Mike is a legend, he explains everything so well and makes it easy for anyone to understand.

When I see Mike in the thumbnail, instant click.

Absolutly love how these guys discuss immensly complex topics, yet when it comes to verifier neither is all that sure how it's spelled! I feel so seen!!!

This actually makes a lot more sense than the previous videos on digital signatures on this channels as it actually goes into the details. It was really unclear in my mind before but this is a great explanation of what actually happens.

Amazing how Tobey Maguire is saving Mary Jane at night and teaching people about computers in the day

Not gonna lie, I came for the information but I stayed for the pen colour change.

Here I am, Mike Pound. Signed, sealed, delivered - I'm yours! Thanks, Computerphile for working with amazing contributors like Dr. Pound, making this material more accessible to a wannabe geek.

One of the best channel on youtube.

Love Mike! He needs his own channel! 🤩

Thanks for all the videos! I've been watching them and learning from them for years

Your knowledge as well as English accent is historical.

9:41 Remember, none of these public keys is confidential. The problem is, you have to trust they are authentic, that they really came from the people they say they’re from.

Thank you Dr. Michael Pound. Your explanations are so clear and mind-blowing. One of my favorite channels on KZbin!

Dr Mike Pound grounds and pounds every problem till it is solved.

"I'm gonna change my pen colour - it's all very exciting" xD

memorised elgamal, memorised RSA, learned all these protocols and how signatures work... had my exam... computerphile video gets published. I swear if it was the other way around, I wouldve included this in my schoolwork for sure.

This video was actually tremendously helpful. I had a rough understanding of PKI with RSA, but I always thought DSA was a totally different process. I didn't know it was (effectively) just encrypting the hash of the message with an asymmetric key

wow this is the first comphile video I'm watching as soon as it has been published

Dr Pound is one of my favorite to listen to 🤩 But I feel like it would be nice if this episode included some more information and / or details about digital signatures (maybe some extra bits?😉)

So informative yet informal and digestable. Many thanks

I love it, like every other of your videos. I'm just wondering one thing: He can explain everything so well, why wouldn't he do something like a full structured course with lectures and covering a topic (e.G. encryption, Web security, how the iternet works, ... ) as a whole with all the most important components. I would instantly sign up for that!

Damn. I've caught up with watching Computerfile. Now I'm going to have to wait for more episodes to come out.

Dr. Mike Pound finally! Love your vids and Mike :)

Perfect timing lads! Got a Compsec final tomorrow.

Please do videos about all the topics mentioned in the video. Can't wait to see them.

Mike is the best. I really want to hear him talk about what he likes about C#.

in my opinion, I think he's the best explainer of complicated topics.

Computerphile Time!

Any chance of a video regarding the TPM (trusted platform module ) and how it works, just finished writing an essay and it came up and I found it rather interesting, keep up the great content !

Great video. Maybe it could be interesting to talk about JWT tokens as well

EXCELLENT use of the Lav mic!

Thanks for the lecture, Peter Parker!

If you click on the little lock in the address bar of your browser you can see the RSA signed certificate :-)

he says its all very exciting but it really is exciting .

boom perfectly timed, in the morning i have to give a viva exam on Internet an Network Security!

Extra like for the guitar collection! 1:36

i didn't learn something new, but liked the video.

we are still waiting for the "next video" you mention at the very end ;)

Thanks Dr. Pound

0:38 “Not that quick” as in “a thousand times slower than secret-key encryption such as with AES”.

Is the public key infrastructure video available? I just tried searching for it and couldn't find it!

I couldn't find the video he mentioned in the end about public key infrastructure. Did I search something wrong or isn't there one?

so glad i no longer have to hear the sound of marker on paper, that screech gives me chills

Great video! You helped me a lot!

@computerphile I think Mike could do a great video about hash based signature schemes, like LMS, that are supposed to be quantum-proof. What do you think?

Very interesting as always. Thanks.

If you can link the video you recommend to watch in your video that would be great...

People need to stop explaining signing as "encryption with private key" and verification as "decryption with the public key", at least if you want to explain signatures in general. This kinda works for textbook RSA (where the encryption and decryption are just exponentiation), but not for most other signature schemes. Several of those don't even have a corresponding encryption scheme.

I'm looking for the Public Key Infrastructure video he mentions at the end of this video. It's supposed to be the next video in the series but I can't find it, anyone?

Well this is timely given the news about solarwinds

Question. Emailing a document takes seconds. When the document arrives, it arrives. How could someone have changed the document in between the sending and the receiving? To have altered the document, someone would have to have intercepted it and then changed it. This is a question of time. To intercept something and then change it, wouldn't that mean that an email for example, was hi-jacked, went to another address, and then sent on to the ultimate receiver? If so, there would be a record of where the document went in the SMTP headers, no? How does any of this make sense?

When's he going to talk about hashing? /s

Another great video

I am comfortable with the _concept_ of "digital signatures" but something has always troubled me about the _term._ I just never could put a finger on it... until now. A "signature" is something you _generate_ every time you use it. You do not carry a stack of them with you to attach to documents. You do not even need to carry the tools (a pen), someone may lend you one. The one thing you _do_ carry (the muscle memory) can be considered an _algorithm._ What we call "digital signatures" is probably better described as "digital stamps".

Nice a new computerphile vid

I wish that it doesn't switch often and quick between Mike and the sketch. Everytime I want to read the sketch it. Around 4:00 and 4:30 for example

Yep, cool beans. Usual thing is negotiating the ciphers, then using RSA to encrypt the AES or whatever other symmetrical cipher key. Best of both worlds.

Can you upload the next video tomorrow? I have a computer security exam on these things this coming Monday and these are very useful hahah

Could you guys perhaps do a video about the Dutch company Diginotar and especially what went wrong? You know a Dutch certificate issuing company that went bankrupt in 2011 after it was hacked. Maybe by the Iranian government or maybe by the NSA.

Where is the video on public key infrastructure he mentioned?

How can the public key decrypt something that the private key encrypted? I thought the main idea was that whatever is encrypted with the public key can only be decrypted using the private key ?

Mike always looks like he's about to burst out laughing

I love computerphile's videos like this, but can you guys do me a favor, please add the English subtitle since many of your audience is not native English speaker (like me). Thanks a lot.

How would we know what kind of hash functions to use to verify the received the document?

Did anybody find the next continued video after this ?

How do you know that the public key you use to decrypt the signature really belongs to who you think you're communicating with, and not some man-in-the-middle that identified as them instead? If the MIIN does this signature verification with each of the parties, they won't know about it

how will the verifier know what padding needs to be added before calculating the hash?

Hi Guys, When you sign an e-document (a contract) on a mobile device such as a tablet (with multiple signature boxes), do those signatures have timings that are part of a digital footprint (so-to-speak), that can be revisited at anytime to see when and what time a signature box was signed? Thanks in advance.

so what is the best software applications to protect your computer?, and could you disable a computer if you had its IP?

Assuming I want to send you a btc and I know your public key, but you don't know my public key. So I will encrypt my transfer by your public key in ecc method then i will sign it with my private key. Is that correct? When you recive btc, how can you varfiy it if you don't know my public key.? Is my public key sent with the encrypted transfer, and if it is, how do you know if it is my public key or something else?

I will say one the I first time watched your video almost 5 year back in 2016 and your look didn't changed from 2016 to 2021 now

This man understands the importance of a naked room.

if someone was in the middle of a digital signature between person a and b couldnt they(person m) hash the email/text and sign it with their own key and send that to person b. Then when person b sends an email back to a, person m can hash the email and send a resigned version back to a?

If I encrypt the digital signature with my private key, then the receiver decrypts the digital signature with the public key, couldnt anyone in the middle just decrypt it? Seems unsecure? Am I missing something?

Why should hashing ever lead to data compression? Don't computer already use the most efficent data compression method possible for regular communication?

Private or Symmetrical Encryption means we must both somehow know the key and that's how we'd decrypt whatever it is in question.. Public or Asymmetric encryption means that me as the sender needs the public key, which everyone might know, of the receiver, so I can send the document there and the reciever will decrypts with the private key Question then: If the signing off, or digital signature needs to happen by me as the sender with my private key, and is decryptable with my public key which is public knowledge, then can't anyone decrypt the signature with my public key, or is the message as a whole still sent to the public key of the sender??

Doc should start his own channel

How does the public keys decryp signatures and matches with private keys? Who owns the private keys´ list master file which is embedded into BTC blockchain?

Please provide subtitles

My doubt is, how does the verifier know the algorithm for hashing and padding?

Need to sort your audio compression out (DB dynamic range, as in the audio plugin you are using , not file size haha). The attack is way too long, for spoken word set to quickest possible so the first part of a sentence doesn't keeping jumping out of people's speakers. You're welcome.

if someone was in the middle couldnt they trick the verifier? For example, A(signer) sends document to verify to C(verifier) through B (B is in the middle. B forwards doc to C.) A sends encrypted doc to C through B. If B resigns the document with their private key, then when C will just verify it was signed with C's public key correct?

I don't think this is the right forum to discus this but, "Digital Signatures should not replace Wet or Electronic Signatures, rather they should complement traditional signing methods"

12 people actually transmit all their information in clear text

Who is the intended audience for this video? If Mike is anticipating the audience for him to talk about hashing (around 6 minutes in), then this isn't really intended for everyone, but people who may already have a fundamental understanding of cryptography, ain't it? So then, is the audience for those who already understand cryptography, and then for Mike to further explain it? Is it for an audience who doesn't know what cryptography or digital signatures are (as titled in the video)? Contrary to popular opinion, Mike didn't explain it very well. His very casual flow also is disruptive - it may be that this video came like an afterthought, and not a planned and organized session.

Can you not reverse engineer the private key from the public key and then forge it?

Why are your videos not translated?

Have they made a video talking more in detail about PKI?

Dude is so articulate

I can't wait to see the PKI video

How do we know the certification authorities aren't controlled by the likes of the NSA, for example?

Hi, first thanks. What is RSA? Does it do the hash claculation?

So I receive an email with a digital signature. How do I verify the authenticity of the signature in the email.

But public key encrypts and not decrypts. Isn't it? Private key decrypts and public key encrypts. But in this video how's public key decrypting data? Is that symmetric key? Then there's only 1 key and it doesn't fall under asymmetric encryption.

how to solve the issue of somebody generating digital certificates on behalf of somebody and sharing ? ... that issued certificate won't represent the actual user :)

This explanation is wrong or misleading at best. Most signature schemes have little or nothing to do with encryption (see for example Schnorr signatures), and you don't even require public key crypto for signatures (see XMSS). RSA is essentially the one scheme where you can "encrypt with your private key", which doesn't work for basically all other public key cryptosystems - it just doesn't make much sense in general. RSA has been giving a false intuition about signatures for a long time.

Arent hashes one way functions how would you decrypt that or know what the hash should look like after its been sent. Basically if you can't decrypt a hash how does this integrity check really work? Like to me this is really confusing you send the hash to the "Verifier" but can't decrypt it how do you know it wasn't modified. I suppose if you just hash a copy but that hash copy could get modified! (This comment is probably mind boggling especially cause I'm not sure how I should ask this question"

So why couldn't someone in the middle just send you a different document, a new hash and use a new private key that decrypts with the server's public key?

Great video!

Can you make a video about the Matrix Protocol?