Video description

Software developers world-wide place a great deal of trust in the encryption technologies used to protect privacy and sensitive data. What could go wrong? Plenty, says security and encryption expert Brian Sletten in this wide ranging overview of the history, methods, technologies, goals, and perhaps most importantly, limitations of encryption. The video offers a high level discussion of the theories behind encryption as well as a lower level detailed explanation of the technologies and methods used in encryption today.

  • Receive a comprehensive overview of the history, methods, technologies, goals, and limitations of encryption
  • Learn to make practical reasoned choices regarding the forms of encryption to avoid and the forms to deploy
  • Explore stream ciphers, block ciphers, authenticated encryption systems, and symmetric key encryption
  • Discover why the widely used MD-5 hashing algorithm should no longer be used for most encryption purposes
  • Familiarize yourself with Transport Level Security (TLS), the most widely-used Internet encryption mechanism
  • Learn to deploy DHKE, the asymmetric key exchange protocol for establishing encrypted Internet channels
  • Understand RSA, the encryption features it enables, and why it’s the standard for digitally-signing electronic documents
  • Learn to recognize encryption attacks and why government demands for backdoors might cripple modern cryptography

Brian Sletten runs Bosatsu Consulting, Inc., which focuses on security, encryption, and other forward-leaning technologies. Sletten’s twenty-three year software engineering career spans many industries including retail, banking, online games, defense, finance, hospitality and health care. He is author of the O'Reilly titles Resource-Oriented Architectures : Hypermedia, Introduction to Secure Software, Trusted VS. Trustworthy, and What Is Good Enough Security? He holds a B.S. in Computer Science from the College of William and Mary.

Publisher resources

View/Submit Errata

Table of contents

  1. Introduction
    1. Introduction to Video Series
    2. In the News
    3. Encoding vs Encryption
    4. Introduction to Hashing Algorithms
    5. Attacking Encryption With Brute Force
    6. Protecting Data At Rest vs In Transit
    7. The Encryption Key Exchange Problem
    8. Problems With Encryption Implementations
    9. The Importance of Random Number Generation and Entropy to Encryption
  2. History
    1. Historical Substitution Ciphers
    2. Historical Transposition Ciphers
    3. The Historical Playfair Cipher
    4. Encryption During World War II
    5. Encryption After World War II
  3. Stream Ciphers
    1. Overview of Stream Ciphers
    2. Details About the A5/1 Stream Cipher
    3. Details About the RC4 Stream Cipher
    4. Details About the Salsa20/ChaCha20 Stream Ciphers
  4. Block Ciphers
    1. Overview of Block Ciphers
    2. What's Good and Bad With the Electronic Cookbook (ECB) Mode
    3. Improving Things With the Cipher Block Chaining (CBC) Mode
    4. Turning Block Ciphers Into Stream Ciphers With the Output Feedback (OFB) Mode
    5. Details About the Cipher Feedback (CFB) Mode
    6. What's Great About the Counter (CTR) Mode
  5. Hashing Algorithms
    1. When Good Hashing Algorithms Go Bad
  6. Authenticated Encryption
    1. Overview of Authenticated Encryption Systems
  7. Symmetric Key Encryption
    1. Overview of Symmetric Key Encryption
    2. The Fascinating History of DES
    3. The Mechanics of DES
    4. How DES Was Cracked
    5. The Pleasing History of AES
    6. The Mechanics of AES
    7. Making AES Faster With Hardware Acceleration
  8. Key Exchange
    1. The Fascinating History of Diffie-Hellman Key Exchange (DHKE)
    2. Mechanics of DHKE
    3. The History of RSA
  9. Digital Signature
    1. Signing Documents with RSA
  10. Elliptical Curves
    1. Overview of Elliptical Curve Cryptography (ECC)
  11. TLS
    1. Overview of Transport Level Security (TLS)
    2. Setting Up Sessions with the TLS Handshake
    3. Picking Good TLS Ciphersuites
    4. Using OpenSSL
    5. Using Keybase.io
  12. Encryption Technologies
    1. Using JSSE
    2. Encrypting Filesystems With DM-Crypt
  13. Modern TLS Configuration
    1. Avoiding TLS Downgrades with HSTS
    2. Benefits of Certificate Pinning
    3. Benefits of OCSP Stapling
    4. The FREAK Attack
  14. Next Steps
    1. Encouraging The Use of Encryption With Let's Encrypt
    2. The Impact of Quantum Computing on Encryption
    3. What to Expect From The Government and Encryption Laws
    4. Next Steps

Product information

  • Title: Encryption
  • Author(s): Brian Sletten
  • Release date: June 2016
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781491944363