Skip to content

Class 01 – Foundations and Cryptography

Course: Fab Futures Cybersecurity

Class: 01

Topic: Foundations and Cryptography

Original Date: June 2026

Notebook Revision: 1.0


Executive Summary

This opening session established the foundation for the Cybersecurity Immersion course by introducing cybersecurity as a systems discipline rather than simply the protection of computers. The class reviewed the fundamental goals of confidentiality, integrity, and availability while exploring the evolution of modern threats, cryptographic principles, and the expanding attack surface created by today’s interconnected technologies.

For me, this class served as both a refresher and a recalibration. Having earned a Graduate Certificate in Cybersecurity in 2016, I recognized many of the core principles while also seeing how the field has matured. Cybersecurity is no longer viewed solely as an information technology concern; it now encompasses operational technology, industrial control systems, embedded devices, cloud infrastructure, artificial intelligence, and the Internet of Things.

This notebook documents not only the course material but also my personal observations, connections to previous experience, and lessons learned as I reconnect past knowledge with today’s rapidly evolving cybersecurity landscape.


Documentation Workflow

This notebook represents a synthesis of multiple sources rather than a verbatim transcript of the course.

The workflow for each class is:

  1. Attend or view the recorded Fab Futures Cybersecurity class.
  2. Process the recording using CraftNote to generate a transcript and an AI-generated summary.
  3. Review the original material and CraftNote output.
  4. Discuss the material with ChatGPT to:
    • verify technical concepts,
    • connect ideas to current cybersecurity practice,
    • compare concepts with my previous Graduate Certificate studies (2016),
    • relate the material to my professional experience in education, networking, industrial automation, and digital fabrication.
  5. Distill the discussion into this Markdown notebook.
  6. Publish the notebook through my GitLab-hosted MkDocs repository as part of The Hart Index.

The goal is not to reproduce the lecture, but to create a personal engineering notebook that captures understanding, context, and lessons learned.


Key Concepts

  • Cybersecurity has shaped world history. The course opens with three landmark examples—Enigma, Stuxnet, and the Soviet Embassy side-channel attack—to demonstrate that cybersecurity influences military, industrial, and political outcomes, not just computers.

  • Three primary attack vectors. The historical examples introduce three recurring themes that will appear throughout the course:

    • Cryptanalysis
    • Malware
    • Side-channel attacks
  • The objectives of cryptography. Modern cryptography provides four essential security services:

    • Confidentiality
    • Integrity
    • Authentication
    • Non-repudiation
  • Three pillars of modern cryptography.

    • Symmetric (secret key) cryptography
    • Public key (asymmetric) cryptography
    • Cryptographic hash functions
  • Trust requires infrastructure. Public Key Infrastructure (PKI), digital certificates, and Certificate Authorities (CAs) establish trust on today’s Internet.

  • Quantum computing is changing cryptography. Emerging quantum algorithms threaten today’s public-key systems and are driving the development of “post-quantum” cryptography.

  • Cybersecurity is a systems engineering discipline. Effective security requires understanding software, hardware, networks, human behavior, and physical systems together.

  • Hands-on practice is essential. The course emphasizes experimentation, documentation, and iterative learning through practical assignments rather than theory alone.


Taxonomy

Historical Foundations

  • Enigma
  • Stuxnet
  • Soviet Embassy Side-Channel Attack

Security Objectives

  • Confidentiality
  • Integrity
  • Authentication
  • Non-repudiation

Cryptography

Symmetric Cryptography

  • Shared Secret Keys

Asymmetric Cryptography

  • Public Keys
  • Private Keys

Cryptographic Hashes

  • One-Way Hash Functions

Trust Infrastructure

  • Public Key Infrastructure (PKI)
  • Digital Certificates
  • Certificate Authorities (CA)

Threat Categories

  • Cryptanalysis
  • Malware
  • Side-Channel Attacks

Emerging Topics

  • Quantum Computing
  • Post-Quantum Cryptography

Practical Skills

  • SSH Keys
  • Public/Private Key Generation

What Changed Since 2016

One of the goals of this notebook is to reconnect my 2016 Graduate Certificate in Cybersecurity with today’s technologies, threats, and practices. Throughout this course, I will note important changes that have occurred since my formal studies.

Quantum Threats Moved from Theory to Planning

In 2016, “post-quantum” cryptography was largely an academic discussion. Today, the cybersecurity community is actively preparing for the transition to quantum-resistant encryption.

Notable developments include:

  • NIST has selected and standardized post-quantum cryptographic algorithms.
  • Governments and large organizations are planning migrations to quantum-resistant systems.
  • The “record now, decrypt later” threat is taken seriously for information requiring long-term confidentiality.

This does not mean that RSA has been broken today. Rather, organizations responsible for protecting sensitive information—such as government agencies, healthcare providers, defense contractors, and intellectual property holders—are beginning the transition now because encrypted data intercepted today may become vulnerable once large-scale quantum computers become practical.


