We may earn an affiliate commission when you visit our partners.
Course image
(ISC)² Education & Training

Welcome to Cryptography!

Cryptography is the practice and study of techniques for securing communications in the presence of third parties. You will learn how to protect information in order to ensure its integrity, confidentiality, authenticity, and non-repudiation.

You will come out with a basic understanding of cryptographic concepts and how to apply them, implement secure protocols, key management concepts, key administration and validation, and Public Key Infrastructure.

Course Objectives

1. Apply the fundamental concepts of cryptography

Read more

Welcome to Cryptography!

Cryptography is the practice and study of techniques for securing communications in the presence of third parties. You will learn how to protect information in order to ensure its integrity, confidentiality, authenticity, and non-repudiation.

You will come out with a basic understanding of cryptographic concepts and how to apply them, implement secure protocols, key management concepts, key administration and validation, and Public Key Infrastructure.

Course Objectives

1. Apply the fundamental concepts of cryptography

2. Describe the difference between symmetric and asymmetric cryptography

3. Define the basic requirements for cryptography

4. Identify processes to support secure protocols

5. Describe the process for implementing cryptographic systems

6. Define key management concepts

7. Define Public Key Infrastructure

8. Identify processes for key administration and validation

9. Describe the implementation of secure protocols

Enroll now

What's inside

Syllabus

Cryptography
In this course, we'll explore the field of cryptography, including public key infrastructures, certificates and digital signing. Here, we take a deep dive into the realm of confidentiality, integrity and availability. Since we aren't only using cryptography to protect data from unauthorized disclosure and improper modification, but also using encryption to regulate the ability of users to log into systems and applications. Course 3 Learning ObjectivesAfter completing this course, the participant will be able to: L3.1 - Identify the fundamental concepts of cryptography driving requirements and benefits.L3.2 - Recognize symmetric encryption methods.L3.3 - Use asymmetric encryption methods.L3.4 - Examine public-key infrastructure (PKI) systems and certificates.L3.5 - Summarize fundamental key management terms and concepts.L3.6 - Recognize how to implement secure protocols.L3.7 - Review methods of cryptanalytic attack.Course AgendaModule 1: Benefits and Driving Requirements for Cryptography (Domain 5 - Cryptography, Domain 7 - Systems and Application Security)Module 2: Support the Use of Symmetric Encryption Methods (Domain 5 - Cryptography)Module 3: Support the Use of Asymmetric Encryption Methods (Domain 5 - Cryptography)Module 4: Support the Use of Public Key Infrastructure (PKI) Systems (Domain 5 - Cryptography)Module 5: Support Key Management Processes (Domain 5 - Cryptography)Module 6: Support the use of Secure Protocols (Domain 5 - Cryptography)Module 7: Cryptanalysis (Domain 5 - Cryptography)Who Should Take This Course: BeginnersExperience Required: No prior experience required
Read more
Module 2: Support the Use of Symmetric Encryption Methods
The two main types of algorithms used in encryption are symmetric and asymmetric. These types of algorithms provide substantially different benefits and have different uses as part of a cryptographic implementation. This module will examine each of these types of algorithms and describe their uses and benefits. 
Module 3: Support the Use of Asymmetric Encryption Methods
In contrast to symmetric encryption, asymmetric encryption is relatively new, having been invented, published and thereby made publicly available only in the late 1970s.  Asymmetric algorithms became commonly known when Drs. Whitfield Diffie and Martin Hellman released a paper in 1976 called “New Directions in Cryptography.” The Diffie-Hellman paper described the concept of using two different keys (a key pair) to perform the cryptographic operations — the essence of asymmetric cryptography. The pair of keys used in asymmetric cryptography are mathematically related and must always be used as a pair. One key will not work without the other key also being used. The key pair consists of a private key, which the owner of the key pair MUST keep private; and a public key, which is computed from the private key and can be shared with anyone the owner wishes to share it with.  Asymmetric cryptography uses what is known as a trapdoor function, meaning that while it may be easy to compute a value in one direction, reversing the process is extremely difficult if not mathematically impossible to do. The mathematics used in creating the key pair makes it simple to calculate the value of the public key if a person knows the value of the private key, but the reverse (i.e., to determine the value of the private key based on the value of the public key) is something we call computationally infeasible — it would take more processing time, on more CPUs and GPUs (graphics processor units) running in parallel, to be confident of making that “lucky guess” at going backward through the trapdoor, so to speak, and cracking the private key based only on the public key.  Even Kerckhoffs’s Principle (covered in module 5) doesn’t make these cryptographic attacks any easier! Modern attacks have been done using botnet systems in which CPUs and GPUs become part of a massively parallel attack on such cryptosystems. Trapdoor functions were one of the “new directions” in the Diffie-Hellman paper; the other was using these functions to compute a symmetric session key on demand, without requiring the sender and recipient to first exchange a secret value such as a symmetric encryption key. Suddenly, the key distribution and management problem became much, much simpler. Let’s take a closer look at these ideas and see how they gave rise to public key cryptography as an infrastructure (which we call PKI for short), the widespread use of digital signatures, and a host of other ideas vital to the safe and reliable use of e-business of all forms. 
