WEBVTT

00:01.290 --> 00:01.710
Okay.

00:01.710 --> 00:10.680
So so far we learned how to use BGP to encrypt text and send it in a way so that the receiver is the

00:10.680 --> 00:14.790
only person that's able to read the content of the text.

00:14.820 --> 00:21.540
Not only that, but we also learned how to sign the message, to sign the text so that the receiver

00:21.540 --> 00:26.150
can verify that this message was actually sent from us, from the sender.

00:26.160 --> 00:31.740
So it's really, really good because now when a message is sent, we're sure that it can only be read

00:31.740 --> 00:37.410
by the receiver and the receiver can be sure that it was actually sent from the sender.

00:37.410 --> 00:42.730
And he can also verify that the message did not get modified as it was sent.

00:42.750 --> 00:45.180
So this is really, really good.

00:45.210 --> 00:48.840
The only problem is we can only do this for text.

00:49.020 --> 00:52.680
So what if you wanted to send a document or an image?

00:52.710 --> 00:59.850
Therefore, in this lecture, I'm going to show you how to encrypt, sign, verify and decrypt files.

01:01.050 --> 01:09.210
So right here in John's computer, I have the image that we already worked on and removed its metadata

01:09.210 --> 01:09.850
before.

01:09.870 --> 01:13.500
If you don't remember how to do that, please go back to that lecture.

01:13.500 --> 01:17.400
And if I double click the image right now, as you can see, the image works.

01:17.400 --> 01:19.410
It shows us a picture of a car.

01:20.040 --> 01:26.460
Now, let's assume we want to send this message to David and we want to send it securely so that if

01:26.460 --> 01:33.030
anybody intercepts this message or if anybody manages to read it, they won't be able to see the content

01:33.030 --> 01:33.480
of it.

01:33.480 --> 01:35.970
They won't be able to see the image.

01:36.060 --> 01:40.680
To do that, we're going to right click it and we're going to click on Encrypt.

01:42.350 --> 01:47.280
Now you'll get a message that is very similar to what we used to get when we encrypt text.

01:47.300 --> 01:53.870
You need to select the public keys of the people that will be able to see the contents of this file.

01:54.260 --> 01:58.850
In my case, I'm sending this to David, so I'm going to take David from here.

01:58.850 --> 02:06.100
And as we learned before, you can also sign the message from here and select your own private key.

02:06.110 --> 02:12.350
And that way, when the receiver receives the image, they can verify that the message or the image

02:12.350 --> 02:17.030
was sent from you by verifying it with your own public key.

02:17.570 --> 02:19.100
So I'm going to click on.

02:19.100 --> 02:19.880
Okay.

02:20.990 --> 02:27.340
This will ask me for my passphrase, for my private key, because I selected the sign option.

02:27.350 --> 02:30.740
If you did not select the sign option, you will not see this.

02:32.380 --> 02:38.230
And once I put the password, as you can see, I will have a new image created.

02:38.240 --> 02:41.830
And this image doesn't really display it doesn't really work.

02:41.830 --> 02:46.300
So if I double click it, you actually won't see anything in here.

02:46.300 --> 02:53.380
And the reason for that is because this image right now is encrypted and the only person that can see

02:53.380 --> 02:54.460
it is David.

02:54.460 --> 03:00.070
So we need David's private key in order to see the contents of this message.

03:00.100 --> 03:05.680
Therefore, like I said, right now we're in John's computer, so even John can't see the content of

03:05.680 --> 03:06.880
the image anymore.

03:07.030 --> 03:13.570
And what we're going to do is we're going to go ahead and send this as an attachment in an email to

03:13.570 --> 03:17.650
David Smith at the blue dot in.

03:18.910 --> 03:20.200
I'm going to scroll down.

03:20.200 --> 03:21.910
I'm going to select the image.

03:23.010 --> 03:28.860
And keep in mind you want to make sure you select the encrypted image, not the normal image.

03:28.860 --> 03:32.010
So right here we have the normal decrypted image, as you can see.

03:32.010 --> 03:38.070
We can see it in here and the preview and right here we have the encrypted version of it that will not

03:38.070 --> 03:41.820
work unless we have the private key of David.

