Symmetric Cryptography: Constructions and Cryptanalysis

Andrew Lindell

Register Now // july 24 - 27

USA 2010 Weekend Training Session //July 24-25

USA 2010 Weekday Training Session //July 26-27


Every security professional knows the basics of encryption, but does everyone really understand what a block cipher for example is supposed to achieve? The fact is that we often look at cryptographic primitives as mystical black boxes. This is sometimes advantageous but can also lead to misunderstandings and mistakes. For example, a deep understanding of how block ciphers work and how sophisticated attacks (like differential and linear cryptanalysis) are carried out makes it clear why it is so important to only use standardized ciphers like 3DES and AES and why modes of encryption are so essential. Such an understanding also clarifies the ramifications of the choice of key- length and block size in a block cipher, and the output length of a hash function. Finally, many cryptosystems are broken due to implementations that seem robust but actually leave the door wide open to attack. Without an understanding of how these primitives really work, it is almost impossible to implement crypto properly.

In this course, participants will gain an in-depth understanding of how symmetric cryptographic primitives are constructed and broken, with a focus on block ciphers and cryptographic hash functions. We will study the main construction paradigms as well as basic cryptanalytic attacks on these primitives. The course also covers important advanced cryptanalytic attacks like differential and linear cryptanalysis, with a focus on how to apply them. Finally, we will study popular constructions like the DES and AES ciphers, and the SHA family of hash functions.

In addition to frontal lectures, the course includes multiple interactive and exercise sessions where participants will be challenged to apply the material learned to new problems.

This course is essential to developers who need to understand cryptographic primitives in depth in order to properly use them and also to security professionals who need to make truly informed decisions about what products to use and why.

Note: this is a 2-day course.


This course will assume mathematical maturity, but no specific mathematical knowledge. In addition, participants should be familiar and comfortable with very basic probability, with the notions of algorithms and with basic notions of computer science. Some basic programming knowledge is helpful, but not necessary.

What to bring:

Students should bring paper, pens, and calculators. Laptops are helpful, but not required.


Andrew (Yehuda) Lindell is an Associate Professor at Bar-Ilan University in Israel. Andrew attained a Ph.D. at the Weizmann Institute of Science in 2002 and spent two years at the IBM T.J.Watson research lab as a Postdoctoral fellow in the cryptography research group. Andrew has carried out extensive research in cryptography, and has published more than 60 conference and journal publications, as well as an undergraduate textbook on cryptography and a book detailing secure protocols. Andrew has presented at numerous international conferences, workshops and university seminars, and has served on program committees for top international conferences in cryptography. In addition to Andrew's notable academic work, he has significant industry experience and has worked on the cryptographic and security issues that arise in the design and construction of authentication schemes, smartcard applications, software protection schemes and more.

Super Early:
Ends Apr 1

Ends May 15

Ends Jun 15

Ends Jul 23