Cryptography in its many forms has been around for centuries, storing and protecting secrets and confidential information. Data encryption today is simply an advanced form of this, using ciphers, algorithms and keys to securely store data. Given that nearly all applications store some form of sensitive user data, it’s imperative that they use effective methods of cryptography to properly secure this information.
Introduction to Web App Cryptography takes you on a deep-dive of cryptography and cryptographic implementations. You’ll learn about symmetric and asymmetric ciphers, block and stream ciphers, encryption best practices and the essentials of key management.
With the help of hands-on labs, you’ll learn about insecure cryptographic implementations in ECB mode. We’ll even talk about one-way hashing, comparing it to ‘Key Stretching’ algorithms. Finally, you’ll learn about the essential elements of good secrets management.
The training material, labs and video content are all specially designed by AppSecEngineer for this course. What you’ll find here is a distillation of years of security testing experience, knowledge, and original research across our entire team. It’s why we’ve put such a strong focus on real-world techniques, challenges and scenarios that you’ll be able to directly use to secure applications today.
Insecure Modes of Encryption
Authenticated Encryption with AES GCM
RSA Optimal Asymmetric Encryption Padding
Signatures with Asymmetric Encryption Algorithms
One-Way Hashing vs. Key Stretching