Introduction to Cryptography Training – Level 1

Introduction to Cryptography Training By TONEX

Introduction to  Cryptography Training Course Description – The TONEX cryptography training course introduces you to a variety of topics in cryptography such as: Information security and cryptography, stream and block ciphers, symmetric and asymmetric encryption, public key infrastructure (PKI) encryption, public key encryption, hash functions, digital signatures, and digital certificates.

Cryptography is simply expressed as having the concept in a secret code. Such a definition will help the computer security to preserve the authentication, privacy, integrity and confidentiality of data.

By taking the TONEX cryptography training, you will understand the main concept of cryptography, classification of ciphers, Stream ciphers, clock control generators, filter generators and combination generators. Moreover, you will learn about block ciphers, their modes of operation and advanced encryption standards (AES).

TONEX cryptography training course includes many in-class activities including hands on exercises, case studies and workshops. During the cryptography training, students bring in their own sample work and projects and through our coaching, develop their own cryptography framework.

Learn about symmetric or private key encryption schemes, and different types of ciphers in this category such as permutation cipher, semantic security, security of CTR modes, entropy, symmetric key distribution and key management techniques.

Learn about the asymmetric encryption concepts, notations of security, and hybrid encryption. Furthermore, understand the importance of public key crypto, certificate authority, roles of computer security and confidentiality, integrity, availability (CIA).

Learn the principles of public key encryption such as: RSA public key encryption, Rabin public key encryption, probabilistic public key encryption, factoring algorithms, discrete algorithms, key exchange and finite field arithmetic in public key encryption.

By taking this course you will also learn about the hash functions and data integrity topics, general classification of hash functions, iterated hash functions, keyed hash functions (MACs) and un-keyed hash functions (MDCs).

This training helps you to discover the different types of digital signatures, and possible attacks on digital signatures and how to protect the system against these attacks.

If you are an IT professional who specialize in system security, you will benefit the presentations, examples, case studies, discussions, and individual activities upon the completion of Cryptography training and will prepare yourself for your career.

Finally, the cryptography training will introduce the digital certificates, certificate validation, different types of digital certificates and concludes by introducing the cryptographic threats and tools to protect against cryptographic threats.

Audience

The cryptography training is a 2-day course designed for:

• All individuals who need to understand the concept of cryptography.
• IT professionals in the areas of software security and cryptography
• Cyber security professionals, network engineers, security analysts, policy analysts
• Security operation personnel, network administrators, system integrators and security consultants
• Security traders to understand the software security of web system, mobile devices, or other devices.
• Investors and contractors who plan to make investments in security system industry.
• Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
• Managers, accountants, and executives of cyber security industry.

Training Objectives

Upon completion of the cryptography training course, the attendees are able to:

• Learn the concept of cryptography and basic terminologies related to key encryption
• Explain different types of ciphers, their classification, and operation principles
• Differentiate the symmetric and asymmetric key encryption
• Explain the concept of public key infrastructure and cryptographic tools
• Understand the public key encryption, different types of public key encryption algorithms, and their operation principles
• Describe hash functions, keyed hash functions (MACs) and un-keyed hash functions (MDCs)
• Understand the digital signatures, digital certificates and protection against threats
• Recognize the cryptographic threats and tools to mitigate them

Training Outline

The cryptography training course consists of the following lessons, which can be revised and tailored to the client’s need:

Introduction to Cryptography

• Information security and cryptography
• Backgrounds and functions
• Basic terminology and concepts
• Symmetric key encryption
• Digital signatures
• Authentication and identification
• Public key cryptography
• Hash functions
• Key establishment, management, and certification
• Classes of attacks and security models

 Stream Ciphers

• Introduction to stream ciphers
• Classification of ciphers
• Feedback shift registers
• Linear feedback shift registers
• Complexitiy of linear feedback shift registers
• Berlekamp-Massery algorithm
• Nonlinear feedback shift registers
• Stream ciphers
• Clock control generators
• Nonlinear filter generators
• Combination generators (non-linear)

 Block Ciphers

• Introduction to block ciphers
• Modes of operation
• Exhaustive key search and multiple encryptions
• Classical ciphers and historical development
• Transposition ciphers
• Substitution ciphers
• Polyalphabetic ciphers
• Cryptanalysis of classical ciphers
• Advanced encryption standards (AES)
• Data Encryption standard (DES)
• Product ciphers and Feistel ciphers
• DES algorithm
• DES properties
• Iterated DES and DESX
• FEAL
• IDEA
• Limitation of key recovery based security

 Symmetric (Private Key) Encryption

• Symmetric encryption schemes
• Historical ciphers
• Shift cipher
• Sunstation cipher
• Vigenere cipher
• Permutation cipher
• Issues in privacy
• Semantic security
• Security of CTR modes
• The enigma machine
• Information theoretic security
• Probability and ciphers
• Entropy
• Historical stream ciphers
• Modern stream ciphers
• Block ciphers
• Symmetric key distribution
• Key management
• Secret key distribution
• Formal approaches to protocol checking
• Message authentication codes

 Asymmetric Encryption

• Asymmetric encryption schemes
• Notions of security
• Hybrid encryption
• ElGamal scheme

 Main Aspects of Cryptography: PKI and Encryption

• Concept of public key infrastructure (PKI)
• Basic definitions before PKI
• Public key crypto
• Certificate
• Certificate authority
• Relationship between PKI and basic terms
• Roles of computer security
• CIA (confidentiality, integrity, availability)
• Cryptographic tools
• Hash functions
• Secret key cryptography

 Public Key Encryption

• Introduction
• Public key cryptography
• Basic principles of public key encryption
• RSA public key encryption
• Security of RSA
• Rabin public key encryption
• ElGamal public key encryption
• McEliece public key encryption
• Knapsack public key encryption
• Probabilistic public key encryption
• Merkle-Hellman knapsack encryption
• Chor-Rivest knapsack encryption
• Goldwasser-Micali probabilistic encryption
• Blum-Goldwasser probabilistic encryption
• Plaintext-aware encryption
• Primary testing and factoring
• Prime numbers
• Factoring algorithms
• Modern factoring methods
• Discrete algorithm
• Pohlig-Hellman method
• Pollard type method
• Key exchange and signature schemes
• Using hash functions in key exchange
• Implementation issues
• Exponentiation algorithms
• Exponentiation in RSA
• Finite field arithmetic
• Obtaining authentic public keys

Hash Functions and Data Integrity

• Introduction to hash functions
• Classification of hash functions
• General classification
• Basic properties of hash functions
• Iterated hash functions
• Formatting and initialization of hash functions
• Bit sizes required for hash functions
• Un-keyed hash functions (MDCs)
• Hash functions based on block ciphers
• Hash functions based on modular arithmetic
• Keyed hash functions (MACs)
• MACs based on block ciphers
• Customized MACs
• MAC for stream ciphers
• Data integrity and message authentication
• Malicious threats to data integrity
• Data integrity using MAC
• Data integrity using MDC and authentic channel
• Data integrity combined with encryption
• Attacks on hash functions
• Birthday attack
• Pseudo-collisions
• Chaining attacks

Digital Signature

• Introduction to digital signatures
• Basic definition
• Digital signature schemes
• Types of attacks on signature schemes
• RSA and related signature schemes
• Possible attacks on RSA signature
• The Rabin public key signature scheme
• ISO/IEC 9796 formatting
• Fait-Shamir signature schemes
• DSA and related signature schemes
• GQ signature scheme
• Digital signature algorithm (DSA)
• ElGamal signature scheme
• Schnorr signature scheme
• One time digital signatures
• Rabin one-time signature scheme
• Merkle one time signature scheme
• GMR one-time signature scheme
• Arbitrated digital signatures
• ESIGN
• Signatures with additional functionality
• Fail-stop signature scheme
• Blind signature scheme

GPG

• Overview of GPG
• Commands and CLI
• GPG trust model
• GUI – KGPG, Seahorse
• Frontends – Kleopatra, enigmail 2

 Digital Certificate

• Definition of digital certificate
• CA’s identity
• Owner’s identity
• Owner’s public key
• Certificate expiration date
• CA’s signature for certificate
• Types of digital certificate
• Identity certificates
• Accreditation certificates
• Authorization and permission certificates
• Parties to digital certificate
• Public and private keys
• Certificate validation
• X509 certificate
• Third party digital signature certification authorities
• New certificate research
• Companies providing digital certificate
• RSA
• Thawte
• Verisign

 Cryptographic Threats and Tools

• Impersonation
• Pretend to be someone else to gain access to information or services
• Lack of secrecy
• Eavesdrop on data over network
• Corruption
• Modify data over network
• Break-ins
• Take advantage of implementation bugs
• Denial of Service
• Flood resource to deny use from legitimate users
• Firewalls
• Filtering “dangerous” traffic at a middle point in the network
• Network level security (e.g. IPsec)
• Host-to-host encryption and authentication
• Providing security without application knowledge
• Application level security
• True end-to-end security
• Extra effort per application
• Libraries help, like SSL/TLS

 Hands-on and In-Class Activities

• Labs
• Workshops
• Group Activities

Sample Workshops Labs for Cryptography Training

• Encryption using binary/byte addition
• Encryption using binary Exclusive-OR (XOR)
• Diffie-Hellman key exchange and symmetric key cryptography
• Triple DES with CBC mode and Weak DES keys
• RSA Encryption and Factorization Attacks
• Attack test on RSA encryption with short RSA modulus
• Introduction to Hash generation and sensitivity of hash functions
• Digital Signature Visualization
• RSA Signature
• How to generate your RSA public and private keys.
• Attack test on Digital Signature/Hash Collision

 Cryptography Training