Violent Python Book

Optional book ($35)

Scripting for IT and Security Professionals (with Blockchains)

Mon, June 27 - Fri, July 1, 2016
Sierra College, Rocklin
Sam Bowne

Home Page


Optional book ($33)
Free online version


SURVEY

Course Description

IT and security professionals who don't know coding should take this course. Attendees will learn fast, simple coding techniques by performing hands-on projects and competing to solve challenges. These skills are appropriate for prototypes, demonstrations, and proof-of-concept code. The focus on hacking and competition helps to keep students motivated and engaged.

Prerequisites

Familiarity with networking and security concepts at the Network+ and Security+ level would be best, but it's not required. No previous coding experience is required.

Schedule

Monday, Tuesday & Thursday:
8:30 - 9:00 Breakfast / Registration / Welcome: In the Cafeteria

9:00 - 12:00 Classes, in the V building

12:00 - 1:00 Lunch: In the Cafeteria

1:00 - 4:30 Classes, in the V building

Wednesday
Regular schedule but ending early at 3:30
Friday
9:00 - 12:00 Classes, in the V building

Blockchain Voting Prototype

Lectures

Real Hacking (key)
Data Breaches: Real and Imaginary (ppt)
Bitcoin (key)
Security at Colleges
SSL Certificates at Banks
NETLAB password insecurity
Is Your Android App Secure? (ppt)
Financial Android App Vulnerabilities
Android App Security Auditing Workshop
Hacking Mobile Devices Class
Rindjael Encryption Animation (AES)

Some lectures are in Keynote format.
To comvert them to PowerPoint, use Cloud Convert.


Projects

Twitter


Bash Shell Scripting

CodeCademy Command-Line Lesson Local

Command Injection Challenges

1. Ping Form: Command Injection Winners
2. Buffer Overflow: Command Injection Winners
3. ImageMagick: Command Injection Winners
4. SQL Injection Winners 1     Winners 2     Winners 3
These challenges also work inside Netlab. On the Kali64 machine, open samsclass.info in IceWeasel.

Basic SQL

CodeCademy SQL Lesson Local
Using NETLAB Local

SQL Injection Attack and Defense

Installing SQLol NETLAB(rev. 6-27-16) * Local
SQLi: Attacking with Havij and Defending with Input Filtering NETLAB (rev. 6-28-16)* Local
Exploiting SQLi with sqlmap NETLAB * Local
Fixing MySQL with Parameterized Queries NETLAB * Local

Ethical Hacking Class


Basic Networking

Sniffing HTTP Traffic with Wireshark NETLAB Local
Sniffing UDP and TCP Traffic with Wireshark Local
Using Wireshark to Analyze a Packet Capture File     Packet Capture File
NETLAB Local
Port Scans and Firewalls NETLAB Local
Analyzing a Port Scan NETLAB Local
Detecting Attacks with Snort NETLAB * Local
Network+ Class

Security+ Class


Packet Crafting with Python and Scapy

Introduction to Scapy NETLAB * Local
TCP Handshake with Scapy NETLAB * Local
yesman--Scanner Honeypot with Scapy NETLAB * Local
ARP Spoofing with Scapy NETLAB * Local
Slow Loris Attack with Scapy NETLAB * Local
IPv6 with Scapy NETLAB * Local
IPv6 Router Advertisements with Scapy NETLAB * Local
Advanced Ethical Hacking Class

Website Attacks and Defense

HTTP Basic Authentication NETLAB * Local
Cookie Replay Local
Reverse-Engineering an Authentication Cookie Local
Defeating HTTPS with SSLstrip NETLAB * Local
Intro to Burp Local
Making a Linux HTTPS Server NETLAB * Local
Performing an HTTPS DoS Attack NETLAB * Local
Brute Force Attacks with Hydra Local
Securing Web Applications Class

