Optional, free

CNIT 141: Cryptography for Computer Networks

Fall 2017 Sam Bowne

Schedule · Lectures · Projects · Links · Home Page

77820 M 6:10-09:00PM SCIE 200

Scores

All · Last 5


Course Justification

Individuals, companies, and governments all have private data on their computer systems that must be protected. However, the encryption techniques required to protect them are difficult to apply, and often fail in practice. There is a serious shortage of information technology professionals who are qualified to install, repair, and maintain cryptographic security measures. This class helps students prepare to meet those needs.

Catalog Description

Mathematical underpinnings and practical applications of modern cryptographic systems, including the Advanced Encryption Standard (AES), the Secure Hash Algorithms (SHA), and Rivest-Shamir-Adleman (RSA). The class focuses on practical applications: selecting, implementing, testing, and maintaining systems to protect data on modern computer networks.

Prerequisites: CNIT 120 or equivalent familiarity with the fundamentals of security, and MATH 40 or equivalent familiarity with algebra

Student Learning Outcomes

Upon successful completion of this course, the student will be able to:
  1. Implement modern cryptographic systems, including AES, RSA, and SHA
  2. Choose appropriate methods to protect data at rest, in use, and in motion
  3. Perform attacks to reveal encrypted data
  4. Explain the strengths and weaknesses of modern cryptographic systems

Textbooks

Understanding Cryptography: A Textbook for Students and Practitioners by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000 ASIN: B014P9I39Q Buy from Amazon ($22)

Mastering Bitcoin: Unlocking Digital Cryptocurrencies 1st Edition by Andreas M. Antonopoulos, ISBN: 1449374042 (optional, free online)

Quizzes

The quizzes are multiple-choice, online, and open-book. However, you may not ask other people to help you during the quizzes. You will need to study the textbook chapter before the lecture covering it, and take the quiz before that class. Each quiz is available for one week, up till 8:30 am Saturday. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. If you take the quiz twice, the higher score counts.

To take quizzes, first claim your RAM ID and then log in to Canvas here:

https://ccsf.instructure.com

Live Streaming

You can attend class remotely using Zoom.

Join from PC, Mac, Linux, iOS or Android: https://zoom.us/j/4108472927
Meeting ID: 410-847-2927

The free version of Zoom is limited to 40 minutes per meeting. So to see the second part of the lecture live, you will have to re-join with the same meeting ID.

Classes will also be recorded and published on YouTube for later viewing.

Schedule (may be changed)

DateQuiz & Proj DueTopic

Mon 8-21  Intro: Bitcoin & Cryptography

Mon 8-28  1. Introduction to Cryptography and Data Security

Mon 9-4 Holiday - No Class

Fri 9-8 Last Day to Add Classes

Mon 9-11Quiz Ch 1-2 due *
Proj 1 & 2 due
Modular Arithmetic: Addition and Subtraction
Stream Ciphers
XOR: Bits and Nybbles

Mon 9-18Quiz Ch 3 due *
Proj 3 due
3. The Data Encryption Standard (DES) and Alternatives

Mon 9-25Quiz Ch 4 due *
Proj 4 & 5 due
4. The Advanced Encryption Standard (AES)

Mon 10-2Quiz Ch 5 due *
Proj 6 due
5. More About Block Ciphers

Mon 10-9 Holiday - No Class

Mon 10-16Quiz Ch 6 due *
Proj 7 & 8 due
6. Introduction to Public-Key Cryptography

Mon 10-23Quiz Ch 7 due *
Proj 9 due
7. The RSA Cryptosystem

Mon 10-30Quiz Ch 8 due *
Proj 10 & 11 due
8. Public-Key Cryptosystems Based on the Discrete Logarithm Problem

Mon 11-6No Quiz
No Proj due
Guest Speaker: Sarah Lewis Cortes, PhD, CISA, AAFS
Topic: Anonymous (cryptographically protected) network communications, aka the darknet. And, darknet crime, facilitated by cryptocurrency

Mon 11-13Quiz Ch 9 due *
No Proj Due
9. Elliptic Curve Cryptosystems

Mon 11-20Quiz Ch 10 due *
14 due
10. Digital Signatures

Mon 11-27Quiz Ch 11 due *
Proj 12 & 13 & 15 due
11. Hash Functions

Mon 12-4 No Guest Speaker: Lecture on 12. Message Authentication Codes (MACs) & 13. Key Establishment

Mon 12-11Quiz Ch 12 & 13 due *
Proj 16 due
All Extra Credit Proj due
Last Class: Guest: Scott Stender, VP, Crypto Services, NCC Group

Slides (PDF)

This talk will not be recorded or streamed--attend in person!


Fri 12-15 -
Thu 12-21
Final Exam available online throughout the week.
You can only take it once.

