3DES
– Symmetric-key block cipher (or Triple Data Encryption Algorithm (TDEA
or Triple DEA), which applies the Data Encryption Standard (DES) cipher
algorithm three times to each data block.
AES
– Symmetric-key block cipher algorithm and U.S. government standard for
secure and classified data encryption and decryption (also known as
Rijndael).
Blowfish
– Symmetric-key block cipher, designed in 1993 by Bruce Schneier.
Notable features of the design include key-dependent S-boxes and a
highly complex key schedule.
Asymmetric encryption
RSA
– One of the first practical public-key cryptosystems and is widely
used for secure data transmission. In RSA, this asymmetry is based on
the practical difficulty of factoring the product of two large prime
numbers, the factoring problem.
Transform Encryption
Transform Encryption (aka Proxy Re-Encryption)
– Transform encryption uses three mathematically related keys: one to
encrypt plaintext to a recipient, a second to decrypt the ciphertext,
and a third to transform ciphertext encrypted to one recipient so it can
be decrypted by a different recipient.
Hash functions
MD5 –
Widely used hash function producing a 128-bit hash value. MD5 was
initially designed to be used as a cryptographic hash function, but it
has been found to suffer from extensive vulnerabilities. It can still be
used as a checksum to verify data integrity, but only against
unintentional corruption.
SHA1
– Cryptographic hash function designed by the NSA. SHA-1 produces a
160-bit hash value known as a message digest. SHA-1 is no longer
considered secure against well-funded opponents.
SHA2
– Set of hash functions designed by the NSA. SHA-256 and SHA-512 are
novel hash functions computed with 32-bit and 64-bit words,
respectively. They use different shift amounts and additive constants,
but their structures are otherwise virtually identical, differing only
in the number of rounds.
Practical Cryptography for Developers
– Developer-friendly book on modern cryptography (hashes, MAC codes,
symmetric and asymmetric ciphers, key exchange, elliptic curves, digital
signatures) with lots of code examples.
Real World Cryptography
– This book teaches you applied cryptographic techniques to understand
and apply security at every level of your systems and applications.
Security Engineering – There is an extraordinary textbook written by Ross Anderson, professor of computer security at University of Cambridge.
Serious Cryptography – A Practical Introduction to Modern Encryption by Jean-Philippe Aumasson.
The Cryptoparty Handbook – This book provides a comprehensive guide to the various topics of the computer and internet security.
Understanding Cryptography
– Often overlooked, this book is a boon for beginners to the field. It
contains plenty of exercises at the end of each chapter, aimed at
reinforcing concepts and cementing ideas.
Courses
A Self-Study Course In Block-Cipher Cryptanalysis
-This paper attempts to organize the existing literature of
block-cipher cryptanalysis in a way that students can use to learn
cryptanalytic techniques and ways to break algorithms, by Bruce
Schneier.
Applied Cryptography
– Cryptography is present in everyday life, from paying with a credit
card to using the telephone. Learn all about making and breaking puzzles
in computing.
Crypto Strikes Back!
– This talk will cover crypto vulnerabilities in widely-deployed
systems and how the smallest oversight resulted in catastrophe.
Cryptography – A practical oriented course in Cryptography by University of Maryland College Park.
Cryptography – Stanford University
– This course explains the inner workings of cryptographic primitives
and how to correctly use them. Students will learn how to reason about
the security of cryptographic constructions and how to apply this
knowledge to real-world applications.
Cryptography I
– The course begins with a detailed discussion of how two parties who
have a shared secret key can communicate securely when a powerful
adversary eavesdrops and tampers with traffic. We will examine many
deployed protocols and analyze mistakes in existing systems.
Cybrary Cryptography
– This online course we will cover how cryptography is the cornerstone
of security, and how through its use of different encryption methods,
such as ciphers, and public or private keys, you can protect private or
sensitive information from unauthorized access.
Theory and Practice of Cryptography
– Introduction to Modern Cryptography, Using Cryptography in Practice
and at Google, Proofs of Security and Security Definitions and A Special
Topic in Cryptography.
