this video basically explained to me what my entire 3h lecture was tryna say but failed horribly. TH-cam is crazy for educational videos like these!! thank you so much
If you are following the entire series, remember that he mentioned that Integrity and Authentication provide Non-repudiation as a byproduct. However, that principle does not work in this scenario. Why? Because in HMAC, the use of the same secret key eliminates non-repudiation. In order to achieve non-repudiation, the sender and receiver must use asymmetric keys (a different pair of keys for encryption and decryption).
I’m binging your vids this weekend. Your explanation of how ports work and why they exist was so clear and easy to grasp that I’ve been completely sucked down this rabbit hole of your videos. You’d be amazing at explaining how the Bitcoin network works.
Glad you've been enjoying the content, Eönwe =). Bitcoin (and related concepts) are on my list to talk through at some point. At the moment I'm trying to market my TLS course: classes.pracnet.net/courses/practical-tls Thanks for the kind words =)
Thank you for taking the time to explain this. I've almost given up understanding the concept. Most websites I read it got me more confused than I was. It's clearer now
Hey man, I just want to thank you for uploading these videos, they have been of incredible help. There are a few videos out on TH-cam but honestly, yours are the only ones I can learn from, I'm an audiovisual learner so again Thank you!
That's soo nice, great way to understand how important it's the data integrity in the modern world. Thank's to you I am beginning to get more into networking
Yep! Exactly. Can't do an HMAC without a Secret Key. If you aren't manually providing the key, then one has to be produced from an Asymmetric Encryption algorithm (which I'm releasing a video about next week!)
Hi thanks so much for this explanation! Just one thing I’m struggling with, if hashing cannot be reversed, and we use hmac to send data securely, then how does the receive see the original text before hashing? Is two sets of the same data sent, one in plain text and the other hmac? Thanks so much
> Is two sets of the same data sent, one in plain text and the other hmac? Yes! Exactly. Both the plain text message, and the HMAC digest are sent. This provides *Integrity* but not *Confidentiality* -- see the other videos in this series to understand what I mean by that. Cheers =)
Great analysis, thank you! A bit off-topic, but I wanted to ask: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). What's the best way to send them to Binance?
Yes, they are different. You can do an HMAC with MD5, or with SHA1, or with SHA256, and so on. You can also do an HMAC, or a KMAC, or CMAC, etc... The hashing algorithm is different & independent from the "method to combine hashing + secret key"
For the sake of this video, we'll say the Key is concatenated with the video. But in reality, the HMAC operation is a little more complicated In a real HMAC, the key is combined with the message multiple times. The real formula is listed in section 2 of RFC 2104: www.rfc-editor.org/rfc/rfc2104.html#section-2
The key is used to calculate the digest. The receiver is also using the key to calculate the digest. An attacker in the middle can still change the message, but can not re-calculate a digest which the receiver will accept since the attacker can not combine the key with the modified message.
Why not just connect the message + its hash and encrypt it with a key. And then the recipient will decrypt it, cut off a certain number of bytes and compare them with the calculated hash from the juicy part of the file? So, even if an attacker intercepts the message, he will not be able to replace the hash because he can only calculate the hash from the encrypted message.
26,507 views Oct 4, 2021 Practical TLS - Free Lessons from my SSL Deep Dive training course Data Integrity seeks to assure that data has not been modified in transit between a sender and receiver. This assurance is provided using a Hashing Algorithm... but not simply by itself, that leaves you open to an attacker modifying your message and re-calculating the digest. Instead, something else must be done in addition to Hashing. In this video, we discuss that "something else". This will have us introduce the concept of a Message Authentication Code (MAC), and the most common implementation of a MAC known as the HMAC (Hash Based Message Authentication Code). This lesson is a free sample lesson from the the most effective TLS and SSL training course ever created. No instructor rambling on about pointless stories. No slides with massive walls of text. No time wasting. Only simple, effective, and precise explanations. Complimented with practical illustrations and visuals. 🔐 More details about the course: classes.pracnet.net/courses/p... 🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. I'm happy to provide a generous referral bonus =) 💬 Join Practical Networking Discord discord.com/invite/yrexngJ 🖧 Want to learn how how data moves through a network?
