Комментарии:
Buddy your videos are really addictive.
ОтветитьYou're the best! From daily doubts I have to more deep studying I do I can find some video here on your channel explaining topics with honesty and a great background. Thanks from Rio de Janeiro, Hussein!
ОтветитьYou are awesome Hussein! please upload more. Thank you for this video.
ОтветитьNice visual explanation😂
ОтветитьCalls for a open-source messenger!
ОтветитьGreat video. Thank you!
Btw for persistence do we store that encrypted thingy in the DB directly?
fantastic, so basically double encryption
ОтветитьWhatsApp video call good r bad answer me bro. End to end encryption
ОтветитьThe classical two generals problem
ОтветитьGreat video Hussein. I have a doubt.
I read that private key is stored locally. So, if you log out all your previous data is lost (even if it's stored on server, it will be encrypted and since you lost the private key, you lost those messages).
So, how does telegram works. Like I can log-out and log-in, use different devices and, I get all of my messages.
So, are they storing private key somewhere? Or how does it work?
Excellent explanation, no need for fancy visuals if it makes sense!
ОтветитьHey Hussein, awesome video (as always). I just had a question about how whatsapp's E2EE works in group chats. Lets say you are in a group with 100 or 500 people and you send a message that would mean the message being encrypted 500 times by each persons respective public key which seems very in efficient. I want to know what happens there, and it makes a great video IMO.
ОтветитьIf public part of the keys are meant to be public, why use DH to exchange them ?
Ответитьnice ps2
ОтветитьGreat explanation
ОтветитьHey can u talk about searchable encryption
ОтветитьNasser, I like your way of explanation bruh. BTW I found you a double. Search Syed Shafaat Ali, your lost brother, he's too an engineer, but he turned comedian and imitation performer. You both are prominent in your profession. Godspeed
ОтветитьGreat explanation. Thank you for your efflorts
ОтветитьPro tip, Use More than two hands to explain things..or just use a diagram.
ОтветитьSuch a great explanation. Thanks, Hussein!
ОтветитьCan u pls explain signal double ratchat algo and how to implement it . That will be very helpful
Ответитьgone overhead :(
try with some images, diagrams etc
And I really thought WhatsApp works with Asymmetric all the time. Each user has their own private/public key pair. But you made it clear now that it works similarly to TLS 1.3 Diffie Hellman. 👌
ОтветитьThat last CA you talked about was DigiNotar....darket diaries made a video about that.
ОтветитьGreat video Hussein. If I may explain this for your audience with some math -
· Bob generates a private key number X
· Alice generates a private key number Y
· There are publicly known numbers A and N provided by the server.
· Bob does A raised to X and sends the number to Alice
· Alice does A raised to Y and sends the number to Bob
· They both raise what the other sent with their own secret key i.e. Bob now has A raised to YX and Alice now has A raised to XY which is the same number. They also mod it with N to get a manageable number between 0 and N. They now have the same secret key without knowing each other's private keys and without the server knowing the final key. The server only knows A and N.
The trick is to make X, Y and N sufficiently large to make reverse engineering near impossible.
Can you please make video about client-side encryption in javascript
ОтветитьEven without graphics and illustrations - this was an excellent and clear explanation !
ОтветитьGreat one... which podcast do you listen ?
ОтветитьVery nice
Ответитьi don't care if somebody reads my message, but i want to know how to hide it. It's just for fun :D
Ответитьlike
ОтветитьMany thanks
ОтветитьBro, give me an answer. Where do you study all this from
ОтветитьE2EE, specifically, user-friendly and ephemeral E2EE, is necessary because you never know what is gonna become retroactively unacceptable. In this world of constant, pervasive mass surveillance, it seems that damn near every TCP packet you send goes in your permanent record. Even if you’re not doing anything substantively bad, a joke you made a decade ago about killing a politician you don’t like can get you hosed.
I convince all my friends to download Signal because at the end of the day, even if they don’t value their privacy, I value mine. If I’m confiding in a friend, I want to ensure I’m talking to them and just them, with no listeners or meddlers.
In that sense, end-to-end encryption is the ultimate form of authorization.
The authentication part, as you mentioned, is difficult. They at least offer a means of “out of band” verification, with QR codes for each participant you can scan in person to verify each others’ identity.
aka Signal Encryption.
ОтветитьGreat talk Hussain, it's been really long since we had a chat. It would be interesting if you talk about certificate pinning.
ОтветитьThe explanation couldn't have been any better... Great job🤝
ОтветитьGreat contente. The best backend channel 🖤
Ответить