10 December 1998


From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@c2.net, cypherpunks@cyberpass.net
Subject: Encryption and security tutorial available
Date: Thu, 10 Dec 1998 22:47:53 (NZDT)

I've just released my godzilla crypto tutorial, totalling 509 slides in 8 
parts, of which the first 7 are the tutorial itself and the 8th is extra 
material which covers crypto politics.  It's available from

http://www.cs.auckland.ac.nz/~pgut001/tutorial/

The tutorial is done at a reasonably high level, there are about two dozen 
books which cover things like DES encryption done at the bit-flipping level so 
I haven't bothered going down to this level at all. Instead I cover encryption 
protocols, weaknesses, applications, and other crypto security-related 
material.  The technical coverage is in the first seven parts:

Part1, 66 slides: Security threats and requirements, services and mechanisms,
historical ciphers, cipher machines, stream ciphers, RC4, block ciphers, DES,
breaking DES, brute-force attacks, other block ciphers (triple DES, RC2, IDEA,
Blowfish, CAST-128, Skipjack, GOST, AES), block cipher encryption modes,
public-key encryption (RSA, DH, Elgamal, DSA), elliptic curve algorithms, hash
and MAC algorithms (MD2, MD4, MD5, SHA-1, RIPEMD-160, the HMAC's).

Part2, 104 slides: Key management, key distribution, the certification process,
X.500 and X.500 naming, certification heirarchies, X.500 directories and LDAP,
the PGP web of trust, certificate revocation, X.509 certificate structure and
extensions, certificate profiles, setting up and running a CA, CA policies,
RA's, timestamping, PGP certificates, SPKI, digital signature legislation.

Part3, 96 slides: IPSEC, ISAKMP, Oakley, Photuris, SKIP, ISAKMP/Oakley, SSL,
non-US strong SSL, SGC, TLS, S-HTTP, SSH, SNMP security, email security
mechanisms, PEM, the PEM CA model, PGP, PGP keys and the PGP trust model, MOSS,
PGP/MIME, S/MIME and CMS, MSP.

Part4, 55 slides: User authentiction, Unix password encryption, LANMAN and NT
domain authentication and how to break it, Netware 3.x and 4.x authentication,
Kerberos 4 and 5, Kerberos-like systems (KryptoKnight, SESAME, DCE),
authentication tokens, SecurID, S/Key, OPIE, PPP PAP/CHAP, PAP variants (SPAP,
ARAP, MSCHAP), RADIUS, TACACS/XTACACS/TACACS+, ANSI X9.26, FIPS 196,
biometrics, PAM.

Part 5, 27 slides: Electronic payment mechanisms, Internet transactions,
payment systems (Netcash, Cybercash, book entry systems in general), Digicash,
SET, the SET CA model.

Part 6, 44 slides: Why security is hard to get right, buffer overflows,
protecting data in memory, storage sanitisation, data recovery techniques,
random number generation, TEMPEST, snake oil crypto, selling security.

Part 7, 54 slides: Smart cards, smart card file structures, card commands,
electronic purse standards, attacks on smart cards, voice encryption, GSM
security and how to break it, traffic analysis, anonymity, mixes, onion
routing, mixmaster, crowds, steganography, watermarking, misc. crypto
applications (hashcash, PGP Moose).

The final part goes into crypto politics:

Part 8, 63 slides: History of crypto politics, digital telephony, Clipper,
Fortezza and Skipjack, post-Clipper crypto politics, US export controls,
effects of export controls, legal challenges, French and Russian controls,
non-US controls (Wassenaar), Menwith Hill, Echelon, blind signal demodulation,

Echelon and export controls, Cloud Cover, UK DTI proposals, various GAK issues.
There are some parts I'm not totally happy with: SPKI is somewhat difficult to 
explain and I'm looking at redoing that, the section which covers TACACS and 
related stuff is a bit vague, and part 8 needs a bit of cleaning up.  If 
anyone has suggestions, things I've missed, or corrections, please let me 
know.

Peter.