This course undertakes to lay the foundations of both classic and modern-day cryptography over the span of 5 days. Beginning with the principles, and quickly moving on to discussion of modern ciphers such as RC4, DES and the present-day standard of AES (Rijndael). PKI methods such as Diffie-Hellman, RSA and ECC (Elliptic Curves) are explained in mathematical detail. Digital signature techniques and principles, including hash functions such as MD5 and SHA-1 are discussed as well. Finally, the course concludes by taking the algorithms discussed and showing their incorporation in protocols - both secure (SSL, IPSec, Kerberos) and insecure (NTLM, WEP).
Click here for detailed syllabusThis course focuses on application security - but from the hacker's perspective. Hacker tools and techniques are explained with many practical examples. Students obtain hands-on experience not just in using the tools, but working to defend against them. Common and widely used exploits are analyzed and ways to remediate them are explained.
Click here for detailed syllabusThis seminar focuses on aspects of secure programming - writing applications that are not only performant, but resilient in the face of hacker attacks and tampering. Common vulnerabilities such as buffer overflows, format string attacks, directory traversals and others are explained in detail. For each, we discuss the programming anti-pattern that can lead to the error occurence, its exploitation, and ways to remediate it. This course is available in two flavors - either C/C++ or Java/.Net. The course not only shows the errors and their remediation, but also presents principles of Secure Design - which, if applied a priori, can often counteract and mitigate errors that may lurk in code.
Click here for detailed syllabus | See exampleThis seminar focuses on aspects of secure programming - writing applications that are not only performant, but resilient in the face of hacker attacks and tampering. Common vulnerabilities such as buffer overflows, format string attacks, directory traversals and others are explained in detail. For each, we discuss the programming anti-pattern that can lead to the error occurence, its exploitation, and ways to remediate it. The course not only shows the errors and their remediation, but also presents principles of Secure Design - which, if applied a priori, can often counteract and mitigate errors that may lurk in code.
Click here for detailed syllabus | See example