* Quizzes due 30 min. before class

Lecture Slides

Policy · Schedule

Bitcoin and Blockchains · PDF · Keynote
1. Introduction to Cryptography and Data Security · PDF · Keynote
2. Stream Ciphers · PDF · Keynote
      Modular Arithmetic: Addition and Subtraction · PDF · Keynote
      XOR: Bits and Nybbles · PDF · Keynote
3. The Data Encryption Standard (DES) and Alternatives · PDF · Keynote
4. The Advanced Encryption Standard (AES) · PDF · Keynote
5. More About Block Ciphers · PDF · Keynote
6. Introduction to Public-Key Cryptography · PDF · Keynote
7. The RSA Cryptosystem · PDF · Keynote
8. Public-Key Cryptosystems Based on the Discrete Logarithm Problem · PDF · Keynote
9. Elliptic Curve Cryptosystems · PDF · Keynote
10. Digital Signatures · PDF · Keynote
11. Hash Functions · PDF · Keynote
12. Message Authentication Codes (MACs) · PDF · Keynote
13. Key Establishment · PDF · Keynote

Projects

How to install Python 2.7 on Windows

Proj 1: Caesar Cipher with CrypTool 2 (10 pts. + 20 pts. extra)
Proj 2: Monoalphabetic Substitution Cipher (10 pts. + 10 pts. extra)
Proj 3: Cracking AES (With Weak Keys) with CrypTool 2 (10 pts. + 10 pts. extra)
Proj 4: RSA with Very Small Keys (10 pts. + 20 pts. extra credit)
Proj 5: Cracking a Short RSA Key (10 pts. + 40 pts. extra credit))
Proj 6: Preparing an Ubuntu Server (10 pts.)
Proj 7: Bitcoin: Setting up a Private Regtest Blockchain (20 pts.) (updated 10-16-17)
Proj 8: ECB v. CBC Modes with Python (15 pts.) (rev. 10-16-17)
Proj 9: Getting Started with Multichain (20 pts.) (updated 10-16-17)
Proj 10: Making a Blockchain Survey with Multichain (20 pts.) (updated 10-16-17)
Proj 11: Making a Private Ethereum Blockchain (15 pts.) (updated 10-24-17)
Proj 12: RSA Key Formats (10 pts. + 30 pts. extra credit)
Proj 13: Exodus Wallet (10 pts.)
Proj 14: Padding Oracle Attack (15 pts. + 20 pts. extra credit)
Proj 15: Making an Ethereum Contract with Truffle (10 pts.)
Proj 16: Existential Forgery Attack on RSA Signatures (15 pts. + 30 pts. extra credit)
Proj 17: Interledger and Ripple (15 pts.)
Proj 18: Quantum Entanglement with IBM Q (15 pts. + 10 pts. extra credit)

Extra Credit

Binary Games (variable pts.)
Proj X1: Coinbase (10 pts. extra credit)
Proj X2: XOR Encryption in Python (Up to 40 pts. extra credit) (rev. 10-19-17)
Proj X3: Local Bitcoin Wallet (10 pts. extra credit)
Proj X4: Finding Large Primes (20 pts. extra credit)
Proj X5: Factoring Large Numbers (20 pts. extra credit)

Links

Bitcoin 1: The Crypto-Currency - The New Yorker (2011)
Bitcoin 2: Merkle tree - Wikipedia
Bitcoin 3: Genesis block
Bitcoin 4: Bitcoin Block #0 on Blockchain.info -- Click Transaction to see quote
Bitcoin 5: Coinbase, Coinbase Field - Bitcoin Glossary
Bitcoin 6: The Crypto-Currency - The New Yorker (2011)
Bitcoin 7: Cryptocurrency Prices
Bitcoin 8: Understanding Bitcoin Difficulty
Bitcoin 9: Difficulty - Bitcoin Wiki
Bitcoin 10: Mt Gox: The History of a Failed Bitcoin Exchange
Bitcoin 11: The Inside Story of Mt. Gox, Bitcoin's $460 Million Disaster
Bitcoin 12: Details of $5 Million Bitstamp Hack Revealed
Bitcoin 13: Bitcoin Exchange Gatecoin Hacked; 250 BTC & 185,000 ETH Lost (5-16-16)
Bitcoin 14: A history of bitcoin hacks
Bitcoin 15: Suspected multi-million dollar Bitcoin pyramid scheme shuts down, investors revolt (8-27-12)
Bitcoin 16: Bitcoin exchange BitFloor shuttered after virtual heist (9-4-12)
Bitcoin 17: Cryptsy Hacked: Bitcoin Worth $USD 6 Million Stolen (1-18-16)
Bitcoin 18: Hackers steal $1m from Bitcoin site (11-8-13)
Bitcoin 19: Danish Bitcoin exchange BIPS hacked and 1,295 Bitcoins worth $1 Million Stolen
Bitcoin 20: $4.1 Million missing as Chinese bitcoin trading platform GBL vanishes (11-11-13)
Bitcoin 21: List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses (11-16-14)
Bitcoin 22: Poloniex Loses 12.3% of its Bitcoins in Latest Bitcoin Exchange Hack (3-5-14)
Bitcoin 23: Secret Service Agent Gets Six-Year Sentence for Bitcoin Theft (12-17-15)
Bitcoin 24: Block Size Chart for Bitcoin and BitcoinCash
Bitcoin 25: Bitcoin Cash | Home
Bitcoin 26: Segwit2x and the Tale of Three Bitcoins (Aug. 7, 2017)

