Ed :)
You're welcome, Peter =)
Amazing 🤩 now it completes the full picture !
Thank you very informative lesson.😃
Glad it was helpful!
Sure I enjoyed the lesson. Thanks
new PN video is a great thing to wake up to!
Good Morning, Alex =)
so Informational, keep the good work bro.
you are the best.
Will do, Mohamed. Glad you are enjoying these!
Amazingly clear.
I need this course in me life
Goodluck with the drawing!
🎉🎉🎉wonderful training vid😊
Amazing series.
Nice presentation .. which tools used for your presentaion ?
Powerpoint =)
Thank you so much for making this series. You have presented information extremely well and I have been able to follow your tutorials completely. One quick question - At 5:37 of this video titled "How SSL & TLS use Cryptographic tools to secure your data - Practical TLS", you mention that the Certificate is signed by CA and it provides authentication. Should it be authentication + integrity? From the previous lesson on Signatures, I understood that signatures provide authentication and integrity.
Cool... Have been following this series from last 3 days & still wondering why it is not having more views .... 🙂
Amazing as always
Thanks for the video, can you please provide me link for the video regarding the MAC (Msg Auth Code)
Sure... here --> th-cam.com/video/doN3lzzNEIM/w-d-xo.html
(edited, typo)
When Asymmetric Encryption is used to perform secret key exchange, it requires 4 keys - 2 for the server (1public+1private), 2 for the client(1public+1private). This illustration shows only the server side of the asymmetric key pair. Who generates the corresponding pair for the client and how?
From what I understand, the Client just uses the Public Key of the Server to encrypt the Symmetric Key, so that the Server gets a copy of the symmetric key. Not sure why it needs the key pair from the client, since it already has a copy of the symmetric key.
do some of these topics also apply to SSH? like how SSH and TLS use asymmetric encryption
Yes! And ipsec as well!
Why did the picture of symmetric key show 2 keys instead of 1? Is it supposed to be only 1 key for symmetric key?
One symmetric key for encryption, another symmetric key for MAC
👏 thanks 😊.
Cheers Don!
Great explanation, what if MITM occur during sharing of Secret key and attacker replace the secret key with his and encrypt it with server public key and send it to server . What will be the mitigation in this scenario
Great question, Rahul! You should consider the course, I have a feeling you would love it =).
To answer your question.. in such a case, remember the Client is still going to be using the value they generated and sent to the server (which was interrupted by the MITM). So even if the MITM and the Server end up with identical session keys, it _will not_ be the Session Key used by the Client -- therefore, there is no possibility of compromising data. It's as if the MITM has it's own, independent, SSL connection with the Server.
You have a new subscriber :)
Thank you for your support!
Isn't hashing also used for signatures as well?
I need this course because I am intended to use this topic for final year project
Good luck w/ the drawing!
Thaaaaaanks a lot. Your vid’s are Greta!
Have a question:
Why does a client trust a ca? Or how can a client make sure the certificate that a server provides which is signed with the private key of a ca is actually trustworthy and belongs to the server?
how do you 'combine' hashing with encryption? if you're sending the MAC over the internet, aren't you defeating the purpose of encryption, given that the message is sent unencrypted with the digest embedded in it?
Please share all TLS/ SSL videos in sequence to understand better. Thanks
Here are all the SSL Videos: th-cam.com/play/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY.html
Please I need a link for cybersecurity and cryptography
Hey I have a couple questions. If my wording is not the best please ask for clarification lol.
1. I notice the host does not have a pub/priv key pair. Is this just to simplify the demonstration? If not, then how would asymmetric key encryption work?
2. MAC and CA work together by using the certified public key to encrypt the hash. If the host can unencrypt the sent hash with the public key, and then calculate the hash of the message, it ends up proving the integrity and the authentication. Now my question is; what if it is client-client communication? Will they instead resort to signing messages, or will they generate some kind of their own certificate.
Thanks a bunch man you are really the G.O.A.T. I will be looking into your course for sure if i can scrap up the money. (Broke 16 year old moment)
1. Correct, typically only the server has a Public/Private Key pair
1a. The exception is if DH is used as a key exchange, in which case both client and server have "public key and private key" (but they aren't used for encryption.... more details in the link below).
2. You're confusing Signatures and MAC.... Signatures use _Asymmetric Keys_ ... MAC uses _Symmetric_ keys.
To learn more about Asymmetric Crypto: www.practicalnetworking.net/practical-tls/rsa-diffie-hellman-dsa-asymmetric-cryptography-explained/
Brother in CIA A is not authN nor authZ, rather availability (read highAvailability) but I'm sure you already know that and here your A is the AuthN part only... keep up the great work that you are doing
You're thinking of the CIA triad for cybersecurity. This video is not talking about that. It's focusing on what TLS provides.
System has effected by ransomware QQLC so how can I solve this
🥳🥳- Promotion Ended - Congrats @Paolo Nervi 🥳🥳
For the rest of you, you can use this discount code for $100 off the course: YT100
classes.pracnet.net/courses/practical-tls
Subscribe + Notification bell to increase your odds of winning when the next video (and giveaway) releases!
📢📢 Practical TLS - Course Giveaway 📢📢
I'll be picking a random person from all the comments in the next 7 days on this video to give a scholarship for free access to the full Practical TLS course.
All you have to do is make a post to enter. Check back in a week to see if you won. =)
I really enjoy all of your content
I am able to learn without brain fog
I would love if you could teach me all about CISSP I'm sure I would pass with flying colors if you teach it. Thanks
@@calebchapman9119 Hi Caleb, Glad you are able to learn from my content =).
The CISSP is a monster of a cert =). Good luck! It's unfortunately not a Cert I hold or would be comfortable trying to train (it's too much memorization for my taste).
Expanded stuff I use all the tije
=)
Hi Sir, I will always remain indebted to you. Thanks for going that extra mile to make this day a success with such a useful video. Thanks Waiting for next one 👍✌
Thanks for the kind words, Rafay =). Glad you're enjoying this series!