Cryptography Deep Dive

*This training qualifies for the 2+2 promotion!
Course Description

Cryptography Deep Dive: This is an in depth examination of the field of cryptography.  All modern security, at some level, depends on cryptography.  Whether it is using SSL to secure bank transactions, encrypting e-commerce purchases, or encrypting a hard drive, encryption is key to security.  

This course explores, in depth, the science of cryptography teaching students the history of cryptography, modern cryptographic methods, and how to use techniques like cryptanalysis to break cryptography. The course also covers closely related topics such as hashing and digital certificates.

This course is appropriate for security professionals who want to understand encryption on a deep level, and for those who may need to learn techniques to break encryption.
Who should attend

Network administrators, technical support personnel, and other technical personnel with an interest in cryptography. A basic knowledge of the essentials of cryptography is required.

Note: This is an advanced course. Every existing security certification (CISSP, CEH, CompTIA Security+) all simply asks the person to identify encryption. For example many tests ask a person what is the most common asymmetric encryption algorithm (it is RSA) but they don’t ask the person how RSA works.  They ask the person how long a DES key is (it is 56 bits) or the whether it is a block cipher or stream cipher, but that is as deep as it goes. No current training or certification asks the attendee to go any deeper than that. What this course does is take the person to a much deeper understanding of encryption. And that is important for many practical reasons including:
  • Selecting the correct cryptography for a given situation
  • Being able to crack a given encryption as part of a penetration test
Pre-requisites

Students should have a basic familiarity with what encryption is.
They should know the difference between asymmetric and symmetric encryption, they should know what a digital certificate is, they should know what SSL is.  

What we will teach them is how these things work, and how they can sometimes be compromised. It is also assumed the student has basic math skills such as algebra. We will be introducing some basic number theory but we do not assume the student has an extensive prior math background.
Benefits

This course has several objectives. At the end of this course students should:
  • Understand the history of cryptography
  • Understand modern cryptographic methods, including the mathematics behind those methods.
    • Understand symmetric key encryption
    • Understand asymmetric key encryption
    • Understand just enough number theory to apply it to cryptography
  • Understand cryptanalysis and decrypting.
Course Outline

Module 1: History and Introduction
  • Atbash cipher
  • Caesar Cipher
  • Rot 13
  • Cipher Wheel
  • Vigenere Cipher
  • Enigma Machine
  • Kerkchoff’s Principle
  • Overview of modern cryptographic approaches
Module 2: Number Theory and Discrete Mathematics
  • Information Theory
    • Diffusion
    • Confusion
    • Avalanche
  • Prime Numbers
    • Generating Prime Numbers
    • Euler’s Totient
  • Mod operations
  • Fibonacci Numbers
  • Random and Pseudo Random Numbers
  • pseudo-Hadamard transform
Module 3: Symmetric Algorithms
  • Block v Stream Ciphers
  • DES
  • 3DES
  • AES
  • Blowfish
  • Twofish
  • Skipjack
  • RC4
  • Hashing
    • MD5 and MD6
    • SHA1 – SHA 512
    • Fork 256
    • RIPEMD-160
    • Gost (note this is used by the Russian military so is of interest to DoD).
    • Tiger
  • Symmetric Algorithm Methods
    • Electronic codebook (ECB)
    • Initialization vector (IV)
    • Cipher-block chaining (CBC)
    • Propagating cipher-block chaining (PCBC)
    • Cipher feedback (CFB)
    • Output feedback (OFB)
    • Counter (CTR)
Tools used in this lesson:
  • CryptoBench
  • CryptTool 2.0
Module 4: Asymmetric Algorithms
  • RSA
  • Elliptic Curve
  • El Gamal
  • DSA
  • Digital Signatures and Certificates
Module 5:  Cryptanalysis
  • Chosen ciphertext only
  • Chosen plain text
  • Ciphertext only
  • Kasiski Examination
  • Differential Cryptanalysis
  • Linear Cryptanalysis
  • Integral Cryptanalysis
  • Mod –n cryptanalysis
  • Brute Force
Tools used in this lesson:
  • L0phtCrack
  • Brutus
Module 6:  Steganography
  • Historical
  • Image
  • Video
  • Audio
  • Steganalysis
Tools used in this lesson:
  • Invisible Secrets 2.1
  • MP3 Stego
Module 7:  Additional Topics
  • Quantum Cryptography
    • Quantum Key Distribution (QKD)
  • Multikey cryptographic methods
  • Wireless
    • WEP
    • WPA
    • WPA2
  • SSL/TLS
  • PKI
Instructor
Chuck Easttom

Dates
October 22 – 24, 2011

Pricing
Register and pay by July 31, 2011: $2799
Register and pay by September 15, 2011: $3199
Register and pay after September 16, 2011: $3399

Class Capacity
30
You will get this:
  1. Official CAST Courseware
  2. Complimentary Pass to Hacker Halted conference (Inclusive of Party entrance pass).
  3. Lunch and coffee breaks throughout the duration of the training.
  4. Certificate of Attendance

*This training qualifies for the 2+2 promotion!

spacer
dummy