Blockchain 1: Microsoft launches Project Bletchley blockchain framework (June 17, 2016)
Blockchain 2: Understand the Blockchain in Two Minutes - YouTube
Blockchain 3: Ethereum Blockchain as a Service now on Azure (2015)
Blockchain 4: Sydney Stock Exchange Developing Blockchain Trading System (5-19-16)
Blockchain 5: Inside Linq, Nasdaq's Private Markets Blockchain Project (11-21-15)
Blockchain 6: Santander unveils first UK blockchain for international money transfers (5-26-16)
Blockchain 7: Acronis testing blockchain for backup (5-19-16)
Blockchain 8: Blockchain Experts, a Rare Breed, May Demand Big Bucks - WSJ (5-12-16)
Blockchain 9: A Visual Demo - YouTube
Blockchain 10: Demo - LIVE ONLINE

Introduction to Cryptography Videos by Christof Paar - YouTube
Cryptography Textbook Website
RSA is 100x slower than AES (figures 9-13)
RSA Public Key format - Stack Overflow
Cracking short RSA keys - Stack Overflow
Converting OpenSSH public keys
How can I transform between the two styles of public key format
Padding oracles and the decline of CBC-mode cipher suites
Prime Numbers Generator and Checker
PadBuster: Automated script for performing Padding Oracle attacks
RSA implementation in Python
Practical Padding Oracle Attacks on RSA
Android, JavaScript and Python compatible RSA Encryption
How to Install Python on Windows
MACTripleDES Class -- HMAC from Microsoft
Cryptool 2 Tutorial
Locky Gets Clever! Ransomware uses private-key and public-key encryption
How to Program Block Chain Explorers with Python, Part 1
How to Program Block Chain Explorers with Python, Part 2
Bitcoin mining the hard way: the algorithms, protocols, and bytes
Bitcoins the hard way: Using the raw Bitcoin protocol
Base58
Elliptic Curve Cryptography: a gentle introduction
Dogecoin Tutorial
Dogeminer - Dogecoin Mining Simulator
Dogecoin - Wikipedia
DogePay - DogeCoin Price
Ethereum - Wikipedia,
Ethereum Project
Ethereum Homestead 0.1 documentation
COINKING.io Mining Pool | Litecoin, Bitcoin, Multipool, Dogecoin, Scrypt, X11, SHA256, X13, X15, NeoScrypt, Scrypt-N
Inside Linq, Nasdaq's Private Markets Blockchain Project
Dangers of using BlockChain.info receive API - Unconfirmed inputs used for transaction fees (From 2014)
Receive Payments API - Blockchain.info
Bitcoin Transaction from Joe to Alice
Bitcoin Network Still Backlogged With Tens of Thousands of Unconfirmed Transactions, Causing Delays (from 2015)
Bitcoin's Capacity Issues No 'Nightmare', But Higher Fees May Be New Reality (Mar. 2016)
Bitcoin's 'New Normal' Is Slow and Frustrating (Feb., 2016)
Bitcoin block size live
How to completely kill Bitcoin at the 1 MB hard limit (Mar., 2016)
Weaknesses - Bitcoin Wiki
Block size limit controversy - Bitcoin Wiki
Creating your own experimental Bitcoin network
How to Create Your Own Cryptocurrency | CryptoJunction
Genesis block - Bitcoin Wiki
List of address prefixes - Bitcoin Wiki
RSA implementation in Python
Execute Python3 Online
ASN.1 Parser | phpseclib -- Converts RSA Keys to Decimal Form
Mastering Bitcoin: Free Online E-Book
bitcoin/bitcoin.conf at master · bitcoin/bitcoin · GitHub
Bitcoin Double Spends - Max. is About 4 Per Day
Top 5 Cryptocurrency Scams of 2014
Cryptocurrency Scams Exposed
Badbitcoin.org - A Site Listing Scams, Funded by Scamsite Ads
Four genuine blockchain use cases | MultiChain
Difficulty - Bitcoin Wiki
Understanding Bitcoin Difficulty
How to Install Python 2.7.10 on Ubuntu & LinuxMint
Beyond Blockchain: Simple Scalable Cryptocurrencies
DAO Trading Launched on May 28, 2016
Customizing blockchain parameters | MultiChain
Kunstmaan Labs - Hands on with Multichain