• Networking Fundam... Since you've made it to the bottom of the Description, here's a $100 off coupon code you can use on the full course =) YT100 Key moments View all Featured playlist 24 videos Practical TLS - Free Lessons from my SSL Deep Dive training course Practical Networking Practical Networking 166K subscribers Videos About 11:42 Hashing, Hashing Algorithms, and Collisions - Cryptography - Practical TLS by Practical Networking 33K views · 1 year ago 7:34 What is SSL & TLS ? What is HTTPS ? What is an SSL VPN? - Practical TLS by Practical Networking 93K views · 2 years ago 5:15 How do SSL & TLS protect your Data? - Confidentiality, Integrity, Authentication - Practical TLS by Practical Networking 38K views · 2 years ago Practical TLS Learn more about Practical TLS ty so much :) Pinned by Practical Networking @PracticalNetworking 1 year ago (edited) 📢 ANNOUNCEMENT: I'm adding 20+ new lessons to the Practical TLS course covering TLS 1.3. 💲 While creating the TLS 1.3 modules, I'm discounting my Practical TLS course to the lowest price I have ever offered until I finish. 📣 Coupon Code: PracticalTLS13 || Promotion Price: $49 (Regular Price $297) 👉 classes.pracnet.net/courses/practical-tls/buy?coupon=PracticalTLS13 The Course returns to full price as soon as I publish the final TLS 1.3 lesson. Don't wait too long. =)
📢 *Black Friday / Cyber Monday Promotion*
👉 Practical TLS for only $50 (originally $297)
💻 Use code *BFCM2024* --> pracnet.net/tls
📅 Offer expires Dec 6
The Best Teacher I've ever seen in my lifetime!💯😍
Thank you =)
Agree
this video basically explained to me what my entire 3h lecture was tryna say but failed horribly. TH-cam is crazy for educational videos like these!! thank you so much
If you are following the entire series, remember that he mentioned that Integrity and Authentication provide Non-repudiation as a byproduct. However, that principle does not work in this scenario. Why? Because in HMAC, the use of the same secret key eliminates non-repudiation. In order to achieve non-repudiation, the sender and receiver must use asymmetric keys (a different pair of keys for encryption and decryption).
💯
I’m binging your vids this weekend. Your explanation of how ports work and why they exist was so clear and easy to grasp that I’ve been completely sucked down this rabbit hole of your videos. You’d be amazing at explaining how the Bitcoin network works.
Glad you've been enjoying the content, Eönwe =). Bitcoin (and related concepts) are on my list to talk through at some point. At the moment I'm trying to market my TLS course: classes.pracnet.net/courses/practical-tls
Thanks for the kind words =)
Thank you for taking the time to explain this. I've almost given up understanding the concept. Most websites I read it got me more confused than I was. It's clearer now
I was thinking of this very hard while working on my simple secure communication protocol project. Thank God I understand now
Thanks for these. These are Gold. I am seeing networking now with much a solid path to troubleshoot and know what really is happening!!!
greatly explained 🙏
Hey man, I just want to thank you for uploading these videos, they have been of incredible help. There are a few videos out on TH-cam but honestly, yours are the only ones I can learn from, I'm an audiovisual learner so again Thank you!
Thanks for the kind words, Sergio. Glad you're getting so much from this content =). Cheers !
This is the definition of crystal clear, and an encouraging way to ultimately F with bahd guyz
Love it =). Glad you enjoyed it!
That's soo nice, great way to understand how important it's the data integrity in the modern world. Thank's to you I am beginning to get more into networking
Glad to hear it, Ili. Networking is a great skill to have.
Awesome explanation👍 You're the best in making things simple. I can never stop watching your videos.
Thank you again, Ajay =). Cheers!
Great video, thx for help, i am preparing for certification and yours video help me a lot.
Glad to hear it, happy to help! Good luck with the certification!
Another great one. Teaching with passion and conviction. I am your believer. Thank you.
Thanks again, Azza =)
Finally, know how it works from this video
WOhoo! =)
Thx for the best explanation I’ve seen in months. Helped me a lot. 🙂
Thanks for explaning how hash works, hugs from Brazil!
You're welcome. Cheers!
This explains the "Key direction" parameter when an additional HMAC authentication is enabled during OpenVPN configuration.
Yep! Exactly. Can't do an HMAC without a Secret Key. If you aren't manually providing the key, then one has to be produced from an Asymmetric Encryption algorithm (which I'm releasing a video about next week!)
Pretty neat stuff. Thanks for sharing the videos.
Thank you. You have the best explanations on the subject. 🙏👍
Thank you for providing this information, it is very helpful and well explained.
You're very welcome, Adelina. Glad you enjoyed it =)
I'm enjoying to see these videos,
Thanks a lot Ed,
Cheers, Hosein ! Glad you enjoyed them.
Excellent and really useful. Really good content as usual.. Thank you so much !!!
You're very welcome, Nageswaro!
Hi thanks so much for this explanation!
Just one thing I’m struggling with, if hashing cannot be reversed, and we use hmac to send data securely, then how does the receive see the original text before hashing? Is two sets of the same data sent, one in plain text and the other hmac? Thanks so much
> Is two sets of the same data sent, one in plain text and the other hmac?
Yes! Exactly. Both the plain text message, and the HMAC digest are sent.
This provides *Integrity* but not *Confidentiality* -- see the other videos in this series to understand what I mean by that. Cheers =)
Great analysis, thank you! A bit off-topic, but I wanted to ask: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). What's the best way to send them to Binance?
Great explanation. I am interested in the Giveaway of this amazing course. Thanks..
