|
Target Audience
~ IT
Managers
~ Security
Managers
~ Technical
Staff
~ System
Designers & Implementers
Course Content
~ Introduction
- The need for security
- Security services: confidentiality, data integrity, authentication
(of message source and of identity) and non-repudiation
~ Symmetric
ciphers
- Historical examples
- Theoretical security (one-time pad)
- Stream ciphers
- Block ciphers (including DES, AES)
- Modes of operation (ECB, CBC, CFB, OFB)
- Message Authentication Codes (MACs)
~ Asymmetric
techniques
- Public key encryption (including RSA)
- Key-agreement (Diffie-Hellman) and digital signatures (including
RSA, DSA). Includes discussion of hash functions
- Elliptic Curve Cryptography and a comparison between the
different techniques
~ Entity
authentication techniques
~ The
key management lifecycle
- Key generation
- Key storage
- Key distribution: symmetric and asymmetric techniques, digital
certificates (X.509), CAs
- Key usage: key separation, key variants, certificate extension
fields
- Key backup
- Key update
- Key destruction
- Key revocation: CRLs, OCSP
- PKI
~ Cryptographic
Protocols
- SSL/TLS
- S/MIME
- IPSec
Run in conjunction
with QTandC
|
