Introduction to Cryptography, by JP Aumasson
ABSTRACT
A practice-oriented cryptography training covering all the crypto topics that matter in 2024, from encryption techniques to zero-knowledge proofs, from cloud and mobile applications to decentralized systems.
Cryptography is an indispensable tool for protecting information in computer systems, but choosing secure protocols and parameters can become quickly overwhelming. To help avoid common traps and failures, this course teaches participants how to reason about the security of crypto constructions, and how to choose secure, efficient, modern crypto components — be it algorithms, protocols, or libraries.
The training starts from the core knowledge and building blocks and gradually moves towards more advanced protocols and techniques used in modern systems, be it cloud infrastructure or blockchain applications. The class is practice-oriented, highly interactive, and includes many examples of real-world failures.
INTENDED AUDIENCE
KEY LEARNING OBJECTIVES
- Fundamentals of crypto: encryption, hashing, randomness, signature, key agreement, etc.
- Implementation pitfalls: crypto bugs, timing attacks, insecure APIs, etc.
- Applications: end-to-end encryption, key management, blockchain
- Emerging topics: post-quantum crypto, zero-knowledge proofs
COURSE DETAILS
AGENDA
1. FOUNDATIONS:
- Randomness
- Hash functions
- Authenticated encryption
- Public-key cryptography (RSA, elliptic curves, Diffie-Hellman)
2. SECURE COMMUNICATION:
- TLS client-server security
- SSH
- VPNs (WireGuard)
- End-to-end secure messaging
- Password-based authentication (password hashing, PAKEs)
3. REAL WORLD CRYPTOGRAPHY:
- Common coding errors
- Timing attacks
- Essential libraries/APIs/utilities
- Hardware security modules
- Key management
4. ADVANCED CONSTRUCTIONS:
- Zero-knowledge
- Secret sharing
- Multi-party computation
- Post-quantum cryptography
- Decentralized randomness
- Consensus protocols
KNOWLEDGE PREQUISITES
Basic Python coding, knowledge of C is a plus
SYSTEM REQUIREMENTS
Have python3 and gcc installed, or be able to run a VM
ABOUT THE TRAINERS
Dr. Jean-philippe Aumasson is the chief security officer and co-founder of Taurus, a swiss financial tech company specializing in digital assets infrastructure. Since 2006, he has authored more than 60 research articles in the field of cryptography and designed the widely used hash functions blake2 and siphash.
The author of the acclaimed books serious cryptography (2017) and crypto dictionary (2020), he has been giving crypto training since 2013, and talked at leading crypto and security conferences.
Dr. Philipp Jovanovic is an associate professor in information security at university college london. Before joining ucl in 2020, he worked as a postdoctoral researcher at the swiss federal institute of technology lausanne (epfl), Switzerland. He obtained his phd from the university of Passau, Germany, in 2015 and received the university's dissertation award in mathematics and computer science in 2016.
He has been giving cryptography trainings since 2016 and is a scientific advisor at clabs, the organization building the celo blockchain, since 2019. His research interests broadly include cryptography, decentralized systems security, and privacy-enhancing technologies.
Lately he has been working on scalability and interoperability aspects of distributed ledger platforms, public randomness generation, secure multi-party computation, and consensus mechanisms.
