Many aspects of data security today rely on some forms of cryptographic algorithms, making it very important to understand the concepts and details behind the specific cryptographic algorithms that are being used. In this module, we will look at the foundations of cryptography, the different algorithms and approaches, and will attempt to achieve deeper understanding on how the algorithms work and how they can be used to perform specific tasks. At the end of this module, the attendees are expected to know not only what algorithms to use and where, but to also be able to understand why, and with what kinds of risks, if any.
Purpose, concept and background of cryptography
How cryptography is used in computing and systems
Different kinds of approaches to cryptography
Different algorithms and their logical groupings
The nature and purpose of hashing algorithms
Practical applications of hashing algorithms
Collisions and collision resistance in hashing algorithms
A closer look at MD5, SHA1 and SHA2 algorithms: Analysis, weaknesses, vulnerabilities, recommendations
Generating message authentication codes (MAC) by using hashing algorithms (HMAC)
Utilizing different algorithms to generate an HMAC: Practical applications of HMAC-MD5, HMAC-SHA1, etc.
How, why and where to use symmetric encryption
Stream ciphers and block ciphers
Overview of commonly used algorithms: DES, 3DES, Blowfish, IDEA, RC4, RC5, RC6, AES
The Advanced Encryption Standard (AES): Practical uses, options, limitations and analysis
Concept, purpose and nature of asymmetric encryption
The difference between symmetric and asymmetric encryption
Public and private keys, and how they are used
Using asymmetric encryption for digital signatures
RSA and DSA
Cryptographic signatures, certificates and public key infrastructures (PKI)
Registration authority, certificate authority, web of trust, etc.
Application and implementation of cryptography algorithms to various known network protocols: SSL, WEP, WPA, HTTPS, IPsec.
The meaning and purpose of “VPN”, and how it works.
Breaking encryptions: Past known vulnerabilities, known attacks and intrusions, and what we can learn from them.
All Emerge trainings can be conducted in different locations globally, in customer offices, shared facilities, Emerge-provided training centers, online or through other means, depending on the requirements of the training participants.