SSH Keys Have Become Mainstream

When I completed my graduate certificate in 2016, passwords were still the primary means of authentication for many systems.

Today:

  • SSH key authentication is routine.
  • Multi-Factor Authentication (MFA) is widely expected.
  • Passwordless authentication continues to gain momentum.

I expect the course assignment involving SSH key generation to provide an excellent opportunity to reconnect cybersecurity concepts with practical system administration.


Operational Technology (OT) Security Has Emerged as a Major Discipline

One of the most significant changes since 2016 is the increased emphasis on Operational Technology (OT) cybersecurity.

The Stuxnet attack is no longer viewed simply as a remarkable historical event. It is widely recognized as the beginning of modern OT cybersecurity.

While reviewing this lesson, I immediately connected the discussion to systems I have worked with throughout my career, including:

  • Programmable Logic Controllers (PLCs)
  • CNC machines
  • Variable Frequency Drives (VFDs)
  • Industrial communication networks
  • Manufacturing systems

Many cybersecurity professionals develop expertise in enterprise networks without ever working on industrial equipment. My experience troubleshooting and maintaining physical systems provides an appreciation for the real-world consequences of cybersecurity failures.

Understanding how digital systems interact with physical equipment has become an increasingly important aspect of modern cybersecurity.


Connections to Previous Experience

As I worked through this lesson, I found myself connecting modern cybersecurity concepts to experiences accumulated over more than four decades in engineering, education, and manufacturing.

Nuclear Power Operations

My experience as a Nuclear Electrician in the U.S. Navy reinforced the importance of integrity, authentication, and procedural compliance. Nuclear operations depend on trusted procedures, verified communications, and defense-in-depth—principles that are equally fundamental to cybersecurity.

Teaching Cybersecurity

After earning my Graduate Certificate in Cybersecurity in 2016, I taught cybersecurity concepts as part of the Computer Information Systems curriculum at Missouri State University. This course provides an opportunity to reconnect those academic foundations with the significant technological changes that have occurred over the past decade.

Industrial Control Systems

The discussion of Stuxnet immediately brought to mind modern manufacturing environments and industrial control systems. My work with CNC machines, PLCs, Variable Frequency Drives (VFDs), industrial networking, and machine restoration has shown me that cybersecurity is no longer limited to protecting information—it also protects physical equipment and the people who depend upon it.

Systems Thinking

Throughout my career, whether troubleshooting submarine electrical systems, restoring CNC machinery, or designing digital fabrication workflows, success has depended upon understanding how individual components interact as a complete system. This lesson reinforced that effective cybersecurity requires the same systems-level thinking.

Documentation as a Security Practice

One unexpected connection is the importance of documentation. Building The Hart Index has reminded me that accurate documentation, version control, and traceability are valuable not only for engineering projects but also for cybersecurity. Good documentation improves understanding, preserves institutional knowledge, and provides accountability—qualities that contribute directly to resilient systems.


Lessons Learned

This first class established a framework for how I intend to approach the remainder of the course. Rather than viewing cybersecurity as a collection of isolated technologies, I now see it as an engineering discipline concerned with establishing and maintaining trust across interconnected systems.

Several insights stood out to me:

  • Cybersecurity is much broader than protecting computers. It encompasses software, hardware, networks, industrial control systems, and the physical world.

  • Historical events such as Enigma and Stuxnet are not simply interesting stories—they illustrate principles that continue to shape modern cybersecurity.

  • Cryptography is not an isolated topic. It forms one part of a larger trust infrastructure that includes authentication, certificates, key management, and identity.

  • Operational Technology (OT) cybersecurity has matured into a significant discipline. My previous experience with industrial equipment provides valuable context for understanding these concepts.

  • The field has continued to evolve rapidly since I completed my Graduate Certificate in 2016. Revisiting the fundamentals provides a stronger foundation for understanding today’s technologies and emerging threats.

Perhaps the most important lesson from this first class is that cybersecurity is fundamentally about understanding relationships within complex systems. This systems perspective closely aligns with my background in engineering, manufacturing, and digital fabrication, and will serve as the lens through which I approach the remainder of this course.


Questions for Further Study

Reflect

  • What surprised me?

Connect

  • How does this relate to something I already understand?

Create

  • What should I build, test, or explore next?

Finally

  • If this lesson is a map, where does it invite me to go next?

Acknowledgements

CraftNote was used to generate the initial transcript and summary from the recorded class.

OpenAI’s ChatGPT served as a collaborative engineering and editorial assistant throughout the development of this notebook. Rather than simply summarizing the lecture, ChatGPT was used to help organize concepts, identify relationships, explore historical context, refine technical explanations, and improve the clarity and structure of the published material.

Any interpretations, reflections, conclusions, and errors remain my own.


Last Updated: 2026-06-26

Spiral: 1

Status: Published