Other lists
Awesome crypto-papers – A curated list of cryptography papers, articles, tutorials and howtos.
Awesome HE – A curated list of homomorphic encryption libraries, software and resources.
blackbox – safely store secrets in Git/Mercurial/Subversion.
certbot –
Previously the Let’s Encrypt Client, is EFF’s tool to obtain certs from
Let’s Encrypt, and (optionally) auto-enable HTTPS on your server. It can
also act as a client for any other CA that uses the ACME protocol.
Coherence – Cryptographic server for modern web apps.
cryptomator – Multi-platform transparent client-side encryption of your files in the cloud.
gpg – Complete
and free implementation of the OpenPGP standard. It allows to encrypt
and sign your data and communication, features a versatile key
management system. GnuPG is a command line tool with features for easy
integration with other applications.
ironssh –
End-to-end encrypt transferred files using sftp/scp and selectively
share with others. Automatic key management works with any SSH server.
Encrypted files are gpg compatible.
Nipe – Nipe is a script to make Tor Network your default gateway.
sops – sops is an
editor of encrypted files that supports YAML, JSON and BINARY formats
and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.
ves – End-to-end encrypted sharing via cloud repository, secure recovery through a viral network of friends in case of key loss.
git-secret – Bash-tool to store your private data inside a git repository.
Frameworks and Libs
C
crypto-algorithms – Basic implementations of standard cryptography algorithms, like AES and SHA-1.
libgcrypt – Cryptographic library developed as a separated module of GnuPG.
libsodium – Modern and easy-to-use crypto library.
libtomcrypt – Fairly comprehensive, modular and portable cryptographic toolkit.
libVES.c – End-to-end encrypted sharing via cloud repository, secure recovery through a viral network of friends in case of key loss.
milagro-crypto-c
– Small, self-contained and fast open source crypto library. It
supports RSA, ECDH, ECIES, ECDSA, AES-GCM, SHA2, SHA3 and Pairing-Based
Cryptography.
monocypher – small, portable, easy to use crypto library inspired by libsodium and TweetNaCl.
NaCl – High-speed library for network communication, encryption, decryption, signatures, etc.
PolarSSL –
PolarSSL makes it trivially easy for developers to include cryptographic
and SSL/TLS capabilities in their (embedded) products, facilitating
this functionality with a minimal coding footprint.
themis – High
level crypto library for storing data (AES), secure messaging (ECC +
ECDSA / RSA + PSS + PKCS#7) and session-oriented, forward secrecy data
exchange (ECDH key agreement, ECC & AES encryption). Ported on many
languages and platforms, suitable for client-server infastructures.
ex_crypto – Elixir wrapper for Erlang :crypto and :public_key modules. Provides sensible defaults for many crypto functions to make them easier to use.
cryptico – Easy-to-use encryption system utilizing RSA and AES for javascript.
crypto-js – JavaScript library of crypto standards.
cryptojs – Provide standard and secure cryptographic algorithms for NodeJS.
forge – Native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps.
IronNode
– Transform encryption library, a variant of proxy re-encryption, for
encrypting to users or groups, and easily adding strong data controls to
NodeJS apps.
IronWeb
– Transform encryption library, a variant of proxy re-encryption, for
easily managing end-to-end encryption securely in the browser.
javascript-crypto-library – JavaScript Crypto Library provides web developers with an extensive and efficient set of cryptographic functions.
js-nacl – Pure-Javascript High-level API to Emscripten-compiled libsodium routines.
jsencrypt – Javascript library to perform OpenSSL RSA Encryption, Decryption, and Key Generation.
