index.html

加解密入门级材料

<!DOCTYPE HTML SYSTEM "html.dtd">

<html>
<head>
<title>Encryption and Security Tutorial</title>
<body>
<h1>Overview</h1>

This page contains my godzilla crypto tutorial, totalling 509 slides.  It's in
8 parts, of which the first 7 are the tutorial itself and the 8th is extra
material which covers crypto politics.  Part 8 isn't officially part of the
technical tutorial itself.<p>

The tutorial is done at a reasonably high level, there are about two dozen
books which cover things like DES encryption done at the bit-flipping level so
I haven't bothered going down to this level at all.  Instead I cover encryption
protocols, weaknesses, applications, and other crypto security-related
material.  Since the slides are accompanying material for a proper tutorial,
there's a lot of extra context which isn't available just by reading the
slides.  Bear in mind that some of the claims and comments on the slides need
to be taken in the context of the full tutorial.<p>ng the slides are about 150 images, unfortunately I can't make these
available for copyright reasons.<p>

<h1>The Tutorial</h1>

The tutorial is formatted so that two slides fit one page, which means you'll
burn out about 260 pages of paper printing them all out (half that if you print
double-sided).  To view the tutorial you'll need a copy of the free
<a href="http://www.adobe.com/prodindex">Adobe
Acrobat</a> reader software.  Note that most of the diagrams (and there are
quite a few of them) will look a lot better on paper than on screen.<p>

The technical material consists of 7 parts:<p>

<a href="part1.pdf">Part1, 66 slides:</a> Security threats and requirements,
services and mechanisms, historical ciphers, cipher machines, stream ciphers,
RC4, block ciphers, DES, breaking DES, brute-force attacks, other block ciphers
(triple DES, RC2, IDEA, Blowfish, CAST-128, Skipjack, GOST, AES), block cipher
encryption modes, public-key encryption (RSA, DH, Elgamal, DSA), elliptic curve
algorithms, hash and MAC algorithms (MD2, MD4, MD5, SHA-1, RIPEMD-160, the
HMAC's).<p>

<a href="part2.pdf">Part2, 104 slides:</a> Key management, key distribution,
the certification process, X.500 and X.500 naming, certification heirarchies,
X.500 directories and LDAP, the PGP web of trust, certificate revocation, X.509
certificate structure and extensions, certificate profiles, setting up and
running a CA, CA policies, RA's, timestamping, PGP certificates, SPKI, digital
signature legislation.<p>

<a href="part3.pdf">Part3, 96 slides:</a> IPSEC, ISAKMP, Oakley, Photuris,
SKIP, ISAKMP/Oakley, SSL, non-US strong SSL, SGC, TLS, S-HTTP, SSH, SNMP
security, email security mechanisms, PEM, the PEM CA model, PGP, PGP keys and
the PGP trust model, MOSS, PGP/MIME, S/MIME and CMS, MSP.<p>

<a href="part4.pdf">Part4, 55 slides:</a> User authentiction, Unix password
encryption, LANMAN and NT domain authentication and how to break it, Netware
3.x and 4.x authentication, Kerberos 4 and 5, Kerberos-like systems
(KryptoKnight, SESAME, DCE), authentication tokens, SecurID, S/Key, OPIE, PPP
PAP/CHAP, PAP variants (SPAP, ARAP, MSCHAP), RADIUS, TACACS/XTACACS/TACACS+,
ANSI X9.26, FIPS 196, biometrics, PAM.<p>

<a href="part5.pdf">Part 5, 27 slides:</a> Electronic paymenttions, payment systems (Netcash, Cybercash, book entry systems
in general), Digicash, SET, the SET CA model.<p>

<a href="part6.pdf">Part 6, 44 slides:</a> Why security is hard to get right,
buffer overflows, protecting data in memory, storage sanitisation, data
recovery techniques, random number generation, TEMPEST, snake oil crypto,
selling security.<p>

<a href="part7.pdf">Part 7, 54 slides:</a> Smart cards, smart card file
structures, card commands, electronic purse standards, attacks on smart cards,
voice encryption, GSM security and how to break it, traffic analysis,
anonymity, mixes, onion routing, mixmaster, crowds, steganography,
watermarking, misc. crypto applications (hashcash, PGP Moose).<p>

Here endeth the technical material.  The final part goes into crypto
politics.<p>

<a href="part8.pdf">Part 8, 63 slides:</a> History of crypto politics, digital
telephony, Clipper, Fortezza and Skipjack, post-Clipper crypto politics, US
export controls, effects of export controls, legal challenges, French and
Russian controls, non-US controls (Wassenaar), Menwith Hill, Echelon, blind
signal demodulation, Echelon and export controls, Cloud Cover,