This is a course of applied cryptography aimed at anyone implementing crypto, using crypto libraries or APIs, reviewing Crypto implementations, selecting crypto schemes, or even designing new ones. In order to best understand how to build software with secure crypto, we will focus on attacks, with theory and principles supported with real-world examples of recent crypto bugs. We plan to have an interactive course, with everyone sharing experiences and asking questions or suggesting discussion topics.
The course can be given in French or English, depending on the audience.
A tentative roadmap is as follows (to be adapted depending on the participants’ expertise and preferences):
Background/definitions - The building blocks: ciphers, hash functions, MACs, PRFs, RNGs, public-key encryption, signatures, key agreement, etc. - Security notions and models: semantic security, perfect forward secrecy, black boxes vs. side channels, etc. Randomness - Examples of bugs and (epic) failures - How to use strong randomness, depending on your needs/constraints: Which RNG to use? Which API? Which entropy source(s)? etc. - How (not) to test your RNG, what tests it will (not) detect Attacks and defenses - Timing attacks: principle, examples of attacks, defenses - Padding oracles: principle, examples of attacks, defenses - Case study: AES cache-timing attacks - Case study: RC4 failures (from WEP to TLS) - Case study: RSA PKCS#1 v1.5 and side channels Using crypto - Libraries and APIs: when (not) to use OpenSSL, CryptoAPI, NaCl, etc. - AES-128 or AES-256? RSA or ECC? which TLS ciphersuites? etc. - What is the right key size? for which application? - Testing crypto (it’s more than test vectors) - Elliptic curve crypto demystified
Useful references to check before the training:
https://cryptocoding.net/ http://blog.cryptographyengineering.com/ https://131002.net/data/talks/cryptanalysis_bhad11.pdf http://spar.isi.jhu.edu/~mgreen/650.445/Course_Syllabus.html http://cacr.uwaterloo.ca/hac/ http://www.cryptofails.com/
A presentation brochure is available at https://131002.net/data/training/cryptofordev.pdf