10 December 1998
From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: cryptography@c2.net, cypherpunks@cyberpass.net Subject: Encryption and security tutorial available Date: Thu, 10 Dec 1998 22:47:53 (NZDT) I've just released my godzilla crypto tutorial, totalling 509 slides in 8 parts, of which the first 7 are the tutorial itself and the 8th is extra material which covers crypto politics. It's available from http://www.cs.auckland.ac.nz/~pgut001/tutorial/ The tutorial is done at a reasonably high level, there are about two dozen books which cover things like DES encryption done at the bit-flipping level so I haven't bothered going down to this level at all. Instead I cover encryption protocols, weaknesses, applications, and other crypto security-related material. The technical coverage is in the first seven parts: Part1, 66 slides: Security threats and requirements, services and mechanisms, historical ciphers, cipher machines, stream ciphers, RC4, block ciphers, DES, breaking DES, brute-force attacks, other block ciphers (triple DES, RC2, IDEA, Blowfish, CAST-128, Skipjack, GOST, AES), block cipher encryption modes, public-key encryption (RSA, DH, Elgamal, DSA), elliptic curve algorithms, hash and MAC algorithms (MD2, MD4, MD5, SHA-1, RIPEMD-160, the HMAC's). Part2, 104 slides: Key management, key distribution, the certification process, X.500 and X.500 naming, certification heirarchies, X.500 directories and LDAP, the PGP web of trust, certificate revocation, X.509 certificate structure and extensions, certificate profiles, setting up and running a CA, CA policies, RA's, timestamping, PGP certificates, SPKI, digital signature legislation. Part3, 96 slides: IPSEC, ISAKMP, Oakley, Photuris, SKIP, ISAKMP/Oakley, SSL, non-US strong SSL, SGC, TLS, S-HTTP, SSH, SNMP security, email security mechanisms, PEM, the PEM CA model, PGP, PGP keys and the PGP trust model, MOSS, PGP/MIME, S/MIME and CMS, MSP. Part4, 55 slides: User authentiction, Unix password encryption, LANMAN and NT domain authentication and how to break it, Netware 3.x and 4.x authentication, Kerberos 4 and 5, Kerberos-like systems (KryptoKnight, SESAME, DCE), authentication tokens, SecurID, S/Key, OPIE, PPP PAP/CHAP, PAP variants (SPAP, ARAP, MSCHAP), RADIUS, TACACS/XTACACS/TACACS+, ANSI X9.26, FIPS 196, biometrics, PAM. Part 5, 27 slides: Electronic payment mechanisms, Internet transactions, payment systems (Netcash, Cybercash, book entry systems in general), Digicash, SET, the SET CA model. Part 6, 44 slides: Why security is hard to get right, buffer overflows, protecting data in memory, storage sanitisation, data recovery techniques, random number generation, TEMPEST, snake oil crypto, selling security. Part 7, 54 slides: Smart cards, smart card file structures, card commands, electronic purse standards, attacks on smart cards, voice encryption, GSM security and how to break it, traffic analysis, anonymity, mixes, onion routing, mixmaster, crowds, steganography, watermarking, misc. crypto applications (hashcash, PGP Moose). The final part goes into crypto politics: Part 8, 63 slides: History of crypto politics, digital telephony, Clipper, Fortezza and Skipjack, post-Clipper crypto politics, US export controls, effects of export controls, legal challenges, French and Russian controls, non-US controls (Wassenaar), Menwith Hill, Echelon, blind signal demodulation, Echelon and export controls, Cloud Cover, UK DTI proposals, various GAK issues. There are some parts I'm not totally happy with: SPKI is somewhat difficult to explain and I'm looking at redoing that, the section which covers TACACS and related stuff is a bit vague, and part 8 needs a bit of cleaning up. If anyone has suggestions, things I've missed, or corrections, please let me know. Peter.