Introduction to Cryptography, by JP Aumasson
Abstract
A freshly redesigned cryptography training covering all the crypto topics that matter in 2023, from cloud infrastructure to mobile and decentralized applications.
Cryptography is an indispensable tool for protecting information in computer systems, but choosing secure protocols and parameters can become quickly overwhelming. To help avoid common traps and failures, this course teaches participants how to reason about the security of crypto constructions, and how to choose secure, efficient, modern crypto components — be it algorithms, protocols, or libraries.
The training starts from the core knowledge and building blocks and gradually moves towards more advanced protocols and techniques used in modern systems, be it cloud infrastructure or decentralized applications. The class is practice-oriented, highly interactive, and includes many examples of real-world failures.
Agenda
1. Foundations:
- Randomness
- Hash functions
- Authenticated encryption
- Public-key cryptography (RSA, elliptic curves, Diffie-Hellman)
2. Secure Communication:
- TLS client-server security
- SSH
- VPNs (WireGuard)
- End-to-end secure messaging
- Password-based authentication (password hashing, PAKEs)
3. Real World Cryptography:
- Common coding errors
- Timing attacks
- Essential libraries/APIs/utilities
- Hardware security modules
- Key management
4. Advanced Constructions:
- Zero-knowledge
- Secret sharing
- Multi-party computation
- Post-quantum cryptography
- Decentralized randomness
- Consensus protocols