Module 4: Support the Use of Public Key Infrastructure
A PKI is a set of system, software and communication protocols required to use, manage and control public key cryptography. As an infrastructure, it provides foundational services to users by: Publishing the public keys and certificates related to an identity Certifying that a public key is tied to an individual or an identity Verifying that a public key is valid and correct Note that the PKI is working at the level of an identity, and not at the entity level. As a private individual, the human being Kazuko is an entity; each web service or institution they deal with will know them by a different identity, quite possibly with different subsets of the total collection of identifying attributes associated with Kazuko. Each endpoint device, such as their laptops, smartphones, or smart watches, will further encapsulate some of that identity information along with the device’s own identity information, which becomes the identity that will be known by the PKI and its services.  Kazuko, like the other billions of internet users (human, device, organizational or robotic) thus has multiple identities; the PKI must serve them all. Keep this fundamental idea in mind as we work through using the PKI to keep things safe, reliable and secure. 
Module 5: Support Key Management Processes
The compromise of most cryptographic systems does not happen because of weaknesses in the algorithms; instead, it is most frequently due to problems with key management. This is often a human problem when people share keys, distribute keys improperly, choose weak keys, do not destroy old keys or store keys insecurely. History is littered with the defeats of nations and the failures of business ventures because of this. A major part of breaking the code for Nazi Germany’s Enigma machine during the Second World War was the work of the Polish mathematician Marian Rejewski. Working in the Polish General Staff’s Cipher Bureau with allied French military intelligence, he was able to determine the order of the letters on the cipher disks used in the Enigma by gaining access to two months’ worth of old encryption (setting) keys the Germans had discarded. As security professionals, we ought to be able to reach up to our bookshelves and pull down a handbook for cryptographic key and certificate management for business and private organizational use; that handbook doesn’t seem to exist yet.  NIST SP 1800-16, issued in June 2020, is a great start on this effort, but it does not address the small- and medium-sized enterprise needs, nor does the NIST Cybersecurity Framework do this either. Let’s see what we can put together, drawing from the lessons in modules 1 through 4, and a few other lessons from history. 
Module 6: Support the Use of Secure Protocols
The previous modules explained the characteristics, strengths, and uses of cryptographic algorithms. As a security professional, we will use these algorithms in many ways including secure email, virtual private networks (VPNs), e-commerce and wireless security. Most cryptographic systems use a combination of symmetric and asymmetric algorithms, hashing, and digital signatures. Chapter 5 will provide you with a more solid foundation in the architectural models of internetworking, as it works through the layers of the OSI 7-Layer model and TCP/IP as protocol stacks. For now, it’s good to know that from the physical interconnection level on up through services used by applications, cryptography provides support to all aspects of security.
Cryptanalysis
This last part of the section on cryptography will examine some of the ways the protection of files and communications has been compromised through the science and art of cryptanalysis. There are many avenues of attack (attack vectors) that can be used against cryptosystems: to attack the key, the algorithm, the ciphertext, the implementation, or the people, but the weakest link in cryptography has to be the people. The easiest attack is through social engineering and convincing someone to disclose a password or other sensitive information. It’s important to realize that cryptanalysis and even cryptographic attacks are methods, not motives. The attackers might be the ethical penetration testers hired by your organization or be part of a law enforcement or national security organization conducting lawful intelligence (and counterintelligence) operations.  Cryptanalysis, the observation of a cryptosystem’s design or operational characteristics, can be used to find vulnerabilities or identify areas for possible improvements in a cryptosystem. Both can be and are done for benign and hostile intents. 
Module 8: Review
We’ve seen that cryptographic systems, when properly used and kept secure, can support all of the CIANA+PS security needs of confidentiality, integrity, availability, non-repudiation, authenticity, safety, and privacy. This is best done by using hybrid systems that use both symmetric and asymmetric cryptographic algorithms to provide for strong, efficient operation while simplifying the key distribution and management requirements.  Encryption is not the answer to everything, of course. As with any risk management and mitigation control, it has to be applied at the right points in the organization’s information architecture and used correctly to be effective. It also must be managed to continue to deliver the required protection.

