Cryptography

BT216

Table of Contents

Description

Cryptography is an indispensable tool for protecting information in computer systems. In this course, you will learn the inner workings of cryptographic systems and how to use them in real-world applications correctly.

From ancient examples of secret messages and the spies that cracked them to modern cryptographic applications, you will have the opportunity to explore the foundations of data security.

How to make the most of this course?

In order to succeed in the course, the following requirements must be met:

  • Participation in all practical laboratories
  • Self-work at home between lessons
  • Repetition of materials, self-learning, performing tasks, etc…

In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
A personal computer suitable for running virtual machines, with an Internet connection
Transition of the scenarios in the Cyberium Arena.

Target audience

  • Security Analysts
  • IT Personal
  • Law Enforcement

Objectives

  • Understand the basics of Cryptography
  • Being able to identify different kinds of Cryptography
  • Creating tools to crack different kinds of Cryptography

Pre-requisites

• Basic Understanding of Math and Computers

Syllabus

Description

In this module, we will discuss Cryptography in theory, understand different types of algorithms, and also get an opportunity to try encrypting data by completing cryptography challenges. At the end of the module, you will understand the difference between hashes and ciphers and create your own.

Technical content

  • Introduction to Cryptography
    o Ciphertext and Plaintext
    o Ciphers in General
    o Understanding Hashes and Their Usage
    ▪ Generating Hash Using Powershell and CMD
    ▪ Comparing File Content using Hashing
    ▪ Hashes as Digital Signatures
    o Encodings
    ▪ Hashes vs. Encodings
    ▪ Understanding Base’s
    ▪ Manually Generating Base32 Encodings
  • Usage of Cryptography in the Cyber World
    o The Theory of Cryptography in Cyber-Security
    ▪ Hash-Based Password Verification
    ▪ VPNs and SSL Based VPNs
    ▪ IPsec and Tunnelling
    o Poor Cryptography Threats
    ▪ ECB Mode
    ▪ Algorithm Problems
    ▪ Collision Attacks
    ▪ Random Number Generation
    ▪ Key Management Problems

Description

In this module, we are going to do a lot of hands-on work to learn how to implement all the famous techniques and methodologies of Cryptography practically. We will cover most of the private key cryptosystems such as Caesar cipher, Vigenère cipher, Data Encryption Standard (DES) and Advanced Encryption Standard (AES). At the end of the module, the participant will be able to understand cryptography more widely.

Technical content

  • Key Based Encryptions
    o Ciphers in General
    o Symmetric-Key
    ▪ Defining Secure Encryption
    ▪ CBC vs. CTR
    ▪ Understanding CPA-Secure Encryption
    ▪ CCA Attacks
    o Asymmetric-Key
    ▪ Public-Key and Private-Key Concepts
    ▪ Diffie-Hellman Key-Exchange
    ▪ El-Gamal
    ▪ Hybrid Encryption in General
    ▪ RSA and RSA-KEM
    o Block Ciphers
    o Attacks on Block Ciphers
  • Practical Ciphering
    o Classical Encryption Types
    ▪ AES – Advanced Encryption Standard
    ▪ Blowfish
    ▪ DES
    ▪ RC2 and RC4
    ▪ ROT13 and ROT47 – Caesar Ciphers
    ▪ XOR
    ▪ The Vigenère Cipher
    o Mechanical – Enigma and Lorenz
    o Encryption in Application
    ▪ Concept of Encryption in Whatsapp
    ▪ SSH – Symmetric Encryption
    ▪ Diving into SSL\TLS Structure

Labs

The following labs are part of the actual BT216 course:
  • Lab 1 Hashing and Encoding
  • Lab 2 Cryptography Methods
  • Lab 3 Key-Based Encryptions
  • Lab 4 Decrypting Techniques

Real cases studies

Case study #1 (CR001)
Attackers use a technique that could allow them to access the entire content of a password-protected or encrypted PDF file. Small press companies suffered data exposure; the local security department was able to retrieve some of the data, but the rest of the files were encrypted.
Reference
Case study #2 (CR002)
Cybersecurity researchers released an updated version of a ransomware decryption tool that could allow millions of users to unlock their encrypted files. A problem appeared when some of the files couldn’t be decrypted and needed some special knowledge in algorithms. The researchers want your help to understand some of the encryptions their tool couldn’t decrypt.
Reference
Previous slide
Next slide
BT216

 Course type

This course is delivered in the following ways:

  • Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
  • In situe classroom with proctored labs and scenarios executed in our Cyberium Arena

All sessions are recorded and attendees can replay them  during 30 days. All course material is electronically made available to the participant.

 Course Group:
Defense

LEVEL
0%
1
HOURS

 Hands-on / Theory MiX

The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.

1 %
Hands-on
1
Labs
1
Case Studies

Required EqUIPMENT

Network connection

As this course extensively uses a cloud based Learning Management System, including a lab arena, the attendees need a stable broadband connection to the Internet.

BYOD – Bring Your Own Device

As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:

  • Audio and Video
  • 8 GB RAM
  • 200 GB Disk Space
  • Virtualization capabilities (supporting latest version of Virtualbox or similar virtual machine application)

And also a Good Headset with Mic

More Details

Subscribe