This course aims to equip learners with the knowledge and skills to understand real-world crypto attacks, make secure decisions while choosing cryptographic primitives, and design or analyze cryptographic systems. The course covers topics such as Random Number Generators, Encryption/Decryption algorithms, message authentication codes, digital signatures, and password storage. It also discusses common insecure crypto patterns, best secure practices, and future-proofing applications. The teaching method involves evaluating leading cryptographic implementations and providing insights for security architects, developers, and security practitioners. The intended audience includes individuals interested in cryptography, security architecture, and application development.
Overview
Syllabus
Intro
Why so many Crypto Failures?
Cryptography Disclaimer
What are we going to talk about today?
What is: Cryptographically Secure Pseudo Random Number Generator (CSPRNG) ?
Dos and Donts Source of Entropy
Authenticated Encryption (AE)
Authenticated Encryption with Associated Data (AEAD)
Dos & Donts
Padding Schemes across implementations
What is a Hash Functions
Hash: Properties/Strength
What is a Message Authentication Code(MAC) ?
Storing Secrets - Dos and Donts
Public Key Cryptography using ECC
Taught by
NorthSec
