Cryptography

Learn Public Key Infrastructure from Scratch

Packt

This video course explains how Secure Sockets Layer (SSL) works on websites and the importance of digital certificates in securing communication between clients and web servers. You'll learn to deploy and manage a two-tier PKI on Windows Servers, supporting applications requiring certificate-based security.

What's inside

Syllabus

Introduction

In this module, we will provide an overview of the course, outlining the main objectives and the topics that will be explored in the subsequent modules. You will also get a brief on what to expect in terms of learning outcomes and assessments.

Overview of Public Key Infrastructure

In this module, we will delve into the fundamentals of Public Key Infrastructure (PKI), starting with its definition and significance. We will explore the diverse uses of PKI, identify the key components that make up a PKI solution, and understand the role and workings of digital certificates in maintaining secure communications.

Overview of Cryptography

In this module, we will explore the foundational aspects of cryptography, beginning with a broad overview of its principles. We will compare symmetric and asymmetric encryption techniques, delve into the concept of digital signing, and examine different encryption algorithms. Additionally, we will cover hashing algorithms and their role in ensuring data integrity.

Certification Authority or CA

In this module, we will cover the essential aspects of Certification Authorities (CAs), starting with an overview of their roles. We'll differentiate between public and private CAs, explore the structure of root and subordinate CAs, and compare stand-alone vs. enterprise CAs. Furthermore, we will discuss the considerations for setting up a CA hierarchy and provide practical, hands-on guidance for installing a standalone root CA and an enterprise subordinate CA.

Certificate Request or Enrollment Methods

In this section, we will explore the different methods for requesting and enrolling certificates. You will learn about certificate templates and the various types of certificate enrollment. The section includes hands-on activities such as requesting certificates through web enrollment, MMC, auto-enrollment, and offline using CSR. Additionally, we will secure a website using a certificate and encrypt and decrypt files with certificates.

Configuring CA Properties

In this section, we will delve into configuring various properties of a Certificate Authority (CA). You will learn how to manage CA administration and security settings, set up CA policy and exit modules, and understand the roles of Certificate Revocation Lists (CRLs), Authority Information Access (AIA), and CDP extensions. Finally, we will guide you through configuring AIA and CDP extensions to ensure proper certificate management and accessibility.

New Roles in Certificate Services

In this section, we will explore the new roles in Certificate Services and their importance. You will learn about the Network Device Enrollment Service (NDES) and its configuration in two parts. Additionally, we will cover the concepts and setup of Enrollment Agents, including Certificate Enrollment Policy (CEP) and Certificate Enrollment Services (CES). Finally, the section includes configuring an Online Responder (OCSP) to enhance certificate validation processes.

Migrating Hashing Algorithm from SHA1 to SHA2 on Windows Server 2016 CA

In this section, we will guide you through the process of migrating the hashing algorithm from SHA1 to SHA2 on Windows Server 2016 Certificate Authority (CA). You will learn how to install and configure both Root and Subordinate CAs. We'll cover the essential planning steps needed before initiating the migration to minimize potential issues. Finally, you will perform the migration on both the Root CA and the Subordinate CA, ensuring a secure and updated cryptographic environment. You will also learn how to validate the successful migration and troubleshoot any challenges that may arise.

Save this course

Save Cryptography: Learn Public Key Infrastructure from Scratch to your list so you can find it easily later:

Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Cryptography: Learn Public Key Infrastructure from Scratch with these activities:

Review Basic Networking Concepts

Show steps

A solid understanding of basic networking concepts will enhance your comprehension of PKI and its role in securing network communications.

Browse courses on Networking Fundamentals

Show steps

Go over notes or online resources on networking concepts such as IP addresses, subnetting, and network protocols.
Review basic network configuration and troubleshooting techniques.

Read 'Cryptography and Network Security: Principles and Practice'

Show steps

This comprehensive book provides an in-depth look at cryptography and network security, offering a strong foundation for understanding PKI and its applications.

View Cryptography and Network Security: Principles... on Amazon

Show steps

Obtain a copy of the book.
Read the relevant chapters on cryptography, digital certificates, and PKI.
Take notes or highlight important concepts.

Practice Encryption and Decryption

Show steps

Regular practice of encryption and decryption techniques will reinforce your understanding and boost your confidence in these foundational skills.

Browse courses on Encryption

Show steps

Find online resources or tools that provide encryption and decryption challenges.
Attempt to encrypt and decrypt messages using different algorithms and key sizes.
Compare your results with the expected outcomes to identify areas for improvement.

Three other activities

Expand to see all activities and additional details

Show all six activities

Configuring PKI on Windows Server

Show steps

Following along with a guided tutorial will help you dive deeper into the intricacies of PKI on Windows Server, enhancing your understanding.

Browse courses on Public Key Infrastructure

Show steps

Find a reputable tutorial on configuring PKI on Windows Server.
Set aside enough time to complete the tutorial thoroughly.
Follow the instructions in the tutorial carefully, paying attention to the details.
Take notes or highlight important information for future reference.

Create a Visual Guide to PKI

Show steps

Creating a visual guide will help you synthesize and retain information by translating complex concepts into a more accessible and memorable format.

Browse courses on Public Key Infrastructure

Show steps

Brainstorm key concepts and relationships within PKI.
Choose a visual format that effectively conveys the information (e.g., flowchart, diagram, comic strip).
Design and create the visual guide, using clear language and engaging visuals.
Share your visual guide with others for feedback and discussion.

Attend an Industry Conference on Public Key Infrastructure

Show steps

Attending an industry conference will provide valuable insights into the latest PKI trends, best practices, and real-world applications.

Browse courses on PKI

Show steps

Research and identify upcoming industry conferences focused on PKI.
Register for the conference and make travel arrangements.
Actively participate in sessions, workshops, and networking events.

Career center

Learners who complete Cryptography: Learn Public Key Infrastructure from Scratch will develop knowledge and skills that may be useful to these careers: