Skill Set Name: Fundamental of Cryptography

Topics Level Sub topics Skill Category No Code Share comment
Security functions and cryptography positioning I

Knowing the basic concepts and the big picture of security, knowing the risks in Open Source Software (OSS).


  •  Introduction of the basic concepts of information security and knowing the risks in Open Source Software.
  •   Knowing the basic knowledge and history of cryptography.
  •  Knowing which objectives of information security can be achieved with cryptography
    •  privacy or confidentiality
    •  data integrity
    •  authentication
    •  non-repudiation.
  •   Background on functions
  •  Basic terminology and concepts
  •  Knowing the classification, i.e. symmetric key encryption and asymmetric key encryption.
     
7-1-1-I
Cryptography systems/common key cipher systems II

Introducing the symmetric key encryption, knowing its basic concepts, features, advantages and disadvantages, understanding its mechanisms


  • Introduction
  • Pseudorandom bits and sequences
  • Stream ciphers
    •  Feedback shift registers
    •  Stream ciphers based on LFSRs
    •  Other stream ciphers
  •  Block ciphers
    •  Classical ciphers and historical development
    •  DES and AES
    •  RC5, IDEA and other block ciphers
  •  Some known attacks

 

7-1-2-II
Cryptography systems/public key cipher systems II

Introducing the public key encryption, knowing its basic concepts, features, advantages and disadvantages, understanding its mechanisms.


  •   Introduction
  •  Goals of Public Key Cryptography
  •   Key Exchange and Digital Signature
  •   RSA public-key cryptosystem
  •  Rabin public-key cryptosystem
  •  ElGamal public-key cryptosystem
  •  Elliptic curve public-key cryptosystem
  •  NTRU public-key cryptosystem
  •  Key Length and Security
     
7-1-3-II
Cryptography Toolkits III

Knowing the typical cryptography toolkits, understanding the usage of them.


  •  Operating System Crypto Services,
  •   Crypto Library of OpenSSL Toolkit
  •  Gnu Libgcrypt
  •  Mozilla NSS Security
  •  Cryptography Hardware Support, PKCS #11 Token, BSD/Solaris /dev/crypto hardware crypto device
     
7-1-3-III
Cryptography application systems in information systems II

Understanding the cryptography application systems in information systems, including the database encryption, file encryption, etc.


  • Introduction
  • Database encryption
  • File encryption
7-1-4-II
Digital signature II

Understanding the digital signature mechanisms, understanding the features and usage of typical digital signatures.


  • Introduction
  • A framework for digital signature mechanisms
  • RSA and related signature schemes
  • Fiat-Shamir signature schemes
  • The DSA and related signature schemes
  • One-time digital signatures
  • Other signature schemes
  • Signatures with additional functionality
  • Digital certificate
     
7-1-5-II
OSS utilization scenes II

Knowing the necessity of cryptography in different OSS application scenes. Knowing the implementation of encryption processing with OSS at the OS, middleware, and application levels.


  • Introduction
  • Software encryption
  • Trust computation and software authentication
  • Web Service Security
     
7-1-6-II
Cryptography usage in Wireless LAN II

Introducing the cryptography usage in WLAN, knowing its necessity, features, advantages and disadvantages. Knowing the implementation of wireless networks encryption.


  • Introduction
  • Attacks in Wireless LAN
  • Types of unauthorized access in Wireless LAN
  • 802.11i security
  • Implementation of Wireless network encryption
     
7-1-7-II
Authentication I

Knowing the basic mechanism and implementation method. Understanding practical methods to achieve a proper authentication system.


  • Introduction
  • The basic concept of authentication
  • Passwords (weak authentication)
     
7-1-8-I
Authentication II

Knowing the basic mechanism and implementation method. Understanding practical methods to achieve a proper authentication system.


  • Challenge-response identification (strong authentication)
  • Customized and zero-knowledge authentication protocols
  • Attacks on authentication protocols
     
7-1-8-II
Encrypted communications using IPSec I

Introducing IPSec, knowing its architecture and operation modes, understanding the algorithms and implementation.


  • Introduction
  • Security architecture of IPSec
  • Modes of operation
7-1-9-I
Encrypted communications using IPSec II

Introducing IPSec, knowing its architecture and operation modes, understanding the algorithms and implementation.


  • Cryptographic algorithms in IPSec
  • Software implementations
  • Standards status
     
7-1-9-II
SSH II

Introducing Secure Shell (SSH), knowing its outline, specifications and features, understanding the usage of SSH.


  • Introduction
  • The history
  • SSH architecture
  • Usage of SSH
    • tunneling
  • Security cautions of SSH
     
7-1-10-II
SSL/TLS II

Introducing Secure Socket Layer (SSL), knowing its outline, specifications, and features, understanding related applications


  • Introduction
  • SSL/TLS Standard in RFC
  • Security Features of SSL/TLS
  • SSL on the Web/ HTTPS
  • Programming with SSL/OpenSSL
  • SSL/TLS on mail protocols
     
7-1-11-II
VPN communications III

Understanding the functions and mechanism of VPN.


  • VPN Routing
  • User-visible PPVPN services
    • Virtual private wire and private line services (VPWS and VPLS)
    • Virtual private LAN service (VPLS)
    • IP-only LAN-like service (IPLS)
  • Categorizing VPN security models
  • Authentication before VPN connection
  • Trusted delivery networks
  • Security mechanisms and mobility
  • OSS implementations
    • PoPToP
    • OpenVPN
    • OpenSWan and StrongSwan
       
7-1-12-III
The mechanism of PKI (public key encryption infrastructure) III

Knowing the purpose, role, and fields of application of Public Key Infrastructure (PKI), understanding the mechanism and the implementation of it.


  • The overview of PKI
  • Basic problems of confidence and trust
  • The basic model of X.509 PKI, including the Certificate Authority (CA), Registration Authority (RA) and Certificate Distribution System.
  • The work flow of X.509 PKI: how does PKI work?
  • Certificate Hierarchies and Cross-Certification.
  • The revocation mechanism of digital certificate, including Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP).
  • Certificate Operations with OpenSSL and Browsers
  • PKI enabled applications.
     
7-1-13-III
PGP III

Understanding the mechanism and usage of PGP.


  • Introduction
  • PGP and SMIME
  • PGP Web of Trust
  • PGP and GnuPG
  • File Encryption with PGP/GnuPG
  • Secure e-mail with PGP/GnuPG
  • package signing
     
7-1-14-III