Basic Python

CodeCademy Python Lesson Local

Network Attacks with Python

Basic Port Scanning with Python NETLAB * Local
Port Scanning Challenges NETLAB * Local
HTTP Requests with Python NETLAB * Local
HTTP Login Challenges NETLAB * Local

Cryptography with Python

Password Hashes with Python NETLAB * Local
Password Hashes Challenges NETLAB * Local
XOR Encryption in Python NETLAB * Local
XOR Encryption Challenges NETLAB * Local
Getting Started with Multichain NETLAB * Local
Making a Blockchain Survey with Multichain Local
RSA1: Using Very Small Keys NETLAB * Local
RSA2: Cracking a Short RSA Key NETLAB * Local
Bitcoin 1: Setting up a Private Regtest Blockchain Local
Bitcoin 2: Adding a Second Node to your Private Regtest Blockchain Local
Bitcoin 3: Joining the Samcoin Blockchain Local
ROT-13 in Windows: Capturing and Examining the Registry Local
Cryptography Class
Computer Forensics Class

Docker

Intro to Docker Local

Games and Cybercompetitions

Password Guessing Games Local
PicoCTF Local
Bandit Challenges Local
CTFTime Local

Exploit Development

Linux Buffer Overflow: Command Injection · Winners NETLAB * Local
Using Jasmin to run x86 Assembly Code
If you don't want the drawing of a partially undressed woman on the splash screen, use this version of Jasmin:

Download politically correct Jasmin without the cheesecake

Assembly Code Challenges
Linux Buffer Overflow Without Shellcode Practice NETLAB * Local
Linux Buffer Overflow Without Shellcode Challenges NETLAB * Local
Linux Buffer Overflow With Dash Shellcode Practice NETLAB * Local
Remote Linux Buffer Overflow With Metasploit Shellcode Practice NETLAB * Local
Linux Buffer Overflow With Shellcode Challenges · Winners NETLAB * Local

Exploit Development Class

Malware Analysis Class


* For instructions inside Netlab, open samsclass.info in IceWeasel

Cultural Enrichment

How to view someones IP address and connection speed with TRACER T! - YouTube

I Pwned Your Server - YouTube

Downloads

The three machines used for the NETLAB projects are here:

Kali32-2.ova 4.06 GB

Kali64-2.ova 4.08 GB

Ubuntu-2.ova 2.33 GB

Links

Links

Bitcoin 1: The Crypto-Currency - The New Yorker (2011)
Bitcoin 2: Merkle tree - Wikipedia
Bitcoin 3: Genesis block
Bitcoin 4: Bitcoin Block #0 on Blockchain.info -- Click Transaction to see quote
Bitcoin 5: Coinbase, Coinbase Field - Bitcoin Glossary
Bitcoin 6: The Crypto-Currency - The New Yorker (2011)
Bitcoin 7: Cryptocurrency Prices
Bitcoin 8: Understanding Bitcoin Difficulty
Bitcoin 9: Difficulty - Bitcoin Wiki
Bitcoin 10: Mt Gox: The History of a Failed Bitcoin Exchange
Bitcoin 11: The Inside Story of Mt. Gox, Bitcoin's $460 Million Disaster
Bitcoin 12: Details of $5 Million Bitstamp Hack Revealed
Bitcoin 13: Bitcoin Exchange Gatecoin Hacked; 250 BTC & 185,000 ETH Lost (5-16-16)
Bitcoin 14: A history of bitcoin hacks
Bitcoin 15: Suspected multi-million dollar Bitcoin pyramid scheme shuts down, investors revolt (8-27-12)
Bitcoin 16: Bitcoin exchange BitFloor shuttered after virtual heist (9-4-12)
Bitcoin 17: Cryptsy Hacked: Bitcoin Worth $USD 6 Million Stolen (1-18-16)
Bitcoin 18: Hackers steal $1m from Bitcoin site (11-8-13)
Bitcoin 19: Danish Bitcoin exchange BIPS hacked and 1,295 Bitcoins worth $1 Million Stolen
Bitcoin 20: $4.1 Million missing as Chinese bitcoin trading platform GBL vanishes (11-11-13)
Bitcoin 21: List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses (11-16-14)
Bitcoin 22: Poloniex Loses 12.3% of its Bitcoins in Latest Bitcoin Exchange Hack (3-5-14)
Bitcoin 23: Secret Service Agent Gets Six-Year Sentence for Bitcoin Theft (12-17-15)
Bitcoin 24: Block Size Chart for Bitcoin and BitcoinCash
Bitcoin 25: Bitcoin Cash | Home
Bitcoin 26: Segwit2x and the Tale of Three Bitcoins (Aug. 7, 2017)

Blockchain 1: Microsoft launches Project Bletchley blockchain framework (June 17, 2016)
Blockchain 2: Understand the Blockchain in Two Minutes - YouTube
Blockchain 3: Ethereum Blockchain as a Service now on Azure (2015)
Blockchain 4: Sydney Stock Exchange Developing Blockchain Trading System (5-19-16)
Blockchain 5: Inside Linq, Nasdaq's Private Markets Blockchain Project (11-21-15)
Blockchain 6: Santander unveils first UK blockchain for international money transfers (5-26-16)
Blockchain 7: Acronis testing blockchain for backup (5-19-16)
Blockchain 8: Blockchain Experts, a Rare Breed, May Demand Big Bucks - WSJ (5-12-16)
Blockchain 9: A Visual Demo - YouTube
Blockchain 10: Demo - LIVE ONLINE

Introduction to Cryptography Videos by Christof Paar - YouTube
Cryptography Textbook Website
RSA is 100x slower than AES (figures 9-13)
RSA Public Key format - Stack Overflow
Cracking short RSA keys - Stack Overflow
Converting OpenSSH public keys
How can I transform between the two styles of public key format
Padding oracles and the decline of CBC-mode cipher suites
Prime Numbers Generator and Checker
PadBuster: Automated script for performing Padding Oracle attacks
RSA implementation in Python
Practical Padding Oracle Attacks on RSA
Android, JavaScript and Python compatible RSA Encryption
How to Install Python on Windows
MACTripleDES Class -- HMAC from Microsoft
Cryptool 2 Tutorial
Locky Gets Clever! Ransomware uses private-key and public-key encryption
How to Program Block Chain Explorers with Python, Part 1
How to Program Block Chain Explorers with Python, Part 2
Bitcoin mining the hard way: the algorithms, protocols, and bytes
Bitcoins the hard way: Using the raw Bitcoin protocol
Base58
Elliptic Curve Cryptography: a gentle introduction
Dogecoin Tutorial
Dogeminer - Dogecoin Mining Simulator
Dogecoin - Wikipedia
DogePay - DogeCoin Price
Ethereum - Wikipedia,
Ethereum Project
Ethereum Homestead 0.1 documentation
COINKING.io Mining Pool | Litecoin, Bitcoin, Multipool, Dogecoin, Scrypt, X11, SHA256, X13, X15, NeoScrypt, Scrypt-N
Inside Linq, Nasdaq's Private Markets Blockchain Project
Dangers of using BlockChain.info receive API - Unconfirmed inputs used for transaction fees (From 2014)
Receive Payments API - Blockchain.info
Bitcoin Transaction from Joe to Alice
Bitcoin Network Still Backlogged With Tens of Thousands of Unconfirmed Transactions, Causing Delays (from 2015)
Bitcoin's Capacity Issues No 'Nightmare', But Higher Fees May Be New Reality (Mar. 2016)
Bitcoin's 'New Normal' Is Slow and Frustrating (Feb., 2016)
Bitcoin block size live
How to completely kill Bitcoin at the 1 MB hard limit (Mar., 2016)
Weaknesses - Bitcoin Wiki
Block size limit controversy - Bitcoin Wiki
Creating your own experimental Bitcoin network
How to Create Your Own Cryptocurrency | CryptoJunction
Genesis block - Bitcoin Wiki
List of address prefixes - Bitcoin Wiki
RSA implementation in Python
Execute Python3 Online
ASN.1 Parser | phpseclib -- Converts RSA Keys to Decimal Form
Mastering Bitcoin: Free Online E-Book
bitcoin/bitcoin.conf at master bitcoin/bitcoin GitHub
Bitcoin Double Spends - Max. is About 4 Per Day
Top 5 Cryptocurrency Scams of 2014
Cryptocurrency Scams Exposed
Badbitcoin.org - A Site Listing Scams, Funded by Scamsite Ads
Four genuine blockchain use cases | MultiChain
Difficulty - Bitcoin Wiki
Understanding Bitcoin Difficulty
How to Install Python 2.7.10 on Ubuntu & LinuxMint
Beyond Blockchain: Simple Scalable Cryptocurrencies
DAO Trading Launched on May 28, 2016
Customizing blockchain parameters | MultiChain
Kunstmaan Labs - Hands on with Multichain
Multichain: A Build-Your-Own Blockchain Service for Banks
MultiChain Private Blockchain White Paper
Simple Encrypted Arithmetic Library - SEAL - Homomorphic encryption
Blockchain Voting slides
CNSA Suite and Quantum Computing FAQ
DAO Attack Wouldn't Have Been Possible With Synereo's Smart Contracting Language (7-3-16)
The Blockchain Brain Drain: How The States Are Driving Blockchain Companies Abroad (6-28-16)
The DAO's Wild Ride: Where Does Blockchain Go From Here? (7-1-16)
A brief history of cryptocurrency drama, or, what could possibly DAO wrong? (7-2-16) -- HIGHLY RECOMMENDED
A Legal Analysis of the DAO Exploit and Possible Investor Rights (6-21-16)
How to setup a local test Ethereum Blockchain
A 101 Noob Intro to Programming Smart Contracts on Ethereum
Ethereum TESTNET Morden Block Chain Explorer
Create a Hello World Contract in ethereum
Breaking Into the KeyStore: A Practical Forgery Attack Against Android KeyStore (July, 2016)
Ethereum Accounts, Address and Contracts (Live)
Namecoin: A Trust Anchor for the Internet -- POSSIBLE PROKECT
Solidity by Example -- Voting
Contract Tutorial ethereum/go-ethereum Wiki GitHub
Ethereum hands-on tutorial
Setting up geth Ethereum node to run automatically on Ubuntu
How to get a Morden Test Wallet on Ethereum and write a simple Will contract
Ethereum DApp Essentials Part 1 -- Useful explanations of concepts
What is bitcoin and the blockchain?
Practical Applications of Blockchain Technology
How to make miner to mine only when there are Pending Transactions? - Ethereum
Getting started with Blockchain (Beta)
GitHub - kadena-io/juno: Smart Contracts Running on a BFT Hardened Raft -- IMPORTANT ALTERNATIVE TO BLOCKCHAINS
Ethereum is the Forefront of Digital Currency
Ethereum Enthusiasts Determine Their DAO After A Successful Hard Fork (7-21-16)
Cross-Chain Replay Attacks on Ethereum (7-17-16)
DAO hacked, Ethereum crashing in value (6-17-16)
Bitcoin Plunges After Hacking of Bitfinex Exchange in Hong Kong (Aug 3, 2016)
Bitcoin Mining Profit Calculator Game
CCDC 5: How to Win CCDC
Arizona Cyber Warfare Range -- Revolutionary advancement in cyber security happens here.
Why do we use XTS over CTR for disk encryption?
Disk encryption theory - Wikipedia
A Graduate Course in Applied Cryptography -- POSSIBLE ALTERNATIVE TEXTBOOK
AES Encryption in Python Using PyCrypto -- USE FOR PROJECTS
Attacks on RSA cryptosystem
NSA’s VPN exploitation process (portion of book)
Hosting a DNS domain on the blockchain -- Ethereum-based prototype (2017)
Why isn't Internet DNS based on blockchain? (from 2016)
LocalBitcoins.com: Fastest and easiest way to buy and sell bitcoins
Public Key Cryptography: Diffie-Hellman Key Exchange (short version) - YouTube
Length extension attack - Wikipedia
Everything you need to know about hash length extension attacks
A Primer on IOTA (with Presentation)
Generating Addresses: Learn the Basics - IOTA
Documentation - IOTA - Getting Started
Tutorial: Getting Started - Beginners - IOTA Forum
IOTA Support - Tutorial - Nostalgia Light Wallet
IOTA Node Tutorial
iotaledger/cli-app: CLI App that acts as a wallet
Node.js Introduction
'Hello World' in IOTA: Payments and Messaging Leaderboard
SSH Tunnel in 30 Seconds (Mac OSX & Linux)
IOTA - The Machine Economy - Reddit
IOTA cool tools
MD5 Length Extension Attack
A sample implementation of MD5 in pure Python
Introducing Ethereum Development - Part 1 - MetaMask and Web3
Getting Started as an Ethereum Web Developer
cryptography of archive formats zip, rar and 7zip
Full break on 1024-bit RSA keys (and ~1 in 8 2048 keys) in libgcrypt via L3 cache timing
Rindjael Flash Animation (SWF File)
Lifetimes of cryptographic hash functions