JShashes – Fast and
dependency-free cryptographic hashing library for node.js and browsers
(supports MD5, SHA1, SHA256, SHA512, RIPEMD, HMAC).
jsrsasign – The
‘jsrsasign’ (RSA-Sign JavaScript Library) is an opensource free
cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation.
jsThemis
– Javascript wrapper on Themis. High level crypto library for storing
data (AES), secure messaging (ECC + ECDSA / RSA + PSS + PKCS#7) and
session-oriented, forward secrecy data exchange (ECDH key agreement, ECC
& AES encryption).
libsodium.js – libsodium compiled to pure JavaScript, with convenient wrappers.
libVES.js – End-to-end encrypted sharing via cloud repository, secure recovery through a viral network of friends in case of key loss.
milagro-crypto-js
– MCJS is a standards compliant JavaScript cryptographic library with
no external dependencies except for the random seed source. Compatible
for nodejs and browser. It supports RSA, ECDH, ECIES, ECDSA, AES-GCM,
SHA2, SHA3, Pairing-Based Cryptography and New Hope.
Project Kalium – Java binding to the Networking and Cryptography (NaCl) library with the awesomeness of libsodium.
scrypt – Pure Java
implementation of the scrypt key derivation function and a JNI interface
to the C implementations, including the SSE2 optimized version.
Crypto.jl – Library that wraps OpenSSL, but also has pure Julia implementations for reference.
MbedTLS.jl – Wrapper around the mbed TLS and cryptography C libary.
Nettle.jl – Julia wrapper around nettle cryptographic hashing/
encryption library providing MD5, SHA1, SHA2 hashing and HMAC functionality, as well as AES encryption/decryption.
proteus – Axolotl protocol implementation, without header keys, in Rust.
recrypt – A
pure-Rust library that implements cryptographic primitives for building
a multi-hop Proxy Re-encryption scheme, known as Transform Encryption.
ring – Safe, fast, small crypto using Rust & BoringSSL’s cryptography primitives.
rust-crypto – Mostly pure-Rust implementation of various cryptographic algorithms.
SwiftThemis
– Swift wrapper on Themis for iOS and MacOS. High level crypto library
for storing data (AES), secure messaging (ECC + ECDSA / RSA + PSS +
PKCS#7) and session-oriented, forward secrecy data exchange (ECDH key
agreement, ECC & AES encryption).
Bristol Cryptography Blog
– Official blog for the University of Bristol cryptography research
group. It’s a group blog, primarily targeted towards cryptographers and
crypto students.
Root Labs rdist
– Nate Lawson and his co-authors write on a variety of topics including
hardware implementation, cryptographic timing attacks, DRM, and the
Commodore 64.
Salty Hash – Covers topics on encryption, data control, privacy, and security.
Schneier on security – One of the oldest and most famous security blogs. Bruce covers topics from block cipher cryptanalysis to airport security.
Mailing lists
metzdowd.com – “Cryptography” is a low-noise moderated mailing list devoted to cryptographic technology and its political impact.
Modern Crypto – Forums for discussing modern cryptographic practice.
randombit.net – List for general discussion of cryptography, particularly the technical aspects.
Web-tools
Boxentriq
– Easy to use tools for analysis and code-breaking of the most frequent
ciphers, including Vigenère, Beaufort, Keyed Caesar, Transposition
Ciphers, etc.
Cryptolab – is a set of cryptography related tools.
CrypTool – Great variety of ciphers, encryption methods and analysis tools are introduced, often together with illustrated examples.
CyberChef – a web app for encryption, encoding, compression, and data analysis.
factordb.com – Factordb.com is tool used to store known factorizations of any number.
keybase.io – Keybase maps your identity to your public keys, and vice versa.
Web-sites
Cryptography Stackexchange
– Cryptography Stack Exchange is a question and answer site for
software developers, mathematicians and others interested in
cryptography.
Cryptopals Crypto Challenges
– A series of applied cryptography challenges, starting from very basic
challenges, such as hex to base 64 challanges, and gradually increasing
the difficulty up to abstract algebra.
IACR – The
International Association for Cryptologic Research is a non-profit
scientific organization whose purpose is to further research in
cryptology and related fields.
Learn Cryptography
– Dedicated to helping people understand how and why the cryptographic
systems they use everyday without realizing work to secure and protect
their privacy.
Subreddit of Cryptography – This subreddit is intended for links and discussions surrounding the theory and practice of strong cryptography.
WebCryptoAPI
– This specification describes a JavaScript API for performing basic
cryptographic operations in web applications, such as hashing, signature
generation and verification, and encryption and decryption.