This is a list of fundamental cryptography links and references that I’ve compiled. Hopefully I’ve covered the broad basics and touched on the important areas.

• Pre-Cryptography Concepts
• Fundamental Cryptography Concepts
• Simple Encryption Algorithms
• Advanced Encryption Algorithms
• One-Way Hashes / Checksums
• Cryptographic Attacks
• Online Books/Papers
• Encryption Programs
• Some Notable Cryptographers
• Historical Background
• Cryptography Conferences

• Why Cryptography is Harder Than it Looks
• Security Pitfalls in Cryptography
• Cryptography is not Security

• Definition by RSA Security
• Symmetric/Private Keys
• Asymmetric/Public Keys
• Kerckhoffs’ Law (Security Through Obscurity)
• Block Ciphers
  • Block ciphers explained by Wikipedia
  • Block cipher modes of operation defined by the NIST
  • Cipher block modes explained by Wikipedia
• Stream Ciphers / PRNGs
• Confusion and Diffusion

• Substitution/Ceaser Cipher
  • Defined by Wikipedia
  • ROT-13 variant
  • Atbash variant
• Pig Pen Cipher
• RC4
• Rail Fence Cipher
• Solitaire Cipher
  • As explained by Bruce Schneier (author)
  • Weaknesses in the algorithm
• Vernam Cipher (One-Time Pad)
  • Cryptology and Data Secrecy : The Vernam Cipher
  • Vernam Cipher, A Perfect Cipher
• Viginere Cipher
• XOR

• AES / Rijndael
  • NIST Standard
  • Is AES Secure?
  • Javascript walk-though of AES implementation
  • Error-checking your implementation of AES
• Blowfish
  • Explained by Bruce Schneier (author)
  • Explained by Wikipedia
• (3)DES
  • DES defined by the NIST
  • The DES Algorithm Illustrated — (Contains test vectors lacking in the NIST specification.)
• Serpent
  • Serpent Specification
  • The Case for Serpent
• Twofish
  • Home Website
  • Explained by Bruce Schneier (co-author)
• Quantum Cryptography
  • Simple Intro by HowStuffWorks
  • Darmouth Primer

• Definition of a hash
• CRC
• MD5
  • As explained by Wikipedia
  • RFC specification of MD5
  • MD5 walk-through in JavaScript
  • MD5 Broken
    • Paper on MD5 collisions
    • MD5 collisions visualized
    • Sample MD5 collisions
    • Implementation for generating MD5 collisions
• RIPEMD-160 & RIPEMD-128
  • RIPEMD-160 Specification
  • General Info
• SHA
  • NIST specification for SHA-1, SHA-256, SHA-384, SHA-256
  • SHA-1 explained by Wikipedia
  • SHA-1 Weakened

• Analyzing and Breaking Ciphers
• Block Cipher Attacks
• Stream Cipher Attacks
• Linear Cryptanalysis (with demo)
• Brute-force
• Man in the middle
• Side-Channel Attacks

• Databases of Papers:
  • Cryptome — The biggest public cryptography paper database. Contains almost every imaginable paper, including declassified government documents.
  • Bruce Schneier’s Paper Database — Bruce Schneier’s personally compiled database of important cryptographic papers.
  • AES Competition (Purity Noise) Tests
  • Crypto Conference Papers — A list of all papers that have been submitted at three different cryptography conferences: Crypto, Eurocrypt, and Ches.
• Introduction to Cryptography
• Handbook of Applied Cryptography — A free ebook that provides a nice introduction to cryptography.
• Security Engineering — An absolute must-read.
• A Computational Introduction to Number Theory and Algebra
• MIT cryptography course — These are the compiled notes from a couple noted cryptographic lecturers. They used these notes to teach a summer course on cryptography at MIT from 1996-2001.
• Communication Theory of Secrecy Systems — A paper by Claude Shannon
that analyzes cryptography from the standpoint of number theory. It’s where the “confusion and diffusion” (see above) principle was born.
• Peter Gutmann’s Crash Course on Cryptography
• LANAKI’s Crypto Course Lessons — A series of articles explaining the concepts of encryption and security.
• An Overview of Cryptography — An overview of cryptography and a look into real-life modern programs.
• Basic Cryptanalysis — An overview of concepts involved in cryptanalysis.
• PKCS #5 v2.0 — A cryptographic standard for using user-specified keys in encryption. (Anyone who implements an encryption algorithm using a user-specified should read this.)
• Energy, performance, area versus security trade-offs for stream ciphers — An analysis of various trade-offs and performance (dis)advantages stream ciphers have, with emphasis on hardware implementation.

• TrueCrypt — Symetric key, disk/virtual disk encryption.
• GPG — Public key, multiple encryption options.
• PGP — Public key, multiple encryption options.
• AxCrypt — Symmetric key, individual file encryption.
• DriveCrypt — Symmetric key, whole disk encryption.
• LockNote — Symetric key, text encryption (stand-alone EXE).
• dsCrypt — Symmetric key, individual file encryption (stand-alone EXE).
• Omziff — Symmetric key, individual file encryption (stand-alone EXE).
• CryptoSwap Guerilla — Encrypts Windows’ swap file.
• Snake Oil Encryption Software — This isn’t an encryption program, but it’s a good article on how to evaluate encryption software.

• Bruce Schneier — (Note his blog and newsletter.)
• Professor Peter Guttmann
• Ron Rivest
• Xiaoyun Wang
• Neils Ferguson
• Professor Michael Anshel
• David Wagner
• Dr. Vlastimil Klima

• The AES Competion

• Crypto
• Eurocrypt
• CHES