This is a guest blog written by Jean-Philippe Aumasson & Philipp Jovanovic about their upcoming TROOPERS17 training: Crypto attacks and defenses.
The 1-day training from last TROOPERS has become a 2-day training, featuring even more real-world attacks and defenses as well as new hands-on sessions! We’ll teach you, step by step, how to spot and exploit crypto vulnerabilities, how to use the strongest forms of state-of-the-art cryptography to secure modern systems (like IoT or mobile applications), and bring you up to speed on the latest and greatest developments in the world of cryptography, such as TLS 1.3, blockchains, and post-quantum crypto.
During the lectures you’ll acquire a solid knowledge of the fundamentals, from randomness over authenticated encryption to timing attacks, and you will learn how cryptography is used in applications such as secure messaging protocols or blockchain systems. Throughout the course, we’ll give examples of real-world failures and how they could have been avoided.
The hands-on sessions will put into practice the notions and tools encountered previously and you will be challenged to find, exploit, and fix vulnerabilities in cryptographic software. The tasks will consist of a mix of made up problems and examples of real vulnerabilities found in widely deployed systems: You’ll break a weak PRNG, you’ll exploit implementation and protocol flaws, and you’ll even find bugs in famous cryptographic software.
The training is suitable to any security professional or security-minded developer who’s got at least some basic understanding of cryptography. You should know the difference between public-key cryptography and secret-key cryptography, but you don’t need to know how the general number field sieve algorithm is working. 🙂
We’ve got PhD’s in crypto, but don’t be scared there won’t be boring theoretical lectures nor tons of math, the course is actually very practice- and offense-oriented.
View our complete TR17 training agenda and pick your package for TROOPERS 17. Can’t wait to see you there!