Software developers world-wide place a great deal of trust in the encryption technologies used to protect privacy and sensitive data. What could go wrong? Plenty, says security and encryption expert Brian Sletten in this wide ranging overview of the history, methods, technologies, goals, and perhaps most importantly, limitations of encryption. The video offers a high level discussion of the theories behind encryption as well as a lower level detailed explanation of the technologies and methods used in encryption today.
Receive a comprehensive overview of the history, methods, technologies, goals, and limitations of encryption
Learn to make practical reasoned choices regarding the forms of encryption to avoid and the forms to deploy
Discover why the widely used MD-5 hashing algorithm should no longer be used for most encryption purposes
Familiarize yourself with Transport Level Security (TLS), the most widely-used Internet encryption mechanism
Learn to deploy DHKE, the asymmetric key exchange protocol for establishing encrypted Internet channels
Understand RSA, the encryption features it enables, and why it’s the standard for digitally-signing electronic documents
Learn to recognize encryption attacks and why government demands for backdoors might cripple modern cryptography
Brian Sletten runs Bosatsu Consulting, Inc., which focuses on security, encryption, and other forward-leaning technologies. Sletten’s twenty-three year software engineering career spans many industries including retail, banking, online games, defense, finance, hospitality and health care. He is author of the O'Reilly titles Resource-Oriented Architectures : Hypermedia, Introduction to Secure Software, Trusted VS. Trustworthy, and What Is Good Enough Security? He holds a B.S. in Computer Science from the College of William and Mary.
Brian Sletten is a liberal arts-educated software engineer with a focus on forward-leaning technologies. His experience has spanned many industries including retail, banking, online games, defense, finance, hospitality and health care. He has a B.S. in Computer Science from the College of William and Mary and lives in Auburn, CA. He focuses on web architecture, resource-oriented computing, social networking, the Semantic Web, data science, 3D graphics, visualization, scalable systems, security consulting and other technologies of the late 20th and early 21st Centuries. He is also a rabid reader, devoted foodie and has excellent taste in music. If pressed, he might tell you about his International Pop Recording career.
I've been an Infrastructure Manager for the last 10 years, and had to grant and revoke a great many security privileges in that time. I've also had to upgrade a number of servers and devices after Heartbleed, POODLE etc. A couple of months ago, I was reflecting on how I might make some in-house security refresher training more interesting, and thought about running through some of the more newsworthy hacks of the past few years, and cover how my colleagues might think in a more secure way.
I was therefore delighted to run across Brian's course, watching it via Safari Books online. It's taken me back to my first interest in cryptography some 30 years ago, as it starts with historical cryptography, but then quickly comes up to date.
I would highly recommend this course for those of us who are more generalist IT people, but tasked with implementing cryptography, particularly for securing data in transit. I've already read one book Brian recommends (the fascinating "the Victorian Internet"), ordered another ("Crypto: Secrecy and Privacy in the New Code War"), and have decided to study for the CompTIA Security+ and then CISSP, more confident in my general understanding of encryption.
This isn't just a dry course - much closer to an in-person presentation, and engaging on some of the legal and societal questions which are being, or should be, asked.
Bottom Line Yes, I would recommend this to a friend