Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Peter Gutmann <pgut001 <at> cs.auckland.ac.nz>
Subject: Godzilla crypto and security tutorial updated
Newsgroups: gmane.comp.encryption.general
Date: Wednesday 26th October 2005 06:51:21 UTC (over 11 years ago)
I've finally got around to finishing a major update of my Godzilla crypto
and
security tutorial to cover newer material like WEP, WPA, and WPA2.  It's
available from http://www.cs.auckland.ac.nz/~pgut001/tutorial/index.html
and
comprises 784 slides in 10 parts.

The tutorial covers security threats and requirements, services and
mechanisms, and sercurity data format templates, historical ciphers, cipher
machines, stream ciphers, RC4, block ciphers, DES, breaking DES,
brute-force
attacks, other block ciphers (AES, Blowfish, CAST-128, GOST, IDEA, RC2,
Skipjack, triple DES), block cipher encryption modes (ECB, CBC, CFB,
encrypt+MAC modes), public-key encryption (RSA, DH, Elgamal, DSA), using
PKCs,
elliptic curve algorithms, hash and MAC algorithms (MD2, MD4, MD5, SHA-1,
SHA-2, RIPEMD-160, the HMAC's), pseudorandom functions, key management, key
distribution, the certification process, X.500 and X.500 naming,
certification
heirarchies, X.500 directories and LDAP, the PGP web of trust, certificate
revocation, X.509 certificate structure and extensions, certificate
profiles,
setting up and running a CA, CA policies, RA's, timestamping, PGP
certificates, SPKI, why do we need digital signature legislation, what is a
signature, paper vs.electronic signatures, non- repudiation, trust, and
liability, existing approaches, examples of existing legislation of various
types including advantages and drawbacks, the Digital Signature Law litmus
test, user authentication, Unix password encryption, LANMAN and NT domain
authentication and how to break it, GSM security, S/Key, OPIE, TANs, PPP
PAP/CHAP, PAP variants (SPAP, ARAP, MSCHAP), RADIUS, DIAMETER,
TACACS/XTACACS/TACACS+, EAP and variants (EAP-TTLS, EAP-TLS, LEAP, PEAP)
Kerberos 4 and 5, Kerberos-like systems (KryptoKnight, SESAME, DCE),
authentication tokens, SecurID, X9.26, FIPS 196, Netware 3.x and 4.x
authentication, biometrics, PAM, SSL, TLS, TLS-PSK, SGC, SSH, TLS vs.SSH,
IPsec, AH, ESP, IPsec key management (Photuris, SKIP, ISAKMP, Oakley,
SKEME),
IKE, IPsec problems, OpenVPN, WEP, WEP problems, WPA, TKIP, AES-CCM,
DNSSEC,
S-HTTP, SNMP, email security mechanisms, PEM, the PEM CA model, PGP, PGP
keys
and the PGP trust model, MOSS, PGP/MIME, S/MIME and CMS, MSP, opportunistic
email encryption (STARTTLS/STLS/AUTH TLS), electronic payment mechanisms,
Internet transactions, payment systems, Netcash, First Virtual, Cybercash,
book entry systems, Paypal, Digicash, e- cheques, SET, the SET CA model,
SET
problems, prEN 1546, TeleQuick, Geldkarte, EMV, micropayments, smart cards,
smart card file structures, card commands, PKCS #11, PC/SC, JavaCard/OCF,
multiapplication cards, iButtons, contactless cards, vicinity cards,
attacks
on smart cards, traffic analysis, anonymity, mixes, onion routing,
mixmaster,
crowds, LPWA, steganography, watermarking, misc. crypto applications
(hashcash, PGP Moose), TEMPEST, snake oil crypto, selling security.
TCSEC/Orange Book, crypto politics, digital telephony, Clipper, Fortezza
and
Skipjack, US export controls, effects of export controls, legal challenges,
French and Russian controls, non-US controls (Wassenaar), Menwith Hill,
Echelon, blind signal demodulation, Echelon and export controls, Cloud
Cover,
UK DTI proposals, and various GAK issues.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [email protected]
 
CD: 4ms