Crypto Attacks and Defenses 2-day Crypto Attacks and Defenses
- 19 March 2018 - 20 March 2018
- Hosted by
- Deutsche Telekom
Winterfeldtrasse 21, 10781 Berlin, Germany
View on Google Maps
- Jean-Philippe Aumasson
Students who finish the training will get a certificate of completion.
The 2-day training Crypto Attacks and Defenses by Jean-Philippe Aumasson and Philipp Jovanovic is designed to familiarize developers and security professionals of any level with the most important concepts and best practices of modern cryptography. The training sheds also a light upon some of the most common vulnerabilities and failures found in cryptographic applications over the years and analyses how they could have been prevented.
In the lectures, students learn about all the important basics of modern cryptography. This includes notions such as secure randomness generation, block ciphers and stream ciphers, hash functions, authenticated encryption, key exchange protocols, digital signing schemes, elliptic curve cryptography, and formal security notions and attack models. The training also features topically focused talks on the Transport Layer Security (TLS) protocol, password protection, secure messaging, distributed ledger technologies, and post-quantum cryptography.
In the hands-on sessions, participants put into practice the notions and tools encountered during the lectures by being challenged to find, exploit, and fix vulnerabilities in cryptographic software. The exercises consist of a mix of made-up problems and examples of real-world vulnerabilities found in widely deployed systems.
There are no specific prerequisites for this course beyond a basic programming background.
Students should bring a notebook capable of running Virtualbox or VMware.
Topics Covered During the Course
Cryptography, cryptanalysis, randomness, block ciphers, stream ciphers, hash functions, authenticated encryption, elliptic curve cryptography, vulnerability research, secure messaging, TLS, password hashing, post-quantum cryptography, blockchains, Bitcoin
- Day 1 Lectures:
- Cryptography Basics
- Elliptic Curve Cryptography
- Post-quantum Cryptography
- Day 1 Exercises:
- Entropy Testing
- Cryptanalysis of an IoT Protocol
- Breaking PRNGs I
- Breaking Hash Functions I
- Breaking RSA I
- Implementing ECC-based Systems
- Day 2 Lectures:
- Side-channel Attacks
- Cryptography Libraries
- Transport Layer Security (TLS)
- Secure Messaging
- Bitcoin and Blockchains
- Day 2 Exercises:
- CBC Oracles
- Cryptanalysis of a Smart Grid Protocol
- Breaking PRNGs II
- Breaking Hash Functions II
- Breaking RSA II
Participants should have some familiarity with common programming languages such as C/C++ and Python. This course is suitable for people who are new to cryptography and IT security. All the theory and concepts related to cryptography and cryptanalysis are explained during the course.
What to Bring
A notebook capable of running Virtualbox or VMware.
Minimum Software to Install
VMware Player, VMware Workstation, VMware Fusion or Virtualbox.
Registration1600€ (until February 19), 2200€ (after).
Prices exclude 19% VAT (MwSt.) for Germany
Cancellation requests by paid registrants must be made at least 45 days before the event and may be subject to an administration fee. In the event of course cancellation by the trainer, students may choose to attend an alternate course (space pending) or receive a full refund.
Pay by Credit Card or Bitcoin
Pay by Check/Wire or
Request a Group Discount
Group discounts are available for 3 or more registrations.
Can't make it? Training is also available at a location of your choice.