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Teaches symmetric and asymmetric cryptography, which are essential for computer and network security
Examines modern public key cryptography, which is used to secure online communications and transactions
Develops key management concepts, which are critical for maintaining the security of cryptographic systems
Introduces Public Key Infrastructure (PKI), which is used to manage and distribute digital certificates
Covers cryptanalysis, which is the study of methods to break cryptographic systems

Save this course

Save Cryptography to your list so you can find it easily later:
Save

Reviews summary

Well-received cryptography course

Learners say this Cryptography course is excellent and highly recommend it. The instructor is knowledgeable and makes learning cryptography accessible. Learners especially appreciate the interactive content, practical examples, and challenging final project. Overall, learners found this course to be a valuable learning experience.
Practical examples
"Could use more visuals and be more hands-on. Besides that vast amount of important Cybersecurity content. "
Challenging final project
"Its really a good program that provide in-depth knowledged and understanding of Cryptography. Thank you Coursera & ISC management."
"A very good course to learn about cryptography, very simple with a lot of knowledge. Regarding teacher is very practical have a lot of examples. Regarding the information it has the possibility to take notes, download information and have a summary of the videos also you can see the text of the speaker."
Knowledgeable instructor
"Regarding teacher is very practical have a lot of examples."
Interactive content
"its was great but it's take long time to understand"
"Great course content, interactive, instructor is very knowledgeable and quiz after every module is good to assess our-self with the concepts which we learned and project is something unique experience when it compare to any online training program, Overall its a great learning experience."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Cryptography with these activities:
Create a Cryptography Reference Sheet
Building a reference will condense important information from the course into a single, useful document.
Show steps
  • Gather notes, assignments, and other materials from the course
  • Organize the materials by topic
  • Create a reference sheet
Follow Tutorials on Symmetric Encryption Algorithm
Gain a deeper understanding of symmetric encryption by implementing the algorithms and encrypting/decrypting sample data.
Browse courses on Symmetric Encryption
Show steps
  • Find tutorials on symmetric encryption algorithms like AES or DES
  • Choose a programming language
  • Implement the encryption/decryption algorithms
Become a Cryptography Peer Mentor
Enhance understanding of cryptography by assisting other learners, while reinforcing concepts through explanations.
Show steps
  • Join a study group or online community
  • Help other learners understand concepts
  • Provide support and encouragement
Four other activities
Expand to see all activities and additional details
Show all seven activities
Break Simple Cipher
Gain confidence and reinforce cryptography algorithms by decrypting a basic cipher. This activity can be scaled to suit the learner's knowledge level.
Browse courses on Symmetric Encryption
Show steps
  • Find a historical cipher online, such as the Caesar cipher
  • Attempt to decrypt a cipher
  • Check your answer
  • Try decrypting more complex ciphers
Create an Analogy for Public Key Infrastructure
Creating an analogy for PKI will help solidify the concept and provide a simplified explanation to peers who may not be familiar with the term.
Browse courses on Public Key Infrastructure
Show steps
  • Think of an analogy that compares PKI to a real-world concept
  • Develop the analogy with several examples
  • Create a presentation to explain the analogy
Develop a Cryptography-Based Game
Practical application of cryptography concepts by creating a game that demonstrates or uses cryptography techniques.
Browse courses on Game Development
Show steps
  • Choose a game concept that incorporates cryptography
  • Design the game mechanics and rules
  • Implement the game using a programming language
  • Test and debug the game
Contribute to an Open-Source Encryption Library
Hands-on experience with cryptography by contributing to an open-source library, enhancing coding skills and deepening understanding of encryption methods.
Show steps
  • Choose an open-source encryption library to contribute to
  • Review the documentation and contribute to issue discussions
  • Write code and follow best practices