New Unsorted Links

Bitcoin 27: 3 Things to Know About Bitcoin Mining in China (June 13, 2017)
Bitcoin 28: Banks fear bitcoin's mining centralization in China
Custom RBIX Shellcode Encoder/Decoder -- INTERESTING PROJECT
Ch 3a: Why can I encrypt data with one DES key and successfully decrypt with another?
Ch 3b: A Tutorial on Linear and Differential Cryptanalysis
Brainwallet - JavaScript Client-Side Bitcoin Address Generator -- SHOW TO CLASS
NIST POST-QUANTUM CRYPTO STANDARDIZATION CFP Deadline Nov 30, 2017
Hash-based Signatures: An Outline for a New Standard (from 2015)
Google Tests New Crypto in Chrome to Fend Off Quantum Attacks (2016)
Introducing Azure confidential computing--ENCRYPTING DATA IN USE
Ch 4a: AES Rijndael Cipher - Visualization - YouTube
Ch 4b: PyCrypto API Documentation
Ch 5a: Block cipher mode of operation - Wikipedia
Ch 5b: Galois/Counter Mode - Wikipedia
Ch 5c: Shor's algorithm - Wikipedia
Ch 2g: What is the Difference Between Common Law and Civil Law?
Penetration Testing in Active Directory using Metasploit (Part 2)
Ch 6a: CSRC - NIST Computer Security Publications
SpiderLabs/CryptOMG: CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
Ch 5d: Bug #996193 "OFB chaining mode requires padding" : Bugs : Python-Crypto
Ch 5e: Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2) -- CCMP Mode Explained
2017-10-08: Algorithm for Linux $6$ password hashes
c - python crypt in OSX - Stack Overflow
Ch 7a: RSA numbers - Wikipedia
Ch 7b: Attacking RSA exponentiation with fault injection
Ch 7c: Fault-Based Attack of RSA Authentication
Hash Length Extension Attacks
CryptOMG Walkthrough - Challenge 1
CryptOMG Walkthough - Challenge 2
php - Can I blindly replace all mysql_ functions with mysqli_? - Stack Overflow
MariaDB - How to reset MySQL root user password
Automated Padding Oracle Attacks with PadBuster
Padding oracle attack explained
FeatherDuster is a tool for brushing away magical crypto fairy dust
The Padding Oracle Attack - why crypto is terrifying
The Cryptopals Crypto Challenges
Crypto.PublicKey.ElGamal.ElGamalobj
Ch 9a: A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography
Why RSA encryption padding is critical
Ch 8a: Chinese remainder theorem - Wikipedia
Generate Random Prime Numbers
rsatool can be used to calculate RSA and RSA-CRT parameters
Calculating RSA private keys from its public counterpart
IBM Blockchain 101: Quick-start guide for developers
Ch 9b: security - The length of the Bitcoin's private keys - Bitcoin Stack Exchange
Ch 9c: Keylength - ECRYPT II Report on Key Sizes (2012)
Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem
Install Node.js - Ubuntu 16
nodesource/distributions: NodeSource Node.js Binary Distributions
Cryptology ePrint Archive
How the Byzantine General Sacked the Castle: A Look Into Blockchain
