Procenne Academy
Procenne Academy

Cryptology and HSM Training

This training has been prepared to provide more detailed information about cryptology, which has been used in communication security for centuries, and HSMs, which have an important place in the security of the digitalized world in the last century.

Talk to an Expert

About Training

This training has been prepared to provide more detailed information about cryptology, which has been used in communication security for centuries, and HSMs, which have an important place in the security of the digitalized world in the last century.

Training groups consist of at least 8 participants.

Training Participation Conditions

There are no prerequisities for participation in the training.

Training Duration

The training lasts total of 18 hours by 4 different trainers.

Training Method

“Cryptology and HSM Training” is carried out with physical devices in Procenne Maslak and Ankara offices.

Within the scope of the training, practical demo studies are carried out with different brands and models of HSMs, and documents regarding the content are presented in digital environments.

Participation Certificate

Participants who successfully complete the training are given a participation certificate, the sample of which is given below, at the end of the training.

Cryptology and HSM Training

Training Content

Cryptology

In this section, concepts such as what is cryptology in general, what it is used for, how do we ensure the security of a system, which cryptological algorithms should be used, why different algorithms are not used will be discussed.

The topics to be covered under subheadings will be addressed one by one and accelerated cryptology training will be provided.

1.1 What is Cryptanalysis?

Since cryptology is the combination of the concepts of cryptanalysis and cryptography, the details of these concepts will be discussed here.

1.2 What is Cryptography?

The issues of how an algorithm is secure and what criteria are looked at will be discussed.

1.3 What Does Cryptography Provide Us?

“Confidentiality,” “verification,” and “integrity.” The details of these concepts that cryptology provides us will be discussed, and it will be discussed that cryptology is not just encryption, but also what it provides us.

1.4 Caesar Cipher Presentation

The Caesar Algorithm and Vigenere Cipher, which are indispensably presesntes as a classic introduction in Cryptology 101 trainings will be demonstrated practically and the summary of the work done here will be better understood. In addition to Caesar Algor,th and Vigenere Cipher, Enigma will also be briefly discussed.

1.5 What is a Key and How is it Produced?

In cryptology, the key is everything. In this section, we will briefly discuss how keys are generated and key types, and then move on to symmetric and asymmetric algorithms in the next section.

1.6 Symmetric and Asymmetric Algorithms

After the logic of cryptology in the Caesar algorithm is better understood and the concept of the key is well established, what symmetric and asymmetric algorithms are will be explained in this section. The differences between symmetric and asymmetric algorithms and the classifications of the currently used “modern algorithms” will be explained. Hash algorithms and asymmetric algorithms will be compared.

1.7 What is LMK? What are the Types of LMK?

In this section, we will discuss what LMK is, how many types of LMK there are, and the differences between “variant” and “keyblock” LMK.

1.8 Symmetric Key Types Used in Banking Systems

In this section, we will explain what ZMK, TMK, MK-AC, SMI, SMC, KEK, PEK, TPK, ZPK, CVC keys mean, and where they are used.

The key types used to produce these keys under Variant LMK will be explained in this section.

The key usage information used to produce these keys under Keyblock LMK will be explained in this section.

FIPS, PCI, CCEAL+ certifications will be mentioned. In addition, the concept of PKCS will be discussed in detail.

1.9 Asymmetric Key Types Used on the Card Issuing

In this section, ISS-RSA produced for the bank that will issue the card and ICC-RSA keys from the card’s own RSA key pairs inside the card, CA-RSA used on the card issuing (used for authorities such as Mastercard – Visa – Troy) will be discussed.

1.10 Key Management and Key Ceremony Operations

In this section it will be discussed how the keys produced on HSMs will be produced with a key ceremony and how the ceremony process is performed.

HSM Training

2.1 What is HSM?

In this section it will be discusses what HSM is and what it is used for.

2.2 What are the Types of HSM?

In this section it will be discussed how HSMs are divided into 2 classes as general purpose and payment systems and what these concepts mean.