Good luck! =)
Congratulations, you're a winner! Reach out to me on discord to claim free access to the course: pracnet.net/discord
@@PracticalNetworking Thank you so much for selecting me for the course.
Thanks just looking for this explanation
Happy to help
Thank you very much. Very understandable.
You are welcome!
Great video as always. Thank you a lot🙏🏻❤️🌷
You're welcome!
Yes thanks for this video
Very very good video.
Great videos thank you
excellent video
Thank you =)
at 1:03
How receiver will know which Algo has been used by sender for hashing?
So are they different??The hashing algorithm and the HMAC???I mean we can use this or that ??Thanks alot.
Yes, they are different. You can do an HMAC with MD5, or with SHA1, or with SHA256, and so on. You can also do an HMAC, or a KMAC, or CMAC, etc...
The hashing algorithm is different & independent from the "method to combine hashing + secret key"
Is the key concatenated with the message or is the message encrypted with the same key? That is not clear.
For the sake of this video, we'll say the Key is concatenated with the video. But in reality, the HMAC operation is a little more complicated
In a real HMAC, the key is combined with the message multiple times. The real formula is listed in section 2 of RFC 2104: www.rfc-editor.org/rfc/rfc2104.html#section-2
Yes, I enjoyed it!!
Thank you
You're welcome
excellent!
Thank you !
beautiful thank you
You're welcome, Krislie.
Didn't got on how hmac will save the integrity of the message as key, message and digest all can be changed and receiver won't come to know.
The key is used to calculate the digest. The receiver is also using the key to calculate the digest.
An attacker in the middle can still change the message, but can not re-calculate a digest which the receiver will accept since the attacker can not combine the key with the modified message.
@@PracticalNetworking Thanks for quick reply, got it.
Why not just connect the message + its hash and encrypt it with a key. And then the recipient will decrypt it, cut off a certain number of bytes and compare them with the calculated hash from the juicy part of the file? So, even if an attacker intercepts the message, he will not be able to replace the hash because he can only calculate the hash from the encrypted message.
Just awesome 😄 ❤️
Congratulations, you're a winner! Reach out to me on discord to claim free access to the course: pracnet.net/discord
@@PracticalNetworking please 🥺 cheak discord
@@pratikdhame Congrats again =). Hope you enjoy the course!
man, thanks. really
What if attacker knows the key as well
Then you have a problem =). That is why a proper Key Exchange is necessary. More details here: th-cam.com/video/SO9pGlY7ExQ/w-d-xo.html
In layperson terms
The attacker can read the message
26,507 views Oct 4, 2021 Practical TLS - Free Lessons from my SSL Deep Dive training course
Data Integrity seeks to assure that data has not been modified in transit between a sender and receiver. This assurance is provided using a Hashing Algorithm... but not simply by itself, that leaves you open to an attacker modifying your message and re-calculating the digest. Instead, something else must be done in addition to Hashing.
In this video, we discuss that "something else". This will have us introduce the concept of a Message Authentication Code (MAC), and the most common implementation of a MAC known as the HMAC (Hash Based Message Authentication Code).
This lesson is a free sample lesson from the the most effective TLS and SSL training course ever created. No instructor rambling on about pointless stories. No slides with massive walls of text. No time wasting. Only simple, effective, and precise explanations. Complimented with practical illustrations and visuals.
🔐 More details about the course:
classes.pracnet.net/courses/p...
🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. I'm happy to provide a generous referral bonus =)
💬 Join Practical Networking Discord
discord.com/invite/yrexngJ
🖧 Want to learn how how data moves through a network?
• Networking Fundam...
Since you've made it to the bottom of the Description, here's a $100 off coupon code you can use on the full course =)
YT100
Key moments
View all
Featured playlist
24 videos
Practical TLS - Free Lessons from my SSL Deep Dive training course
Practical Networking
Practical Networking
166K subscribers
Videos
About
11:42
Hashing, Hashing Algorithms, and Collisions - Cryptography - Practical TLS
by Practical Networking
33K views · 1 year ago
7:34
What is SSL & TLS ? What is HTTPS ? What is an SSL VPN? - Practical TLS
by Practical Networking
93K views · 2 years ago
5:15
How do SSL & TLS protect your Data? - Confidentiality, Integrity, Authentication - Practical TLS
by Practical Networking
38K views · 2 years ago
Practical TLS
Learn more about Practical TLS ty so much :)
Pinned by Practical Networking
@PracticalNetworking
1 year ago (edited)
📢 ANNOUNCEMENT: I'm adding 20+ new lessons to the Practical TLS course covering TLS 1.3.
💲 While creating the TLS 1.3 modules, I'm discounting my Practical TLS course to the lowest price I have ever offered until I finish.
📣 Coupon Code: PracticalTLS13 || Promotion Price: $49 (Regular Price $297)
👉 classes.pracnet.net/courses/practical-tls/buy?coupon=PracticalTLS13
The Course returns to full price as soon as I publish the final TLS 1.3 lesson. Don't wait too long. =)