Course Overview
Who should attend?
R&D managers and software engineers,IT security staff, security administrators ,Any technical staff interested in understanding security fundamentalsPrerequisite:
None
Course Outline:
1. Introduction (1 hours)
• Confidentiality, Data-Integrity and Non-repudiation – terminology
• Attack types
• Information security requirements
2. Encryption & Confidentiality (4-5 Hours)
• Cryptography Fundamentals
– One Time Pad
– Brute-Force attacks and key-size
• Symmetric and non symmetric encryption
• Symmetric stream ciphers
– Algorithms (RC4)
• Symmetric block ciphers
– AES algorithm
• Symmetric block encryption modes
– ECB
– CBC
– CTR
• Non-symmetric encryption
– DH Algorithm
– RSA Algorithm
• Hybrid Encryption
3. Digital Signatures and Data-Integrity (2 Hours)
• Crypto hash functions and Message Digest
• MAC (Message Authentication Code)
– HMAC
– CMAC & OMAC
• Digital signatures
4. Authenticated Encryption & GCM (1 hour)
5. PKI & Authentication (3-4 Hours)
– Intermediate CA
• OCSP(RFC 6960)
6. SSL and HTTPS (3-4 Hours)
• SSL design goals
• SSL Record Layer protocol
• SSL Handshake
• SSL Alert protocols
• SSL Cipher suites
• SSL Vesions
7. Summary