Explaining dual-key crypto with tennis-balls and padlocks

This video illustrates some of the key principles behind "internet security" (actually, dual-key cryptography) using tennis-balls and padlocks. It's does a good job, but it misses out on explaining the hardest -- and most interesting -- concept: private/public key-pairs that have the mathematically provable capability of unscrambling one-another's scrambled messages. I have a long section on this in Little Brother, my forthcoming kids' book about hacking for democracy, and I had to rewrite it more than once to get it right. I'll never forget the moment of satori my editor had when I succeeded in conveying to him the extreme coolth and elegant simplicity of key-pairs over lunch -- then went back to my computer and tried to recapture that in the text. Link, Link 2 (Thanks, Jason!)

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE: Civlib

More at Boing Boing

Eurovision 2013: An American in London

The technology that links taxonomy and Star Trek

Crash

Certron: I guess the easiest pop-sci metaphor for the math would be to think of a clock. A clock is circular and has twelve numbers, so 10+3 = 1 on a clock, right? You and I agree in secret on some imaginary clock that has n numbers on it. Now if you send me a message like “the secret number plus 13 is 9 on our clock,” it’s pretty hard for a spy to figure out what the secret number is without knowing how big the clock is, but I can get it just by subtracting, so long as your message is a number less than n. The math of public-key encryption gives us a way to agree on the size of the clock without ever actually having to meet or send anything in secret.

There is a somewhat lucid explanation of the math at Wikipedia, though it is easier to follow if you have worked with modular arithemetic before.

The summary is that if you have two prime numbers p and q, then you can multiply them to get p*q = n, and do some other jiggery-pokery to get related numbers e and d. e and d have the special relationship that if you take another number m, the remainder of (m^e) / n = c, and the remainder of (c^d) / n = m. If you can break up your message into a long string of numbers m, you can see how the first operation encrypts them into a string of c‘s, and then the second gets them back again. Conveniently, computers are very good at turning things into numbers.

The use of this for cryptography relies on the fact that it’s very difficult to figure out p and q if you only have n, e, and d. So you throw away p and q after making them. e is the public key. d is the private key.

Before the law was changed in 2000, this explanation would have technically made Boing Boing considered munitions legally unexportable from the US. At one time it was fashionable to flout this law by putting the equations on t-shirts.
Crash

Oh, I should add the above describes RSA encryption, which is only one form of public-key cryptography. Other popular algorithms include Diffie-Hellman, its child ElGamal, and the Digital Signature Standard.
Burz

For a better description try this series of podcasts #30-37 from Steve Gibson and Leo Laporte.
pyesetz

Shouldn’t “sartori” be Kensho, “a momentary glimpse of the true nature of existence”?
Toastpoints

Honestly I think this video only explains what it’s trying to explain to people who already understand it. I showed it to a few family members, all of whom are smart and perfectly capable of understanding this — but none of them got any sense of having learned anything. Mostly they were confused about the 1st part; the 2nd part is fairly straightforward and obvious. Watching the 1st part they were saying things like “is the sender a lock?”, “why is he sending a key?”, “whose key is that?”, and “does the sender putting a lock on the ball mean he’s sending it?”

They understood once we watched it again and I gave some running commentary. If the intent is to teach people about rudimentary internet security, then it at least partially fails.
Paul Long

Why aren’t there holes on both sides of the slit? He’s not locking anything but just hanging locks on the ball. Bad metaphor.
gyusan

I keep getting distracted by the gloves. Are tennis balls hazardous?
theshow

Could someone please post a link to a good explanation of private/public key-pairs? I have a hard time with this stuff.
certron

I have heard it described in a puzzle, thusly:

In Kleptonia, the postal service is prone to theft. There is no guarantee that your mail hasn’t been opened and any things of value removed (or added, I suppose). Thus, locks on packages are very popular.

Bob wants to mail a ring to Alice, but of course, doesn’t want it stolen. Alice and Bob both have locks (and keys!), so how do they make a secure exchange?

Bob puts the ring in the box and locks it with his lock, keeping the key. He mails it to Alice, who puts her lock on it and mails it back to Bob. When Bob gets the package, he removes his lock and mails it back to Alice, who is then able to unlock her own lock and open the box. At the end of the exchange, each participant regains possession of their locks, and neither have ever lost possession of their key.

The lock-and-key pair are analogous to a public and private key, respectively. While in the story, the first lock could technically have come from anyone who is not Alice, in this form of cryptography, you can use the public key to verify the sender. (At the very least, you can know that the two keys make a pair, or that the sender has the other half of the key, whoever they are.)

I still don’t quite understand the mechanics of the actual cryptography, is it just a bunch of large primes multiplied in a certain order, with the other large prime factors in the other key?
thezonie

Wikipedia’s page has a pretty good explanation using the graphics along the right-side of the page:

http://en.wikipedia.org/wiki/Public-key_cryptography

Basically it works like this: If two people want to communicate securely, they each need to generate their own key pair. A key pair is essentially two (one public and one private) very large prime numbers (keys) that are mathematically related in such a way that if you use one of the keys from the key pair to encrypt some data, then only the other key from the key pair can decrypt that data.

The private key must be kept private, and the public key can be told to anybody.

Now, to send a secure message, the sender encrypts the message using the receiver’s public key, and then sends it to the receiver. The receiver then uses his private key to decrypt it. That’s pretty much it.

Now, there is the issue of “anyone could use the public key to send a message and pretend that it was from someone else”. What you can do then is to sign the data before encrypting it, which will guarantee to the receiver that the data is in fact from you.

To do that, the sender encrypts the data using the receiver’s public key AND the sender’s private key. Once the receiver receives it, he decrypts it using his own private key AND the sender’s public key. Now the receiver knows that the data was indeed sent by the sender.
help i cant comfirm my username themelonbread

Did the latest XKCD inspire this particular post?
Steve Weis

This video’s description claims to explain Diffe-Hellman key exchange, but it does not. It depicts commutative cryptography.
skreidle

Toastpoints: I agree–I’ve been trying to understand public/private key crypto for work, and that video didn’t illuminate anything for me.

Thezonie, Certron: That helped a lot more. :)