Bitcoin.org - The Byzantine Generals' Problem
Ethereum Casper 101
Attack of the 50 Foot Blockchain: Bitcoin, Blockchain, Ethereum & Smart Contracts
Ethereum Contracts Are Going To Be Candy For Hackers (from 2016)
Attacks on RSA cryptosystem
Understanding Common Factor Attacks: An RSA-Cracking Puzzle
MTC3 — The Cipher Contest
trufflesuite/ganache-cli: Fast Ethereum RPC client for testing and development
Blockchain Demo - A visual demo of blockchain technology
The ultimate guide to audit a Smart Contract Most dangerous attacks in Solidity
How $800k Evaporated from the PoWH Coin Ponzi Scheme Overnight (Feb., 2018)
Hack This Contract - An Ethereum / Smart Contract Exploit Training Course
Comparison of the different TestNets - Ethereum Stack Exchange
Rinkeby is extremely slow at confirming transactions - Ethereum Stack Exchange
Ethernaut Coin Flip problem
Ethernaut
ERC20 - Ethereum Token Standard
How to stop mining empty blocks? - MultiChain Developer Q&A
MultiChain/multichain-web-demo: Simple web interface for MultiChain blockchains, written in PHP.
Crypto Identifier - Tool To Uncipher Data Using Multiple Algorithms And Block Chaining Modes
Quantum Algorithm Zoo
Post-quantum Key Exchange—A New Hope
PQCrypto Usage & Deployment
GCHQ on Quantum key distribution - NOT RECOMMENDED
PadBuster v0.3 and the .NET Padding Oracle Attack
NewHope: Quantum-robust Crypto for Key Generation using Ring Learning With Errors
Introduction to post-quantum cryptography and learning with errors
The Feynman Double Slit--QUANTUM MECHANICS EXPLAINED
How to write a quantum program in 10 lines of code (for beginners)
Crypton: Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems -- MORE PROJECTS
A Guide to Post-Quantum Cryptography
EC Council ECES. Cryptography Certification -- TechExams Community
How to generate MD5 and SHA-1 collisions of several types
From "Hello World" to "Hello Quantum" --VERY GOOD
Another New AES Attack - Schneier on Security (from 2009)
Serious Security: What 2000 years of cryptography can teach us
Beyond the doomsday economics of "proof-of-work" in cryptocurrencies -- EXCELLENT SUMMARY OF BITCOIN
Ch 2a: Utah Data Center - Wikipedia
Ch 2b: Fresh Tomcat takes loong time to start up
Ch 2c: Haveged - ArchWiki
Ch 2d: On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng (2007)
Ch 2e: How a Crypto 'Backdoor' Pitted the Tech World Against the NSA
Ch 2f: The Strange Story of Dual_EC_DRBG - Schneier on Security
Ch 2g: NIST formally chops NSA-tainted random number generator (2015)
Ch 2h: Documents Reveal N.S.A. Campaign Against Encryption (NY Times, 2013)
Ch 2i: Crypto shocker: four of every 1,000 public keys provide no security (2012)
MD5 considered harmful today (from 2008)
Why it's harder to forge a SHA-1 certificate than it is to find a SHA-1 collision
