Crypto Attacks and Defenses 2-day Crypto Attacks and Defenses
- 19 March 2018 - 20 March 2018
- Hosted by
- Deutsche Telekom
Winterfeldtrasse 21, 10781 Berlin, Germany
View on Google Maps
- Jean-Philippe Aumasson and Philipp Jovanovic
Students who finish the training will get a certificate of completion.
The 2-day training Crypto Attacks and Defenses by Jean-Philippe Aumasson and Philipp Jovanovic is designed to familiarize developers and security professionals of any level with the most important concepts and best practices of modern cryptography. The training sheds also a light upon some of the most common vulnerabilities and failures found in cryptographic applications over the years and analyses how they could have been prevented.
In the lectures, students learn about all the important basics of modern cryptography. This includes notions such as secure randomness generation, block ciphers and stream ciphers, hash functions, authenticated encryption, key exchange protocols, digital signing schemes, elliptic curve cryptography, and formal security notions and attack models. The training also features topically focused talks on the Transport Layer Security (TLS) protocol, password protection, secure messaging, distributed ledger technologies, and post-quantum cryptography.
In the hands-on sessions, participants put into practice the notions and tools encountered during the lectures by being challenged to find, exploit, and fix vulnerabilities in cryptographic software. The exercises consist of a mix of made-up problems and examples of real-world vulnerabilities found in widely deployed systems.
There are no specific prerequisites for this course beyond a basic programming background.
Students should bring a notebook capable of running Virtualbox or VMware.
Topics Covered During the Course
Cryptography, cryptanalysis, randomness, block ciphers, stream ciphers, hash functions, authenticated encryption, elliptic curve cryptography, vulnerability research, secure messaging, TLS, password hashing, post-quantum cryptography, blockchains, Bitcoin
- Day 1 Lectures:
- Cryptography Basics
- Elliptic Curve Cryptography
- Post-quantum Cryptography
- Day 1 Exercises:
- Entropy Testing
- Cryptanalysis of an IoT Protocol
- Breaking PRNGs I
- Breaking Hash Functions I
- Breaking RSA I
- Implementing ECC-based Systems
- Day 2 Lectures:
- Side-channel Attacks
- Cryptography Libraries
- Transport Layer Security (TLS)
- Secure Messaging
- Bitcoin and Blockchains
- Day 2 Exercises:
- CBC Oracles
- Cryptanalysis of a Smart Grid Protocol
- Breaking PRNGs II
- Breaking Hash Functions II
- Breaking RSA II
Participants should have some familiarity with common programming languages such as C/C++ and Python. This course is suitable for people who are new to cryptography and IT security. All the theory and concepts related to cryptography and cryptanalysis are explained during the course.
What to Bring
A notebook capable of running Virtualbox or VMware.
Minimum Software to Install
VMware Player, VMware Workstation, VMware Fusion or Virtualbox.
Registration SoonSorry, registration for this course has not yet opened. If you are interested in this course please email us and we will let you know as soon as registration is open.
Cancellation requests by paid registrants must be made at least 45 days before the event and may be subject to an administration fee. In the event of course cancellation by the trainer, students may choose to attend an alternate course (space pending) or receive a full refund.
Can't make it? Training is also available at a location of your choice.