The concept of slot will be discussed.

The concepts of keys being inside the device as objects or keys being kept outside the device under LMK will be explained.

2.3 Which Model HSM Belongs to Which Class? What are the Differences?

It will be discussed all brand-independent HSMs currently used in the market belongs to which class, where and for what purposes they are used.

2.4 How to Connect to ProCrypt HSM?

This section will cover how to connect to the Procrypt HSM remotely or closely, what are PCAM tools, how to use and install PCAM tools.

2.5 How to Generate ProCrypt HSM Keys, Import Keys and Export Keys?

This section will cover how to generate a slot in the Procrypt HSM, how to generate a key inside a slot, how to import an external key with another key inside the slot.

2.6 How to Generate ProCrypt HSM LMK? How to Generate Keys Under LMK?

This section will answer the questions of how Procrypt HSM is used by payment systems, how to generate LMKs, and how to generate keys used by payment systems after LMK generation.

2.7 How to Use Smart Cards and Clone Procedure in ProCrypt HSM?

This section will cover the cloning feature of Procrypt HSMs and explain how to perform key transfer operations to another Procrypt HSM. In addition, how to use a smart card, one of the key backup alternatives, will be explained in this section.

2.8 Safenet Protectserver HSM

In this section it will be discussed how we can connect to Safenet Protectserver HSM remotely and closely, how to install the KMU application on a Windows machine, and how to use the KMU application.

2.9 Safenet Protectserver HSM Console Commands

In this section it will be discussed what some console commands do by making a console connection to Safenet HSM, what can be done on the device when needed, IP assignment, changing the Security Mode, etc.

2.10 Key Generation, Key Import and Key Export Processes in KMU Application

This section will show how to generate symmetric and asymmetric keys using the KMU application, how to export the generated keys, and how to import an exported key.

2.11 Thales Payshield 9K ve 10K HSMs

This section will explain how to make a console connection to both Thales Payshield 9K and Thales Payshield 10K HSMs, and what the console and host commands are.

2.12 LMK Generation and LMK Loading in Thales Payshield

This section will explain how to generate LMK for TEST and PROD in Thales Payshield and how to load an external LMK card into the Thales Payshield. The console commands GC, GK, GT, LK, LO, VT, A will be shown.

2.13 Key Generation, Key Import and Key Export in Thales Payshield

In this section, key generation, key export and import operations will be shown under both Variant LMK and Keyblock LMK using the FK console command in Thales Payshield. Then, how this operation can be done with host commands and its differences will be explained.

2.14 Security Configurations in Thales Payshield

CS and QS commands will be processed from the console commands in Thales Payshield. Then, A authorize import commands will be shown.

2.15 Some Console Commands in Thales Payshield

In Thales Payshield, console commands such as QH, CH, QL, CL, DT, VR, VT, A, DC, GT, GK, GC that can be helpful on the basis of appliance will be explained in this section. Procedures such as giving an IP to the appliance, looking at logs, measuring the device status that can perform self-tests will also be explained in this section.

Crypto Calculator Utility Program

Crypto Calculator application provides us with the convenience of performing some cryptological operations. Some of these operations are given below:

  • Key generation
  • Generating keys from components
  • Finding the KCV value of the key
  • Encryption
  • Decryption

Since this application is used in many examples in the field, its use and installation will be explained in order to be useful.

Training Program

Day 1

  • Cryptology and HSM Training
  • Thales 9K-10K Training
  • Thales HSM Applications

Day 2

  • Thales 9K HSM Applications
  • Safenet HSM Training
  • Safenet HSM Applications

Day 3

  • ProCrypt KM-X HSM Application
  • ProCrypt HSM Application Training
  • ProCrypt HSM Application Training

Contact Us

Contact us for information and support about Procenne products and solutions. Our authorized unit will contact you as soon as possible.

By submitting this form, you agree to our Bize Ulaşın Formu Aydınlatma Metni and acknowledge our Web Gizlilik ve KVK İlkeleri.
Dotted world