The Art of Kleptography: Practical Backdoor Hiding Techniques in Public Key Cryptosystems
2-Day Training | Hybrid
| 22-23 November 2021

The Art of Kleptography: Practical Backdoor Hiding Techniques in Public Key Cryptosystems

This course explains through practical and real examples how to identify and hide backdoors in asymmetric cryptographic protocols using modified random number generators. This class is focusing on practical examples and real life case studies. During the course we will analyze and implement fully undetectable and indistinguishable backdoors in common applications such as SSH, HTTPS, PGP and VPN.
Head of Cryptography Laboratory, xen1thLabs

Available seats

TBA

Difficulty

Professional
US$ 2,299

Attend in-person

at ADNEC Abu Dhabi

Attend online

via livestream

Date

22-23 November 2021

Time

09:00 to 17:00 GST/GMT+4
To be announced

Random numbers are very important in many fields of computer science, especially in cryptography. One of the most important usage of pseudorandom number generators (PRNG) are key generation methods for cryptographic purposes. In PKI systems prime number generation is a vital process to make protocols secure. This course explains through practical and real examples how to identify and hide backdoors in asymmetric cryptographic protocols using modified random number generators. This class is focusing on practical examples and real life case studies. During the course we will analyze and implement fully undetectable and indistinguishable backdoors in common applications such as SSH, HTTPS, PGP and VPN.

- Advanced CTF players

- Cryptography Enthusiasts

- Penetration testers

- Ethical hackers

- Bug hunters

- Security engineers / consultants

  • Cryptography
  • Number Theory
  • Python programming skills
  • Wireshark

This class is meant for security researchers with passion for Cryptography, Number theory and Penetration testing.

  • Identifying & hiding backdoors in asymmetric cryptographic protocols
  • Theory of Kleptography : the study of stealing information securely and subliminally
  • Practical implementation of hidden backdoors (SSH, HTTPS, PGP,VPN)
  • Case study 1: Creating X.509 extended validation (EV) SSL certificates with embedded backdoors
  • Case study 2: Modifying the prime generation method of the OPENSSL library to produce secretly embedded backdoors in prime numbers and certificates
  • Case study 3: Hidden backdoors in VPN protocols

Laptop with guest virtual machines (Linux and Windows 7,8 or 10). Each virtual machine should have 2 GB RAM, with shared folder feature enabled. Preinstalled software’s on the Linux machine: latest OpenSSL library, PARI/GP computer algebra system, Number Field Sieve (NFS) factorization algorithm (CADO-NFS).

+Testimonials

No data was found

+agenda

Title

Details

Date

No data was found

Book your spot for this training

+TRAINERS

Dr. Norbert Tihanyi
Head of Cryptography Laboratory, xen1thLabs

Dr. Norbert Tihanyi (@TihanyiNorbert) holds a B.Sc in Security Engineering, an M.Sc degree in Safety Engineering and an another M.Sc degree in IT Engineering. He received his P.hD in Information Science and Technology from Eötvös Loránd University. He has a strong publication record with more than 30 publications in the field of Prime number theory, Cryptography and Cybersecurity.

He was working for the Hungarian NSA more than 7 years as a cryptanalyst and cyber security engineer. He spent 3 years as a Senior manager at Ernst & Young as a recognized Security Team Leader. Currently he is the Head of Cryptography Laboratory at xen1thLabs, Abu Dhabi, United Arab Emirates. He holds internationally recognized IT security certificates such as OSCE, OSCP, OSWP, CRTP, CEH, ECES and ISO 27001 Lead Auditor.

+OTHER COURSES YOU MIGHT BE INTERESTED IN

x86-64 All You Can Learn Buffet!
US$ 4,299
x86-64 All You Can Learn Buffet!

This class is run a little different from most classes. We provide you purpose-built recorded lectures instead of trapping you in realtime with live-lectures. But fear not, the instructor is always right there eagerly waiting to mingle with the students and answer any questions you have. (The instructor really likes being asked questions. It shows you're paying attention ;)). One of many benefits is that you can watch lectures at 2x speed and zoom ahead of the other students and get to the hands on labs quicker. Or if there's bits of material you already know, you can just skip them and move on to the bits you don't know! Another big benefit is that you get to take the full lectures and labs with you! That means if you forget stuff and then need it in 6 months, you can quickly re-bootstrap yourself! Or you can watch the class twice, to really grow those neural connections and cement it in your brain! And unlike live lectures, our lectures are always getting more factually accurate, by having any accidental errors edited out.


Go HERE to join the 2-day x86-64 Assembly class. Or,
Go HERE to join the 2-day x86-64 OS Internals class. Or,
Go HERE to join the 4-day x86-64 Reset Vector Firmware class.
4-Day Training Hybrid
x86-64 Reset Vector Firmware
US$ 2,299
x86-64 Reset Vector Firmware

This class is designed to give you all the background you need to understand how x86-64 reset vector firmware works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.

You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email info@cyberweek.ae

Go HERE to join the 2-day x86-64 Assembly class. Or,
Go HERE to join the 2-day x86-64 OS Internals class. Or,
Go HERE to join the 4-day x86-64 All You Can Learn Buffet class.
2-Day Training Hybrid
x86-64 OS Internals
US$ 2,299
x86-64 OS Internals

This class teaches you about the fundamental hardware mechanisms which all operating systems, virtualization systems, and firmware *must* interact with in order to run successfully on x86 hardware. This is taught in a *mostly* OS-agnostic way focusing on Intel-isms rather than OS-isms (albeit with using Windows as reinforcement, thanks to its excellent kernel-level debugging support.) This class also teaches you to be comfortable with Reading The Fun Manual (RTFM!) to give you self-sufficiency when seeking out the most accurate details of how things work.

You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email info@cyberweek.ae

Go HERE to join the 2-day x86-64 Assembly class. Or,
Go HERE to join the 2-day x86-64 Reset Vector Firmware class. Or,
Go HERE to join the 4-day x86-64 All You Can Learn Buffet class.
2-Day Training Hybrid
x86-64 Assembly
US$ 2,299
x86-64 Assembly

This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.

 

You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email info@cyberweek.ae

 
Go HERE to join the 2-day x86-64 OS Internals class. Or,
Go HERE to join the 2-day x86-64 Reset Vector Firmware class. Or,
Go HERE to join the 4-day x86-64 All You Can Learn Buffet class.  
2-Day Training Hybrid