Non-computer people are the best people.

I was about to say exactly this.

+Genkaku Ishiki As a computer person I find this deeply offensive.

@@WackyConundrum I personally think geeks are fun, in a way. Maybe some people are a bit awkward, but I think most are ethical and not manipulative. And interesting, if they can think a bit outside of the box.

HasekuraIsuna They are combined using 1 directional algorithms. The video says you can easily add colors but subtracting takes a very long time, millions of years. The math used works in the one direction. There isn't a nice divide function.

It would be more easy to actually calculate every possible pair and just search for it if necessary. But nevertheless it is nearly impossible and to get a single one right will most likely take years of computing. In the meantime the transaction is done and a new secret key took it's place. PS Division with such large numbers will cause most computers to give up. Even just 308 random dez digits can't be digested by most calculating programs. The usual public key has around 4096 bits so around 1000 digits ~ in dezimal. Also there can be happening more than a multiplication, maybe some modulus, what kills every last hope of calculating the secret key.

Yes, the reason one way encryption works is you use very large prime numbers as halves of the key There is no way to FACTOR a number without brute force. A number like 12 is easy, 1 2 3 4 6 12.. a huge prime x a huge prime = a gigantic number with only two factors, apart from 1 and itself of course. No way to find these numbers.

There is modular arithmetic involved, where the modulo (part of the public key) is the product of two large prime numbers (typically 2048 bits each). Solving for an inverse to this operation requires factoring the modulo into its prime factors, and since no efficient integer factorization algorithm is known to exist, this process would take thousands of years on a classical computer (or even more), using the current best factorization algorithms. Therefore this method is considered secure in practice. See also the "RSA algorithm" to understand technically how this method works.

Disclaimer: I only took a course on this, so I'm not an expert. You might want to read up on the Diffie-Hellman Exchange if you're interested. It's not actually multiplying the two numbers, but modular exponentiation. Firstly, all calculations below will be done mod M, and this number M is known publicly. Let's assume the numbers are 'b' (for blue), 'y' (for yellow), and 'r' (for red). Both 'y' and 'r' are only known by the individual, and not by anyone else. On the other hand, 'b' and 'M' are public information, which means everyone (including the girl trying to steal their private information) knows them. Step 1: The first person calculates a number Y = b^y mod M, and sends it to the second person. The second person calculates a number R = b^r mod M, and sends it to the first person. So far, the girl can only get 'Y' and 'R' in this exchange. Step 2: The first person calculates a number K1 = R^y mod M, and the second person calculates K2 = R^b mod M. There is no exchange, so the girl did not get anything in this step. Firstly, how are the two men able to get the same number in the end? It can be seen that K1 = R^y = (b^r)^y = b^ry , while K2 = Y^r = (b^y)^r = b^yr = b^ry = K1 . So, they actually got to the same number, without actually exchanging their own private information! Secondly, why is the girl unable to steal their private information through this exchange? The information she knows is 'b', 'M', 'Y', and 'R'. Y = b^y mod M is relatively easy to calculate. And conventionally, one might think it easy as well to find 'y' using logarithms. However, this becomes computationally hard as this is done in modulo M. This is known as the Discrete Logarithm Problem, and is why the girl cannot calculate 'y' or 'r' easily if the numbers are very large. Tl;dr It is very hard to get private information using only public information.

logically, yes... but in practice, the analogy would be: it takes a very very long time to work out which shade of green you need - due to the time it takes to factor very large prime numbers

You would have to hack into the browser and install a plugin to do such a thing, good luck.

They can just do 'man-in-the-browser' attacks now where they'll install trojan software on your machine that infects your browser so that any action you take in the browser communicates with their systems first before the desired 'secure' site, or simultaneously whilst connected with the 'secure' site, and so have full access to the transaction outside of the secure connection. On your side you'll see that you're connected 'securely' to your bank/whatever server, and the bank/whatever server sees that they are connected to your browser 'securely', but in reality all your details are being intercepted outside of that secure connection.

The green padlock is in the browser bar of the web browser so unless you get the person to download and use a entirely fake web browser than won't work.

Thank you. I have no fear of asking stupid questions because I know eventually I'll get a good answer. So I take it that would be hard to do, a browser being a solid piece of secure software, right?

Axel Werner yes, because the intricacies of TLS encryption is exactly what you want to be explainng to kids at a christmas lecture, right?

The resulting 'colour' will be wrong, so any decent software will detect the attack, and reject the message.

Because the 'pour' operation is associative: (Yellow + Blue) + Red = Yellow + (Blue + Red) Each side gets Blue-and-Something, then pours in their own colour to make a solution of all three. The result doesn't depend on which pair gets mixed first, so both sides have the same solution at the end.

They use food colouring in the water!

Even so, pretty mind-blowing.

Be aware that this demonstration is aimed at children so that they can begin to grasp the concept of public key encryption. There's no point in trying to explain everything, because he's trying to give them something which is interesting and which they can understand and remember. Those who grasp the idea might then be moved to learn more about it.

To make the internet more colorful!