Ringzer0 - Cryptography Attacks and Defenses, Reloaded

Cryptography Attacks and Defenses, Reloaded

February 2023

^{Introduction to Cryptography, by JP Aumasson} ## Abstract A freshly redesigned cryptography training covering all the crypto topics that matter in 2023, from cloud infrastructure to mobile and decentralized applications. Cryptography is an indispensable tool for protecting information in computer systems, but choosing secure protocols and parameters can become quickly overwhelming. To help avoid common traps and failures, this course teaches participants how to reason about the security of crypto constructions, and how to choose secure, efficient, modern crypto components — be it algorithms, protocols, or libraries. The training starts from the core knowledge and building blocks and gradually moves towards more advanced protocols and techniques used in modern systems, be it cloud infrastructure or decentralized applications. The class is practice-oriented, highly interactive, and includes many examples of real-world failures.

Supplementary Reading Material authored by the instructor(s):

## Agenda #### 1. Foundations: - Randomness - Hash functions - Authenticated encryption - Public-key cryptography (RSA, elliptic curves, Diffie-Hellman) #### 2. Secure Communication: - TLS client-server security - SSH - VPNs (WireGuard) - End-to-end secure messaging - Password-based authentication (password hashing, PAKEs) #### 3. Real World Cryptography: - Common coding errors - Timing attacks - Essential libraries/APIs/utilities - Hardware security modules - Key management #### 4. Advanced Constructions: - Zero-knowledge - Secret sharing - Multi-party computation - Post-quantum cryptography - Decentralized randomness - Consensus protocols

JP Aumasson

Dr. Jean-Philippe (JP) Aumasson is the Chief Security Officer and co-founder of Taurus, a Swiss financial tech company specializing in digital assets infrastructure. Since 2006, he has authored more than 60 research articles in the field of cryptography and designed the widely used hash functions BLAKE2 and SipHash. The author of the acclaimed books [Serious Cryptography (2017)](https://www.amazon.com/Serious-Cryptography-Practical-Introduction-Encryption-ebook/dp/B0722MTGQV) and [Crypto Dictionary (2020)](https://www.amazon.com/Crypto-Dictionary-Tidbits-Curious-Cryptographer-ebook/dp/B08PHS676K), he has been giving crypto training since 2013, and talked at leading crypto and security conferences.

Philipp Jovanovic

Dr. Philipp Jovanovic is an Associate Professor in Information Security at University College London. Before joining UCL in 2020, he worked as a postdoctoral researcher at the Swiss Federal Institute of Technology Lausanne (EPFL), Switzerland. He obtained his PhD from the University of Passau, Germany, in 2015 and received the university's dissertation award in Mathematics and Computer Science in 2016. He has been giving cryptography trainings since 2016 and is a scientific advisor at cLabs, the organization building the Celo blockchain, since 2019. His research interests broadly include cryptography, decentralized systems security, and privacy-enhancing technologies. Lately he has been working on scalability and interoperability aspects of distributed ledger platforms, public randomness generation, secure multi-party computation, and consensus mechanisms.