Forwarded From: "Jay D. Dyson" <jdyson@techreports.jpl.nasa.gov>
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: cryptography@c2.net, cypherpunks@cyberpass.net
I've just released my godzilla crypto tutorial, totalling 509 slides in 8
parts, of which the first 7 are the tutorial itself and the 8th is extra
material which covers crypto politics. It's available from
http://www.cs.auckland.ac.nz/~pgut001/tutorial/.
The tutorial is done at a reasonably high level, there are about two dozen
books which cover things like DES encryption done at the bit-flipping
level so I haven't bothered going down to this level at all. Instead I
cover encryption protocols, weaknesses, applications, and other crypto
security-related material. The technical coverage is in the first seven
parts:
Part1, 66 slides: Security threats and requirements, services and
mechanisms, historical ciphers, cipher machines, stream ciphers, RC4,
block ciphers, DES, breaking DES, brute-force attacks, other block ciphers
(triple DES, RC2, IDEA, Blowfish, CAST-128, Skipjack, GOST, AES), block
cipher encryption modes, public-key encryption (RSA, DH, Elgamal, DSA),
elliptic curve algorithms, hash and MAC algorithms (MD2, MD4, MD5, SHA-1,
RIPEMD-160, the HMAC's).
Part2, 104 slides: Key management, key distribution, the certification
process, X.500 and X.500 naming, certification heirarchies, X.500
directories and LDAP, the PGP web of trust, certificate revocation, X.509
certificate structure and extensions, certificate profiles, setting up and
running a CA, CA policies, RA's, timestamping, PGP certificates, SPKI,
digital signature legislation.
Part3, 96 slides: IPSEC, ISAKMP, Oakley, Photuris, SKIP, ISAKMP/Oakley,
SSL, non-US strong SSL, SGC, TLS, S-HTTP, SSH, SNMP security, email
security mechanisms, PEM, the PEM CA model, PGP, PGP keys and the PGP
trust model, MOSS, PGP/MIME, S/MIME and CMS, MSP.
Part4, 55 slides: User authentiction, Unix password encryption, LANMAN and
NT domain authentication and how to break it, Netware 3.x and 4.x
authentication, Kerberos 4 and 5, Kerberos-like systems (KryptoKnight,
SESAME, DCE), authentication tokens, SecurID, S/Key, OPIE, PPP PAP/CHAP,
PAP variants (SPAP, ARAP, MSCHAP), RADIUS, TACACS/XTACACS/TACACS+, ANSI
X9.26, FIPS 196, biometrics, PAM.
Part 5, 27 slides: Electronic payment mechanisms, Internet transactions,
payment systems (Netcash, Cybercash, book entry systems in general),
Digicash, SET, the SET CA model.
Part 6, 44 slides: Why security is hard to get right, buffer overflows,
protecting data in memory, storage sanitisation, data recovery techniques,
random number generation, TEMPEST, snake oil crypto, selling security.
Part 7, 54 slides: Smart cards, smart card file structures, card commands,
electronic purse standards, attacks on smart cards, voice encryption, GSM
security and how to break it, traffic analysis, anonymity, mixes, onion
routing, mixmaster, crowds, steganography, watermarking, misc. crypto
applications (hashcash, PGP Moose).
The final part goes into crypto politics:
Part 8, 63 slides: History of crypto politics, digital telephony, Clipper,
Fortezza and Skipjack, post-Clipper crypto politics, US export controls,
effects of export controls, legal challenges, French and Russian controls,
non-US controls (Wassenaar), Menwith Hill, Echelon, blind signal
demodulation, Echelon and export controls, Cloud Cover, UK DTI proposals,
various GAK issues.
There are some parts I'm not totally happy with: SPKI is somewhat
difficult to explain and I'm looking at redoing that, the section which
covers TACACS and related stuff is a bit vague, and part 8 needs a bit of
cleaning up. If anyone has suggestions, things I've missed, or
corrections, please let me know.
Peter.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Fri Dec 11 08:25:51 1998