03:42.690 --> 03:49.680
So I'm going to click on Open and just say Test in here and the content and click on Send.

03:51.450 --> 03:51.990
Perfect.

03:51.990 --> 03:53.450
Now the message should be sent.

03:53.460 --> 03:55.770
So let's go to David's computer.

03:55.800 --> 03:57.720
We'll refresh the inbox.

03:58.950 --> 04:00.180
We have a new message.

04:00.180 --> 04:00.810
Perfect.

04:00.810 --> 04:02.490
Let's go ahead and open it.

04:04.350 --> 04:06.600
And we're going to download the attachment.

04:08.020 --> 04:09.010
Save it.

04:09.990 --> 04:12.180
It's going to go in my browser directory.

04:12.180 --> 04:12.930
That's fine.

04:12.930 --> 04:17.730
Click on Save and let's go ahead and open the containing folder.

04:18.480 --> 04:22.290
And as you can see, we can't really see the contents of the image.

04:22.590 --> 04:27.540
Now this is the same whether this was a PDF or a word document or any file.

04:27.540 --> 04:34.800
Really, I'm just using the image as an example now in order to decrypt this message, because this

04:34.800 --> 04:41.640
is David's computer and because this message was specifically encrypted for David using David's public

04:41.640 --> 04:47.940
key, we can actually decrypt it right here because we have David's private key and we'll be able to

04:47.940 --> 04:49.470
see the contents of it.

04:50.070 --> 04:52.320
To do that, we're going to right click the image.

04:52.320 --> 04:56.340
We're going to click on Open with Decrypt File.

04:57.030 --> 05:01.470
This will ask you for the passphrase for David's private key.

05:01.500 --> 05:02.850
I'm going to input it.

05:06.590 --> 05:07.370
I'm perfect.

05:07.370 --> 05:10.120
As you can see, this will create a new file.

05:10.130 --> 05:12.800
This is the image after decryption.

05:13.160 --> 05:18.440
And as you can see in the middle, it said that the signature has been verified.

05:18.440 --> 05:22.940
So we're sure that this image was actually sent from John.

05:23.270 --> 05:29.240
Now I can double click the image to see its content and as you can see, I'm able to see the contents

05:29.240 --> 05:30.320
of the message.

05:30.860 --> 05:35.060
So the idea behind this is very similar to the idea of sending text.

05:35.060 --> 05:38.720
We encrypt the message with the receiver's public key.

05:38.780 --> 05:44.990
If anybody manages to get their hands on this file, whether it's an image, a PDF, a document doesn't

05:44.990 --> 05:45.740
really matter.

05:45.740 --> 05:51.320
They won't be able to read the content of the file unless they have the private key.

05:52.130 --> 05:58.400
Now, there is also one more feature that I want to cover in this lecture, which we can use to sign

05:58.400 --> 06:00.860
the file without encrypting it.

06:00.950 --> 06:07.610
So if you remember when we downloaded the Tor browser, we also downloaded a signature and we use that

06:07.610 --> 06:13.490
signature to verify that the Tor browser did not get modified as we downloaded it.

06:13.670 --> 06:19.610
So you can also do this to any file you send by generating a separate signature.

06:19.610 --> 06:24.950
So again, you can do this to any file you want, whether it's software, whether it's an image, a

06:24.950 --> 06:27.470
PDF, a microsoft document.

06:27.470 --> 06:28.940
It really doesn't matter.

06:28.940 --> 06:35.570
I'm using the image here as an example at John Wick's computer right now, and all you have to do is

06:35.570 --> 06:39.260
click the file that you want to sign, click on sign.

06:40.740 --> 06:45.000
It will ask you which private key you want to use to sign this file.

06:45.030 --> 06:47.370
Like I said, I'm in John Wick's computer.

06:47.370 --> 06:51.530
The only private key that I have right now on this computer is John Wick.

06:51.540 --> 06:54.590
So the only entry I have in here is John Wick.

06:54.600 --> 06:55.860
So I'm going to click on.

06:55.860 --> 06:56.640
Okay.

06:57.270 --> 07:04.200
And as you can see, this will generate a new file with a dot sig extension.

07:04.470 --> 07:11.760
This is a signature that corresponds to this file that has been generated using John Wick's private

07:11.760 --> 07:12.240
key.

07:12.240 --> 07:20.310
So people can use this file to make sure that the image did not get modified since this signature file

07:20.310 --> 07:22.370
was created by John Wick.

07:22.380 --> 07:26.940
And to do this verification, they'll use John Wick's public key.

07:26.940 --> 07:29.940
So the private key is used to generate the signature.

07:29.940 --> 07:35.490
The public key gets used to verify that the signature did not get modified.

07:35.970 --> 07:42.450
Now, if you are doing this, you will obviously have to send the signature file with the image file

07:42.480 --> 07:43.770
to the receiver.

07:43.770 --> 07:46.080
So let me do this really quick here.

07:47.370 --> 07:49.710
Again, we're sending this to David Smith.

07:53.160 --> 07:58.860
And like I said, you want to make sure you first select the file that you want to send, which in my

07:58.860 --> 08:00.300
case is the image.

08:00.330 --> 08:03.360
And you also need to select the signature.

08:04.830 --> 08:13.470
So I'm going to select the image first and then click on attach and then I'm going to select the signature

08:13.470 --> 08:15.450
file as well, like I said.

08:15.450 --> 08:20.820
And we're going to open and click on Attach again.

08:22.080 --> 08:25.350
And right now we have the two files added to the message.

08:25.350 --> 08:27.840
I'm going to click on Send to send the message.

08:28.440 --> 08:32.340
Now, keep in mind right now, we did not encrypt the image.

08:32.340 --> 08:38.160
If someone manages to intercept this file, they'll be able to see the contents of the image.

08:38.160 --> 08:44.910
We only sign the image with a separate signature so the receiver can verify that the image did not get

08:44.910 --> 08:46.920
modified as we sent it.

08:47.730 --> 08:50.760
So go into the receiver's computer.

08:50.760 --> 08:54.960
Let's go refresh the inbox and we'll go open it.

08:56.750 --> 08:58.580
Open the new message.

09:00.670 --> 09:03.910
And let me actually delete what I have in here for now.

09:05.680 --> 09:07.990
And we're going to download the image.

09:11.890 --> 09:13.990
And then we'll download the signature.

09:18.380 --> 09:20.210
And go into the downloads directory.

09:20.210 --> 09:24.260
As you can see straight away, we're able to see the contents of the image.

09:24.260 --> 09:30.450
So the image was not encrypted because all we did is we generated a signature for the image.

09:30.470 --> 09:37.970
So the whole purpose of this is to allow the receiver to verify that this message was sent by John and

09:37.970 --> 09:40.190
that the message did not get modified.

09:40.190 --> 09:47.540
Since John created the signature to do this, you right click the signature and we're going to click

09:47.540 --> 09:49.790
on Open with Verify Signature.

09:51.040 --> 09:54.850
And as you can see, it's telling us that this is a valid signature.

09:54.850 --> 09:58.660
And like I said, the untrusted warning can be ignored.

09:58.690 --> 10:03.250
It literally just means that the key has not been set to trust it.

10:03.250 --> 10:10.210
But the fact that it is saying a valid signature means that this image did not get modified since John

10:10.210 --> 10:15.280
created this signature right here using his own private key.

10:16.510 --> 10:17.950
So that's it for this lecture.

10:17.950 --> 10:26.440
I just wanted to show you how we can use BGP to encrypt files, sign them so that they can then be verified

10:26.440 --> 10:28.630
and decrypted at the destination.

10:28.630 --> 10:35.710
And this way we're able to send files securely, because even if they get intercepted while they're

10:35.710 --> 10:40.750
being transmitted, whoever intercepts them, they won't be able to read their content.

10:40.960 --> 10:47.560
Not only that, the receiver will also be able to verify that the file did not get modified as it was

10:47.560 --> 10:53.440
sent, and verify that it was sent from the right person, not from a third party.