ECES: EC-Council Certified Encryption Specialist

Course Information

Course Name

Exam code

212-81

Duration

3 Days

Certification

EC-Council Certified Encryption Specialist (ECES)

Overview

EC-Council’s Certified Encryption Specialist (E|CES) program is designed to introduce professionals and students to the intricate field of cryptography. Covering a broad spectrum of topics, the E|CES program delves into modern symmetric key cryptography, offering detailed insights into Feistel Networks, Data Encryption Standard (DES), and Advanced Encryption Standard (AES) algorithms. Additionally, students gain familiarity with various other algorithms, including Blowfish, Twofish, Skipjack, CAST, TEA, and more. The curriculum extends to information theory basics as applied to cryptography, covering essential concepts such as hashing algorithms (MD5, MD6, SHA, GOST, RIPMD 256) and asymmetric cryptography with in-depth discussions on Rivest- Shamir-Adleman (RSA), Elgamal, Elliptic Curve, and Digital Signature Algorithm (DSA).

Throughout the program, students delve into crucial cryptographic principles like diffusion, confusion, and Kerckhoff’s principle. Practical application is emphasized, enabling students to work with cryptographic algorithms from classical ciphers like the Caesar cipher to contemporary methods such as Advanced Encryption Standard (AES) and Rivest-Shamir-Adleman (RSA). Beyond theory, the course equips students with hands-on experience setting up a VPN, encrypting a drive, and exploring steganography. Furthermore, E|CES provides practical cryptanalysis and quantum computing knowledge, ensuring a comprehensive understanding of traditional and cutting-edge cryptographic concepts.

Completing the E|CES program empowers individuals to make informed decisions in selecting suitable encryption standards for their organizations. E|CES candidates learn the theoretical aspects of cryptography and possess the practical skills necessary for effective technology deployment. This includes the ability to implement encryption techniques, secure data with VPNs, and navigate the complexities of emerging technologies like quantum computing, making them valuable assets in cybersecurity.

Audience Profile

Anyone involved in the selection and implementation of VPN’s or digital certificates should attend this course. Without understanding the cryptography at some depth, people are limited to following marketing hype. Understanding the actual cryptography allows you to know which one to select. A person successfully completing this course will be able to select the encryption standard that is most beneficial to their organization and understand how to effectively deploy that technology.

This course is excellent for ethical hackers and penetration testing professionals as most penetration testing courses skip cryptanalysis completely. Many penetration testing professionals testing usually don’t attempt to crack cryptography.

Prerequisites

A basic knowledge of cryptanalysis is very beneficial to any penetration testing.

At Course Completion

Types of encryption standards and their differences
How to select the best standard for your organization
How to enhance your pen-testing knowledge in encryption
Correct and incorrect deployment of encryption technologies
Common mistakes made in implementing encryption technologies
Best practices when implementing encryption technologies
Quantum computing and cryptography

Course Outline

Module 1: Introduction and History of Cryptography

Gaps in Crypto Knowledge
What is Cryptography?
History of Cryptography
- Mono-Alphabet Substitution
- Caesar Cipher
- Atbash Cipher
- Affine Cipher
- ROT13 Cipher
- Scytale
- Single Substitution Weaknesses
Multi-Alphabet Substitution
- Cipher Disk
- Vigenère Cipher
  - Vigenère Cipher: Example
  - Breaking the Vigenère Cipher
- Playfair Cipher
- ADFGVX Cipher
Homophonic Substitution
Null Ciphers
Book Ciphers
Rail Fence Ciphers
Vernam Cipher
The Enigma Machine
CrypTool

Module 2: Symmetric Cryptography & Hashes

Symmetric Cryptography
Information Theory
- Information Theory Cryptography Concepts
Kerckhoffs’s Principle
Substitution
Transposition
Binary Math
- Binary AND
- Binary OR
- Binary XOR
Block Cipher vs. Stream Cipher
Symmetric Block Cipher Algorithms
- Basic Facts of the Feistel Function
- S-Box
- S-Box Design
- The Feistel Function
- Unbalanced Feistel Cipher
- Data Encryption Standard (DES)
- 3DES
  - DESX
  - Whitening
- Advanced Encryption Standard (AES)
  - AES General Overview
  - AES Specifics
- Blowfish
- Serpent
- Twofish
- Skipjack
- International Data Encryption Algorithm (IDEA)
- CAST
- Tiny Encryption Algorithm (TEA)
- SHARK
- GOST
- McGuffin
Symmetric Algorithm Methods
- Electronic Codebook (ECB)
- Cipher-Block Chaining (CBC)
- Propagating Cipher-Block Chaining (PCBC)
- Cipher Feedback (CFB)
- Output Feedback (OFB)
- Counter (CTR)
- Initialization Vector (IV)
Symmetric Stream Ciphers
- Example of Symmetric Stream Ciphers: RC4
- Example of Symmetric Stream Ciphers: FISH
- Example of Symmetric Stream Ciphers: PIKE
Hash Function
- Hash – Salt
- MDS
- MD6
  - The MD5 Algorithm
- Secure Hash Algorithm (SHA)
- FORK-256
- RIPEMD-160
- Tiger
- Blake
- Hava
- Whirlpool
- Skein
- NTLM-Windows Hashing
  - NTLM
- MAC and HMAC
- MAC & HMAC
- Key Stretching
CryptoBench

Module 3: Number Theory and Asymmetric Cryptography

Asymmetric Encryption
Basic Number Facts
- Prime Numbers
- Mersenne Primes
- Fermat Prime
- Co-Prime Numbers
- Euler’s Totient
- Modulus Operator
- Congruence Numbers
- Solving Congruence
- Fibonacci Numbers
- Algebraic Group
- Rings
- Field
- Galois Field
- Logarithms
- Natural Logarithms
- Discrete Logarithms
Birthday Theorem
- Birthday Paradox
  - Birthday Paradox: Probability
- Birthday Attack
Random Number Generator
- Classification of Random Number Generator
- Traits of a Good PRNG
- Middle Square Method
- Naor-Reingold and Mersenne Twister Pseudorandom Function
- Linear Congruential Generator
- Lehmer Random Number Generator
- Lagged Fibonacci Generator (LFG)
- Blum Blum Shub
- Yarrow
- Fortuna
Diffie-Hellman
Rivest Shamir Adleman (RSA)
- RSA – How it Works
- RSA Example
Menezes-Qu-Vanstone
Digital Signature Algorithm
- Signing with DSA
Elliptic Curve
- Elliptic Curve Variations
- Elliptic Curve
Elgamal
Cramer – Shoup
YAK
Forward Secrecy
CrypTool

Module 4: Applications of Cryptography

FIPS Standards
Digital Signatures
What is a Digital Certificate?
- Digital Certificates
  - 509
  - 509 Certificates
  - 509 Certificate Content
  - 509 Certificate File Extensions
- Certificate Authority (CA)
- Registration Authority (RA)
- Certificate Authority – Verisign
- Certificate Types
- Public Key Infrastructure (PKI)
- Digital Certificate Terminology
- Server-based Certificate Validation Protocol
- Digital Certificate Management
- Trust Models
- Certificates and Web Servers
- Microsoft Certificate Services
- Windows Certificates: certmgr.msc
- Authentication
  - Password Authentication Protocol (PAP)
  - Shiva Password Authentication Protocol (S-PAP)
  - Challenge-Handshake Authentication Protocol (CHAP)
  - Extensible Authentication Protocol (EAP)
  - Kerberos
    - Components of Kerberos System
    - Kerberos Authentication Process
  - PGP Certificates
  - Wi-Fi Encryption
    - Wired Equivalent Privacy (WEP)
    - WPA – Wi-Fi Protected Access
    - WPA2
    - WPA3
  - SSL
  - TLS
    - TLS v 1.3
  - Diagram
  - Protocols
  - Common SSL/TLS Libraries
  - Virtual Private Network (VPN)
    - Point-to-Point Tunneling Protocol (PPTP)
      - PPTP VPN
    - Layer 2 Tunneling Protocol VPN
    - Internet Protocol Security (IPSec) VPN
      - IPsec
      - IPSec – Terms
      - IPSec – Protocol Suite
    - SSL/TLS VPN
  - Split Tunneling
  - VPN Modes
  - Encrypting Files
    - Backing up the EFS key
    - Restoring the EFS Key
  - BitLocker
    - BitLocker: Screenshot
  - Disk Encryption Software: VeraCrypt
  - Common Cryptography Mistakes
  - Steganography
    - Steganography Terms
    - Historical Steganography
    - Steganography Details
    - Other Forms of Steganography
    - How to Embed?
    - Steganographic File Systems
    - Steganography Implementations
    - Demonstration
  - Steganalysis
    - Steganalysis – Raw Quick Pair
    - Steganalysis – Chi-Square Analysis
    - Steganalysis – Audio Steganalysis
  - Steganography Detection Tools
  - National Security Agency and Cryptography
    - NSA Suite A Encryption Algorithms
    - NSA Suite B Encryption Algorithms
    - National Security Agency: Type 1 Algorithms
    - National Security Agency: Type 2 Algorithms
    - National Security Agency: Type 3 Algorithms
    - National Security Agency: Type 4 Algorithms
  - Unbreakable Encryption
  - Blockchain

Module 5: Cryptanalysis

Breaking Ciphers
Cryptanalysis
Frequency Analysis
Kasiski
Cracking Modern Cryptography
- Cracking Modern Cryptography: Chosen Plaintext Attack
- Cracking Modern Cryptography: Ciphertext-only and Related-key Attack
Linear Cryptanalysis
Differential Cryptanalysis
Integral Cryptanalysis
Cryptanalysis Resources
Cryptanalysis Success
Rainbow Tables
- Rainbow Table
Password Cracking
Tools

Module 6: Quantum Computing and Cryptography

Quantum Computing and Cryptography
Timeline
Issues for QC
Two Branches
- Quantum Key Distribution (QKD)
  - QKD
  - What do we need?
  - Qubits
  - Trends
- Quantum Computers
  - The Problem
  - Why?
- NIST
- Major Approaches Lattice-Based Crypto
- Learning with Errors
- GGH
- NTRU
- Overview
- Module Over

All EC-Council certification courses are conducted by certified trainers from Iverson.

Digital Methods acts as the official training partner and assists with program consultation, registration, coordination, scheduling, and administrative arrangements to ensure a smooth and professionally managed training experience.

Page updated

Google Sites

Report abuse