Career center

Learners who complete Cryptography will develop knowledge and skills that may be useful to these careers:
Cryptography Researcher
Cryptography researchers develop new cryptographic algorithms and protocols to improve the security of data and communications. This course will help you understand the mathematical and computational foundations of cryptography. You will also learn about the different types of cryptographic algorithms and how to use them to protect data in a variety of applications.
Cryptographic Engineer
Cryptographic engineers design and develop cryptographic algorithms and protocols to protect data and communications. This course will help you understand the mathematical and computational foundations of cryptography. You will also learn about the different types of cryptographic algorithms and how to use them to protect data in a variety of applications.
Security Analyst
Security analysts use their knowledge of cryptography and cryptanalysis to protect computer networks and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This course will help you understand the fundamental concepts of cryptography and how to apply them to protect data and communications. You will also learn about key management, public key infrastructure, and secure protocols.
Penetration Tester
Penetration testers use their knowledge of cryptography and cryptanalysis to identify vulnerabilities in computer networks and systems. This course will help you understand the principles of penetration testing and how to use tools and techniques to identify vulnerabilities in systems. You will also learn about ethical hacking and how to report vulnerabilities to organizations.
Information Security Consultant
Information security consultants help organizations to protect their information assets from threats such as cyber attacks and data breaches. This course will help you understand the principles of information security and how to implement security measures to protect data and systems. You will also learn about risk management, incident response, and business continuity planning.
Cybersecurity Architect
Cybersecurity architects design and implement cybersecurity strategies and solutions to protect organizations from cyber threats. This course will help you understand the principles of cybersecurity and how to implement security measures to protect organizations. You will also learn about risk management, incident response, and business continuity planning.
Information Security Manager
Information security managers are responsible for developing and implementing information security policies and procedures to protect organizations from cyber threats. This course will help you understand the principles of information security and how to implement security measures to protect data and systems. You will also learn about risk management, incident response, and business continuity planning.
Cybersecurity Analyst
Cybersecurity analysts monitor and analyze security data to identify and respond to cyber threats. This course will help you understand the principles of cybersecurity and how to use tools and technologies to monitor and analyze security data. You will also learn about incident response and threat intelligence.
Network Security Engineer
Network security engineers design, implement, and maintain network security systems to protect networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course will help you understand the principles of network security and how to implement security measures to protect networks. You will also learn about firewalls, intrusion detection systems, and virtual private networks.
Privacy Engineer
Privacy engineers design, develop, and implement systems and technologies to protect personal data. This course will help you understand the principles of privacy engineering and how to implement privacy measures in systems. You will also learn about data privacy and data security.
Data Protection Officer
Data Protection Officers (DPOs) are responsible for ensuring that organizations comply with data protection laws and regulations. This course will help you understand the principles of data protection and how to implement measures to protect personal data. You will also learn about data privacy and data security.
Cloud Security Engineer
Cloud security engineers design, implement, and manage security for cloud computing environments. This course will help you understand the principles of cloud security and how to implement security measures to protect cloud environments. You will also learn about cloud security tools and technologies.
Software Security Engineer
Software security engineers design, develop, and test software to ensure that it is secure from vulnerabilities and attacks. This course will help you understand the principles of software security and how to implement security measures in software. You will also learn about secure coding practices and how to test software for vulnerabilities.
Blockchain Developer
Blockchain developers design, develop, and maintain blockchain systems. This course will help you understand the principles of blockchain and how to develop secure and scalable blockchain systems. You will also learn about cryptocurrency and cryptoeconomics.
Cryptocurrency Developer
Cryptocurrency developers design, develop, and maintain cryptocurrency systems. This course will help you understand the principles of cryptocurrency and how to develop secure and scalable cryptocurrency systems. You will also learn about blockchain technology and cryptoeconomics.