Potential Backdoor in Russian Cryptography Systems
Ch 3a: What we can learn from attacks on the WEP Protocol
Ch 3c: Cryptography | NIST
Ch 3d: Jan. 2019 Status of NIST Post-Quantum Cryptography Standards: 17 survivors, including NewHope
Ch 3e: SP 800-131A Rev. 2 (DRAFT) Transitioning the Use of Cryptographic Algorithms and Key Lengths (July, 2018)
Ch 3f: Keylength - NIST Report on Cryptographic Key Length and Cryptoperiod (2016)
Ch 3g: Should We Start Using 4096 bit RSA keys?
Ch 3h: Shonen Crypto #1 Cryptocurrency Manga
Ch 3i: Ethereum's Memory Hardness Explained, and the Road to Mining It with Custom Hardware
Ch 3j: NTLM Decrypter
Ch 3k: Another New AES Attack - Schneier on Security
Ch 3l: OAEP Reconsidered
Ch 3m: Breaking 512-bit RSA with Amazon EC2 is a cinch. So why all the weak keys?
Ch 4a: AES Rijndael Cipher explained as a Flash animation - YouTube
Ch 4b: Staples Insecure Encryption
Ch 4c: Ciphertext stealing - Wikipedia
Ch 4d: Block cipher mode of operation - Wikipedia
Ch 5a:: Microsoft Office Encryption 2003 and 2007
Ch 5b: The Misuse of RC4 in Microsoft Word and Excel; by hongjun wu
Ch 5c: How to break XOR cipher with repeating key?
Ch 5d: ASIC vs GPU vs CPU Cryptocurrency Mining Equipment
Ch 5e: A Stream Cipher Proposal: Grain-128 (2006)
Ch 5f: Fault Analysis of Grain-128 by Targeting NFSR
Ch 5g: Grain-128a: a new version of Grain-128 with optional authentication (2011)
Ch 5i: On cellular encryption -- A Few Thoughts on Cryptographic Engineering
Ch 5k: IETF takes rifle off wall, grabs RC4 cipher's collar, goes behind shed (2004)
Ch 5l: Microsoft kills RC4 crypto (2016)
Ch 5k: RC4 - Wikipedia
Ch 5l: RC4 NOMORE
Ch 5k: eSTREAM - Wikipedia
Ch 5l: Salsa20 - Wikipedia
Ch 5k: The Underhanded C Contest � 2007
Ch 5l: Satellite Phone Encryption Calls Can be Cracked in Fractions of a Second (2017)
Ch 6a: BLAKE2: "Harder, Better, Faster, Stronger" Than MD5
Ch 6b: BLAKE2
Ch 6c: Finding Collisions in MD4
Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu (2019)
Ch 6d: Birthday problem - Wikipedia
Ch 6e: RC5 and cracking a 72-bit key- Wikipedia
Ch 6f: distributed.net - Wikipedia
Ch 6g: Is 80 bits of key size considered safe against brute force attacks? - Cryptography Stack Exchange
Ch 6h: Create your own MD5 collisions
Crypto_MD5_Collision.pdf
Ch 6j: How to Break MD5 and Other Hash Functions (Wang)
Ch 6k: Parallel hash collision search by Rho method with distinguished points - LISAT2018_Weber_Zhang.pdf
Ch 7a: What do the magic numbers 0x5c and 0x36 in the opad/ipad calc in HMAC do? - Cryptography Stack Exchange
NIST finally dumps NSA-tainted random number algorithm (2014)
Juniper Networks Hack via ECC (2017)
Arrow of time and its reversal on the IBM quantum computer--SHOW TO CLASS
Grover's algorithm - Quantum Crypto v. AES

Posted before 6-14-16 by Sam Bowne
Last revised 8-18-16