This is a list of resources on cryptography knowledge that I’ve compiled. The goal of this list is to cover the fundamental spectrum of cryptography and to touch on the higher mathematical end.

• Pre-Cryptography Concepts
• Fundamental Cryptography Concepts
• Simple Encryption Algorithms
• Advanced Encryption Algorithms
• One-Way Hashes / Checksums
• Cryptographic Attacks
• Online Books/Papers
• Encryption Programs
• Encryption Libraries
• Resources on Cryptographers
• Historical Background
• Cryptography Conferences

• Why Cryptography is Harder Than it Looks
• Security Pitfalls in Cryptography
• Cryptography is not Security

• Definition of Cryptography by RSA Security
• Symmetric/Private Keys
• Asymmetric/Public Keys
• Kerckhoffs’ Law (Security Through Obscurity)
• Block Ciphers
  • Block ciphers explained by Wikipedia
  • Block cipher modes of operation defined by the NIST
  • Cipher block modes of operation explained by Wikipedia
• Stream Ciphers / Pseudo-Random Number Generators

• Substitution/Ceaser Cipher
  • Defined by Wikipedia
  • ROT-13 variant
  • Atbash variant
• Pig Pen Cipher
• RC4
• Rail Fence Cipher
• Solitaire Cipher
  • As explained by Bruce Schneier (author)
  • Weaknesses in the algorithm
• Vernam Cipher (One-Time Pad)
  • Cryptology and Data Secrecy : The Vernam Cipher
  • Vernam Cipher, A Perfect Cipher
• Viginere Cipher
• XOR

• AES / Rijndael
  • NIST Standard
  • Is AES Secure?
  • Javascript walk-though of AES implementation
  • Error-checking your implementation of AES
• Blowfish
  • Explained by Bruce Schneier (author)
  • Explained by Wikipedia
• (3)DES
  • DES defined by the NIST
  • The DES Algorithm Illustrated — (Contains test vectors lacking in the NIST specification.)
• Serpent
  • Serpent Specification
  • The Case for Serpent
• Twofish
  • Home Website
  • Explained by Bruce Schneier (co-author)
• Quantum Cryptography
  • Simple Introduction by HowStuffWorks
  • Quantum Cryptography Overview (PDF)

• Definition of a cryptographic hash
• An illustrated guide to cryptographics hashes
• CRC
• MD5
  • As explained by Wikipedia
  • RFC specification of MD5
  • MD5 walk-through in JavaScript
  • MD5 Weakness
    • Paper on MD5 collisions
    • MD5 collisions visualized
    • Sample MD5 collisions
    • Implementation for generating MD5 collisions
• RIPEMD-160 & RIPEMD-128
  • RIPEMD-160 Specification
  • General Info
• SHA
  • NIST specification for SHA-1, SHA-256, SHA-384, SHA-256
  • SHA-1 explained by Wikipedia
  • SHA-1 Weakened

• Analyzing and Breaking Ciphers
• General Block Cipher Attacks
• General Stream Cipher Attacks
• Breaking a Polyalphabetic Substitution Cipher (PPT)
• Breaking Polyalphabetic Substitution Ciphers
• Breaking a Vigenère Cipher
• Basic Text-Based Cryptanalysis by the US Army
• NIST’s Guide to Statistical Tests
• Linear Cryptanalysis (with demo)
• Brute-force
• Man in the middle
• Side-Channel Attacks
• Confusion and Diffusion
• Communication Theory of Secrecy Systems — The paper by Claude Shannon that introduced the concept of “confusion and diffusion”.
• AES Competition (Purity Noise) Tests

• Databases of Papers
  • The Cryptology ePrint Archive
  • Crypto Conference Papers — Papers that have been submitted at the conferences Crypto, Eurocrypt, and Ches.
  • Cryptographer’s World — Statistics on published cryptography authors and papers.
  • Ron Rivest’s Collection of Links
  • arXiv – Cryptography and Security
• Books / Compilations of Notes
  • MIT summer course — Notes from an MIT summer course on cryptography (1996-2001).
  • Graduate-level notes by Mihir Bellare (UCSB) and Phillip Rogaway (UCD)
  • Handbook of Applied Cryptography — A free ebook that provides a good introduction to mathematical cryptography.
  • A Computational Introduction to Number Theory and Algebra
  • An Overview of Cryptography — An overview of cryptography and a look into real-life modern programs.
• Course Materials
  • MIT – Spring 2005 – Cryptography and Cryptanalysis
  • University of Washington – Winter 2006 – Practical Aspects of Modern Cryptography
  • A Self-Study Course in Block Cipher Cryptanalysis
• Introduction to Cryptography
• Security Engineering — A practical approach to employing cryptography.
• Peter Gutmann’s Crash Course on Cryptography
• PKCS #5 — A cryptographic standard for using user-specified keys in encryption.

• TrueCrypt — Symetric key, disk/virtual disk encryption.
• GPG — Public key, multiple encryption options.
• PGP — Public key, multiple encryption options.
• AxCrypt — Symmetric key, individual file encryption.
• DriveCrypt — Symmetric key, whole disk encryption.
• dsCrypt — Symmetric key, individual file encryption (stand-alone EXE).
• Snake Oil Encryption Software — This isn’t an encryption program, but it’s a good article on how to evaluate encryption software.

• Crypto++ — A C++ library under a custom, permissive license.
• PolarSSL — A C library under the GNU GPL license.
• OpenSSL — A C++ library under an Apache-style license.
• Brian Gladman — C source code for AES, SHA, and HMAC.

• Bruce Schneier
• Peter Guttmann
• Matt Blaze
• Ron Rivest
• Xiaoyun Wang
• Neils Ferguson
• Professor Michael Anshel
• David Wagner
• Dr. Vlastimil Klima
• Claude Shannon

• Historical Overview
• Crypto AG – The NSA backdoor
• The AES Competion

• Crypto
• Eurocrypt
• CHES
• Financial Cryptography

Update: November 15, 2009 – Removed stale links, added more links, reorganized some existing links.
Posted: October 27, 2007