Reading list

We've selected 14 books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Cryptography.
Provides a comprehensive and authoritative reference on the theory and practice of cryptography. It covers a wide range of topics, including symmetric and asymmetric encryption, hash functions, digital signatures, and network security protocols.
Provides a comprehensive introduction to cryptography and network security, covering both the fundamental principles and practical applications. It includes detailed explanations of cryptographic algorithms, protocols, and techniques, and discusses the security challenges and countermeasures associated with network communications.
Provides a comprehensive introduction to cryptography and coding theory, covering both the theoretical and practical aspects. It includes detailed explanations of cryptographic algorithms, protocols, and techniques, as well as the mathematical foundations of coding theory.
Provides a practical guide to cryptography, focusing on the implementation of cryptographic algorithms and protocols. It covers a wide range of topics, including symmetric and asymmetric encryption, hash functions, digital signatures, and network security protocols.
Provides a comprehensive overview of security engineering, covering both the theoretical and practical aspects. It includes detailed discussions of security threats, vulnerabilities, and countermeasures, as well as the latest security standards and best practices.
Provides a comprehensive overview of information security, covering both the technical and managerial aspects. It includes detailed discussions of information security threats, vulnerabilities, and countermeasures, as well as the latest security standards and best practices.
Provides a comprehensive overview of network security, covering both the technical and managerial aspects. It includes detailed discussions of network security threats, vulnerabilities, and countermeasures, as well as the latest security standards and best practices.
Provides a comprehensive overview of computer security, covering both the technical and managerial aspects. It includes detailed discussions of computer security threats, vulnerabilities, and countermeasures, as well as the latest security standards and best practices.
Provides a comprehensive overview of computer security, covering both the technical and managerial aspects. It includes detailed discussions of computer security threats, vulnerabilities, and countermeasures, as well as the latest security standards and best practices.
Provides a practical guide to cryptography for developers, covering the implementation of cryptographic algorithms and protocols in a variety of programming languages. It includes detailed explanations of cryptographic algorithms, protocols, and techniques, as well as the security challenges and countermeasures associated with software development.
Provides a comprehensive overview of hacking, covering both the theoretical and practical aspects. It includes detailed discussions of hacking techniques, tools, and methodologies, as well as the security countermeasures that can be implemented to protect against these attacks.
Provides a fascinating and insightful look into the art of deception, covering both the psychological and technical aspects. It includes detailed explanations of social engineering techniques, phishing attacks, and other methods of deception, as well as the security countermeasures that can be implemented to protect against these attacks.
Provides a rigorous and comprehensive treatment of the theory and practice of cryptography. It covers a wide range of topics, including number theory, finite fields, group theory, and elliptic curves, and discusses the applications of these concepts to cryptographic algorithms and protocols.
Provides a fascinating and accessible overview of the history and development of cryptography, from ancient times to the present day. It covers a wide range of topics, including the Enigma machine, the development of public-key cryptography, and the future of cryptography.

Share

Help others find this course page by sharing it with your friends and followers:
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser