It drives me nuts that people think the right way to teach cryptography and "cryptanalysis" (I'd say: cryptographic vuln research) is stuff like differential and linear cryptanalysis, or, for that matter, index calculus. Practically nobody is going to use that stuff; it's just the stuff that's been in textbooks for 20 years, and so people assume they need to teach it.<p>How far into this do you get before you learn how CBC bitflips work? Trick question! It's never covered. The cryptanalysis slides are from 2013, sure, but CBC padding oracles were already passé by then.<p>It just makes me feel like people aren't taking the subject seriously. Which is how a lot of this courseware reads to me! A recitation of random facts.
I wish computer security training included courses on avoiding or destroying the bureaucracy that seems to inevitably form around cybersecurity dogma.<p>COVID was a lightning rod and channeled a lot of technological advances through that would’ve been otherwise halted by the cyber hand wringers who seem to have infiltrated all approval processes.
There's a set of 3 free courses on secure software development fundamentals developed by the Linux Foundation Open Source Security Foundation (OpenSSF). Just go here:
<a href="https://www.edx.org/professional-certificate/linuxfoundationx-secure-software-development-fundamentals" rel="nofollow">https://www.edx.org/professional-certificate/linuxfoundation...</a><p>For a fee you can also take tests to earn certificates.<p>Full disclosure: I developed these courses (with lots of gratefully-accepted feedback). But I hope you'll like them anyway :-).
<a href="https://twitter.com/XenoKovah/status/1336054258140139521" rel="nofollow">https://twitter.com/XenoKovah/status/1336054258140139521</a><p>The founder of OST(OpenSecurityTraining) recently tweet that he's going to work full time on OST.
The OpenSSF released a bunch of free courses on security: <a href="https://openssf.org/press-release/2020/10/29/open-source-security-foundation-announces-education-courses-and-participation-initiatives-to-advance-its-commitment-to-securing-the-worlds-software-infrastructure/" rel="nofollow">https://openssf.org/press-release/2020/10/29/open-source-sec...</a>
Any opinions on "The Handbook of Applied Cryptography". Is this information still relevant?<p><a href="https://cacr.uwaterloo.ca/hac/" rel="nofollow">https://cacr.uwaterloo.ca/hac/</a>