The core of cybersecurity is cryptography.
Excellence in Cryptography
Personalised cutting-edge cryptography training
Digitalisation, data breaches, side-channel attacks, quantum threats… The world is more vulnerable now than ever, and security systems designed today must be able to cope with digital threats of tomorrow.
With Xiphera’s Excellence in Cryptography training, both you and your team will be provided with the best state-of-the-art cryptographic knowledge. Excellence in Cryptography, combining fundamentals of cryptography with their best practices, creates a solid foundation to prepare for external cyber threats.
Xiphera’s Excellence in Cryptography is tailored to perfectly match the customer’s specific needs. For those who desire to have an introduction to cryptographic fundamentals, best practices, and future trends – whether you are a business leader, product planner, or a sales manager – we offer Introductory and Explanatory level trainings. If you are a technologist working with cryptographic algorithms and their implementation in your daily work, the advanced Power User level with hands-on demonstrations is the right choice for you.
After the training, you will be able to
- Understand cryptographic goals, security levels, and primitives,
- Meaningfully contribute to discussions on securing products and services,
- Select the appropriate cryptographic primitives and algorithms,
- Prepare for threats of the emerging quantum computing era,
- Determine protection against side-channel attacks,
- Decipher and explain the abbreviations of cryptography.
Excellence levels
The Introductory level provides the key takeaways of the topics, and enables you to understand the fundamentals of the cryptographic concepts.
The Explanatory level discusses each cryptographic concept at a deeper level, enabling participants to understand differences between available methods and algorithms. At this level, the trade-offs between cryptographic methods and future risk assessments are presented.
The Power User level includes hands-on demonstrations and leads to a deeper understanding of the fundamental operations and trade-offs of the cryptographic algorithms.
Available modules
Xiphera’s Excellence in Cryptography is built of different modules focusing on various thematic topics. Modules are offered in three levels: Introductory, Explanatory, and Power User. The training is customised based on your team’s individual needs and interests, including a selection or all of the modules introduced below.
The crash course is designed for those who want to understand the essential key characteristics of cryptography effectively. The duration of the course is typically 45/60/90 minutes, and the course topics will be tailored based on your specific interests. Check modules A to D for available topics and discuss your requirements with the trainer.
Module A: Introduction to cryptography
The foundation of cybersecurity is cryptography, and understanding the possibilities of cryptography and its fundamental objectives is therefore crucial. This module is an introduction to cryptography, offering a concise overview of cryptographic theory and practice.
The module covers the following topics:
- Fundamental cryptographic concepts and terminology,
- Security goals, security levels, and attack models,
- Present day cryptographic algorithms for information confidentiality, integrity, and authenticity.
Module B: Fundamental primitives of cryptography
This module is highly recommended for everyone who is working with cryptography or information security. The module is an intensive walk-through of contemporary cryptographic primitives both in theory and practice. This module is offered in all three Excellence levels. For the Power User level, the content will be tailored to match your specific needs.
The module covers the following topics:
- Symmetric and asymmetric ciphers,
- Hash functions, keyed hash functions,
- Key derivation functions,
- Authenticated encryption with associated data,
- Public key algorithms,
- Digital signatures.
Module C: Digital trust in communications and digital information
Practically every computing element and service in the world needs cryptographic protection. This protection is increasingly needed regardless of whether the computing element is connected to a public or private network. Creating digital trust relies on cryptographic primitives, and the topics covered in module B are applied when creating digital trust. This module is offered in three Excellence levels.
The module covers the following topics:
- Public key infrastructure,
- The role and use models of digital certificates,
- State-of-the-art secure channel: TLS 1.3,
- Secure device firmware update
Module D: Post-Quantum Cryptography (PQC)
Quantum computing (QC) can potentially revolutionise information and data processing. Quantum computers can break existing public key cryptographic algorithms, if a sufficiently large number of meaningful qubits will be available in a quantum computer. The public key algorithms are the foundation of existing digital trust and are currently used excessively in network communication. To guarantee information security also in the future, the cryptographic algorithms need to be modified and updated for the emerging quantum computing era. After the training, the participants will understand the requirements for Post-Quantum Cryptography for devices, services, and systems.
The module covers the following topics:
- Long-term security goals for information confidentiality,
- State of the art coping methods for PQC era today
Module E: Grey-box attacks and side-channel information
Where classical cryptoanalysis tries to find weaknesses of the cryptographic primitives using black-box attacks, the advanced grey-box attacks aim to extract the side-channel information from cryptographic implementations. The grey-box attacks are applied to cryptographic primitives or complete digital trust platforms which use cryptography. The collected side-channel information can provide attackers a sufficient attack-surface to compromise the security of a system.
The module covers the grey-box attacks both in theory and practice, focusing on practical side-channel attacks:
- Side-channel attacks against current cryptographic and PQC algorithms,
- Protecting against side-channel information extraction,
- Cryptographic primitives and timing attacks.