Cryptography: from zero to dont-shoot-yourself-in-the-foot
2024-10-24 , Schengen 1 & 2

Let's be honest: cryptography is hard. Luckily, plenty of great cryptographers in the past 70 years did the heavy lifting for us. So our goal here will be to understand how we can use the most common cryptographic algorithms properly, which one to use depending on the context, the common pitfalls and how to avoid them.


The training will start from the very basics to allow anyone interested to join, so there is no particular presequisite, just really basic math and the willingness to learn without being scared (or to learn regardless of being scared or not :-) ).

We will roughly follow the following syllabus:
- Encryption 101
- Randomness & entropy
- Block ciphers
- Stream ciphers
- Hash functions
- Key generation and key derivation functions / algorithms
- RSA
- Elliptic curves

We only have a couple of hours, so we will not dig deep into algorithms' math and internals, also because this is not the goal of the training.

If you are a cryptography expert and you want to join to add details, insights or correct the trainer if needed (we all do mistakes sometimes and we should all keep learning and improving), you are absolutely welcome!

PS: the course is partially based on the content of the "Serious Cryptography: A Practical Introduction to Modern Encryption" by Jean-Philippe Aumasson book (ISBN-13: 9781593278267 - No Starch Press).

See also: Slides (1.4 MB)

I am a passionate cybersecurity researcher who has spent the last 18 years learning and sharing as much as possible about this fascinating field.

During these years, I have been fortunate enough to work on multiple aspects of the cybersecurity world, including digital forensics, incident response, cryptography, penetration testing, reverse engineering, research and development, and threat intelligence.

This speaker also appears in: