1. History
   1. evolution
      1. substitution cipher
         1. monoalphabetic
            1. sytale
            2. athash
            3. caesar
         2. polyalphabetic
            1. de vignere
      2. transposition cipher
      3. kerckhoffs principle
      4. one time pad
         1. vernam
            1. XOR
      5. enigma, IBM lucifer
   2. definitions
      1. cryptosystem
         1. software
         2. protocol
         3. algorithm
         4. keys, keyspace
      2. strength
         1. workfactor
      3. keycluster
      4. kdf
         1. masterkey
         2. subkey
      5. cryptanalysis
   3. services
      1. confidentiality, integrity, authentication, authorisation, nonrepudiation
   4. other methods
      1. running cipher
      2. concealment cipher
      3. steganography
         1. components
            1. carrier, stegomedium, payload
2. Systems
   1. symmetric
      1. notation
      2. pros and cons
      3. block ciphers
         1. pros and cons
         2. confusion
            1. s-box
         3. diffusion
            1. avalanche effect
      4. stream ciphers
         1. keystream generator
         2. strong stream characteristics
            1. long periods of no repeating patterns within keystream values
            2. statistically unpredictable keystream
            3. no lnear relationship between key and keystream
            4. statistically unbiased keystreams
      5. initialisation vector
      6. other techniques
         1. compression
         2. expansion
         3. key mixing
         4. padding
      7. types
         1. DES
            1. modes
            2. ECB
            3. CBC
            4. CFB
            5. blocks smaller than 64bits
            6. OFB
            7. for video
            8. CTR
            9. no chaining, high performance
         2. 3DES
            1. modes
            2. DES-EEE3
            3. DES-EDE3
            4. DES-EEE2
            5. DES-EDE2
         3. AES
            1. Rijndael
         4. RC4, RC5, RC6
         5. Blowfish
   2. asymmetric
      1. pros and cons
      2. zero knowledge proof
      3. types
         1. Diffie-Hellmann
            1. man-in-in-the-middle attack
            2. authenticated DH with DS
            3. STS
            4. key agreement
         2. RSA
            1. key exchange protocol
            2. one way function
            3. trapdoor
         3. El Gamal
         4. Elliptic Curve Function
   3. hybrid
      1. public key cryptography
      2. digital envelope
         1. session keys
3. Message Integrity
   1. one way hash
      1. man-in-the-middle vulnerability
   2. MACs
      1. HMAC
      2. CBC-MAC
         1. data origin authentication
      3. CMAC
   3. Hashing algorithms
      1. MD2, MD4, MD5
      2. SHA Family
      3. birthday attack
   4. Digital Signatures
      1. DSS
4. PKI and Key Mgt
   1. PKI Components
      1. CA
         1. trust relationship
            1. cross certification
      2. RA
      3. Repository
      4. CRS
         1. CRL
         2. OCSF
      5. Timestamping system
      6. key mgt
      7. client software
      8. certificates
         1. X.509
         2. contents
   2. PKI Steps
   3. Key management
      1. rules for key mgt
         1. key length
         2. secure storage and transmission
         3. random keys derived from the full spectrum of keyspace
         4. key lifetime dependent on sensitity
         5. frequent usage should result in shorter key lifespan
         6. key backup and escrow
         7. proper disposal of key after lifetime
      2. key escrow
      3. multiparty key recovery
5. Usage
   1. transmission
      1. link encryption
         1. physical-DL layer
            1. advantage over E2E
      2. PPTP
         1. dl layer
      3. SSL/TLS
         1. transport layer
      4. E2E
         1. application layer
      5. IPSEC
         1. nework layer
         2. modes
            1. Transport
            2. tunnel
            3. includes IP headers
         3. protocols
            1. ESP
            2. ICV
            3. AH
         4. IKE
            1. ISAKMP
            2. OAKLEY
         5. SA
            1. SPI
   2. Applications
      1. E-mail
         1. PGP
            1. Key ring
            2. web of trust
         2. S/MIME
            1. PKCS
      2. Internet
         1. SHTTP
         2. HTTPS
         3. SET
            1. entities
         4. cookies
   3. Trusted Platform Management
      1. uses
         1. binding
         2. sealing
      2. segments
         1. persistent memory
            1. endorsement key
            2. storage root key
         2. versatile memory
            1. Attestation identity key
            2. Platform config register hash
            3. storage keys
6. Attacks
   1. frequency analysis
   2. passive
      1. eavesdropping
   3. active
      1. modifying
      2. masquerading
   4. common types
      1. known plaintext
      2. chosen plaintext
      3. chosen ciphertext
      4. differential cryptanalysis
      5. linear cryptanalysis
      6. side channel
      7. replay attack
      8. algebraic
      9. analytic
      10. social engineering
      11. meet-in-the-middle