[ISN] Encryption and security tutorial available

From: mea culpa (jerichoat_private)
Date: Thu Dec 10 1998 - 13:30:10 PST

  • Next message: mea culpa: "[ISN] Upcoming Conferences"

    Forwarded From: "Jay D. Dyson" <jdysonat_private>
    From: Peter Gutmann <pgut001at_private>
    To: cryptographyat_private, cypherpunksat_private
    
    I've just released my godzilla crypto tutorial, totalling 509 slides in 8
    parts, of which the first 7 are the tutorial itself and the 8th is extra
    material which covers crypto politics.  It's available from
    http://www.cs.auckland.ac.nz/~pgut001/tutorial/. 
     
    The tutorial is done at a reasonably high level, there are about two dozen
    books which cover things like DES encryption done at the bit-flipping
    level so I haven't bothered going down to this level at all. Instead I
    cover encryption protocols, weaknesses, applications, and other crypto
    security-related material.  The technical coverage is in the first seven
    parts: 
     
    Part1, 66 slides: Security threats and requirements, services and
    mechanisms, historical ciphers, cipher machines, stream ciphers, RC4,
    block ciphers, DES, breaking DES, brute-force attacks, other block ciphers
    (triple DES, RC2, IDEA, Blowfish, CAST-128, Skipjack, GOST, AES), block
    cipher encryption modes, public-key encryption (RSA, DH, Elgamal, DSA),
    elliptic curve algorithms, hash and MAC algorithms (MD2, MD4, MD5, SHA-1,
    RIPEMD-160, the HMAC's). 
     
    Part2, 104 slides: Key management, key distribution, the certification
    process, X.500 and X.500 naming, certification heirarchies, X.500
    directories and LDAP, the PGP web of trust, certificate revocation, X.509
    certificate structure and extensions, certificate profiles, setting up and
    running a CA, CA policies, RA's, timestamping, PGP certificates, SPKI,
    digital signature legislation. 
     
    Part3, 96 slides: IPSEC, ISAKMP, Oakley, Photuris, SKIP, ISAKMP/Oakley,
    SSL, non-US strong SSL, SGC, TLS, S-HTTP, SSH, SNMP security, email
    security mechanisms, PEM, the PEM CA model, PGP, PGP keys and the PGP
    trust model, MOSS, PGP/MIME, S/MIME and CMS, MSP. 
     
    Part4, 55 slides: User authentiction, Unix password encryption, LANMAN and
    NT domain authentication and how to break it, Netware 3.x and 4.x
    authentication, Kerberos 4 and 5, Kerberos-like systems (KryptoKnight,
    SESAME, DCE), authentication tokens, SecurID, S/Key, OPIE, PPP PAP/CHAP,
    PAP variants (SPAP, ARAP, MSCHAP), RADIUS, TACACS/XTACACS/TACACS+, ANSI
    X9.26, FIPS 196, biometrics, PAM. 
     
    Part 5, 27 slides: Electronic payment mechanisms, Internet transactions,
    payment systems (Netcash, Cybercash, book entry systems in general),
    Digicash, SET, the SET CA model. 
     
    Part 6, 44 slides: Why security is hard to get right, buffer overflows,
    protecting data in memory, storage sanitisation, data recovery techniques,
    random number generation, TEMPEST, snake oil crypto, selling security. 
     
    Part 7, 54 slides: Smart cards, smart card file structures, card commands,
    electronic purse standards, attacks on smart cards, voice encryption, GSM
    security and how to break it, traffic analysis, anonymity, mixes, onion
    routing, mixmaster, crowds, steganography, watermarking, misc. crypto
    applications (hashcash, PGP Moose). 
     
    The final part goes into crypto politics: 
     
    Part 8, 63 slides: History of crypto politics, digital telephony, Clipper,
    Fortezza and Skipjack, post-Clipper crypto politics, US export controls,
    effects of export controls, legal challenges, French and Russian controls,
    non-US controls (Wassenaar), Menwith Hill, Echelon, blind signal
    demodulation, Echelon and export controls, Cloud Cover, UK DTI proposals,
    various GAK issues. 
     
    There are some parts I'm not totally happy with: SPKI is somewhat
    difficult to explain and I'm looking at redoing that, the section which
    covers TACACS and related stuff is a bit vague, and part 8 needs a bit of
    cleaning up.  If anyone has suggestions, things I've missed, or
    corrections, please let me know. 
     
    Peter. 
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:13:35 PDT