Hi folks, Ed Amoroso here. Before we get into this handheld authentication protocol, I want to talk to you a little bit about the business of cybersecurity. Now, it's hard to predict whether one technology, scheme, device, function, protocol in cybersecurity is going to make any money or not. I know we're here to learn the basics, but I'm sure a lot of you spend a lot of time thinking about business and thinking about how do startups make money and what will make money and what won't make money. You get the idea. The protocol I'm going to show you in this video made zero money. And I think it's kind of a good protocol and it's unclear to me exactly why people don't like. I'm going to show it to you, and you think through whether you think this is something that perhaps should have made money or should be something we're using. It's going to involve a calculator-like device, a piece of calculator equipment that you're going to get a number and you're going to type something, read the response and type it in. And you might think that perhaps a calculator might be kind of a pain to keep track of, keep in your pocket, but think about it. All calculators are software-defined now anyway. When was the last time you bought a calculator? You don't. You have it on your device. You have it on your computer. Whether it's your own computer, when you're using a library or at school or at home or you probably just don't use calculators now. The hardware has become software-defined. It's become virtualized, which is the way the direction of computing has been in for some time now. So, let's talk about a protocol where Alice and Bob are communicating. Now, the client wants to authenticate to Bob, Bob wants to challenge. And what they've agreed to in advance is that Alice is going to carry around a little calculator-like device. We're going to pop up a picture here of the protocol between Alice and Bob showing the steps. A teensy little device that implements some function f on the integers. You input an integer, you get an output of the integer. So, what were the steps here? They're sort of obvious, right? I mean, if the server just keeps track of the fact that Alice's calculator function is f, and that's different from every other user. Like every other user gets a calculator with different function. And for those of you who know anything about this, you know it would be the same function with different cryptographic keys. But for now, forget about that. We haven't done crypto yet. Just think of them as a different function on each calculator. So if I have that, the authentication is simple. Alice says I'm Alice. Bob says prove it, here's some number. Then you go number and you call lambda. And in the example, I said 237. You go two three seven enter. It computes f of 237. So, it's implementing a function f and the answer might be whatever the number is, 881. You read it on screen 881. Okay. Type in 881, it goes to Bob. Bob knows the function, Bob knows lambda, Bob knows f of lambda is 881. Checks to see what you sent. They match. Boom, we're good. How's that sound? I think it's a pretty good protocol, right? Why don't we use that? I think it may just be that as this protocol was invented, there may have been some clumsiness associated with having a little calculator device. Is that a possibility? I guess it's certainly one. This question of what algorithms, protocol, systems, whatever are going to be used to make money is really such a difficult question for entrepreneurs, and cybersecurity right now is a vibrant industry where there's just so many interesting startups and companies. A lot of you watching probably work for startups or dream of working for startups or want to build your own startup. And the question of whether what you're doing, what are your technical approach, or whatever your scheme is, is going to make money, is such a difficult question. If I could tell you, then I would be a billionaire and I assure you, I'm not. So this protocol is one that we're going to start with. Now, in a subsequent video, the next one, so I want you to maybe watch right after this. We'll look at some properties of this protocol and see something very interesting pop up with respect to this that might be a hint as to why more people don't use this cryptographic protocol. Again, cryptographic meaning f of a number is like encrypting it. That makes sense? The lambda is plain text, f of lambda, ciphertext. So functions, in this context, are like cryptography. That interesting? We're going to get comfortable with that, where we just go back and forth between integer functions and crypto because they'll sort of represent the same sort of things. So, we'll see it in the next video.