Multichain: A Build-Your-Own Blockchain Service for Banks
MultiChain Private Blockchain — White Paper
Simple Encrypted Arithmetic Library - SEAL - Homomorphic encryption
Blockchain Voting slides
CNSA Suite and Quantum Computing FAQ
DAO Attack Wouldn't Have Been Possible With Synereo's Smart Contracting Language (7-3-16)
The Blockchain Brain Drain: How The States Are Driving Blockchain Companies Abroad (6-28-16)
The DAO's Wild Ride: Where Does Blockchain Go From Here? (7-1-16)
A brief history of cryptocurrency drama, or, what could possibly DAO wrong? (7-2-16) -- HIGHLY RECOMMENDED
A Legal Analysis of the DAO Exploit and Possible Investor Rights (6-21-16)
How to setup a local test Ethereum Blockchain
A 101 Noob Intro to Programming Smart Contracts on Ethereum
Ethereum TESTNET Morden Block Chain Explorer
Create a Hello World Contract in ethereum
Breaking Into the KeyStore: A Practical Forgery Attack Against Android KeyStore (July, 2016)
Ethereum Accounts, Address and Contracts (Live)
Namecoin: A Trust Anchor for the Internet -- POSSIBLE PROKECT
Solidity by Example -- Voting
Contract Tutorial · ethereum/go-ethereum Wiki · GitHub
Ethereum hands-on tutorial
Setting up geth Ethereum node to run automatically on Ubuntu
How to get a Morden Test Wallet on Ethereum and write a simple Will contract
Ethereum DApp Essentials Part 1 -- Useful explanations of concepts
What is bitcoin and the blockchain?
Practical Applications of Blockchain Technology
How to make miner to mine only when there are Pending Transactions? - Ethereum
Getting started with Blockchain (Beta)
GitHub - kadena-io/juno: Smart Contracts Running on a BFT Hardened Raft -- IMPORTANT ALTERNATIVE TO BLOCKCHAINS
Ethereum is the Forefront of Digital Currency
Ethereum Enthusiasts Determine Their DAO After A Successful Hard Fork (7-21-16)
Cross-Chain Replay Attacks on Ethereum (7-17-16)
DAO hacked, Ethereum crashing in value (6-17-16)
Bitcoin Plunges After Hacking of Bitfinex Exchange in Hong Kong (Aug 3, 2016)
Bitcoin Mining Profit Calculator Game
CCDC 5: How to Win CCDC
Arizona Cyber Warfare Range -- Revolutionary advancement in cyber security happens here.
Why do we use XTS over CTR for disk encryption?
Disk encryption theory - Wikipedia
A Graduate Course in Applied Cryptography -- POSSIBLE ALTERNATIVE TEXTBOOK
AES Encryption in Python Using PyCrypto -- USE FOR PROJECTS
Attacks on RSA cryptosystem
NSA’s VPN exploitation process (portion of book)
Hosting a DNS domain on the blockchain -- Ethereum-based prototype (2017)
Why isn't Internet DNS based on blockchain? (from 2016)
LocalBitcoins.com: Fastest and easiest way to buy and sell bitcoins
Public Key Cryptography: Diffie-Hellman Key Exchange (short version) - YouTube
Length extension attack - Wikipedia
Everything you need to know about hash length extension attacks
A Primer on IOTA (with Presentation)
Generating Addresses: Learn the Basics - IOTA
Documentation - IOTA - Getting Started
Tutorial: Getting Started - Beginners - IOTA Forum
IOTA Support - Tutorial - Nostalgia Light Wallet
IOTA Node Tutorial
iotaledger/cli-app: CLI App that acts as a wallet
Node.js Introduction
'Hello World' in IOTA: Payments and Messaging Leaderboard
SSH Tunnel in 30 Seconds (Mac OSX & Linux)
IOTA - The Machine Economy - Reddit
IOTA cool tools
MD5 Length Extension Attack
A sample implementation of MD5 in pure Python
Introducing Ethereum Development - Part 1 - MetaMask and Web3
Getting Started as an Ethereum Web Developer
cryptography of archive formats zip, rar and 7zip
Full break on 1024-bit RSA keys (and ~1 in 8 2048 keys) in libgcrypt via L3 cache timing
Rindjael Flash Animation (SWF File)
Lifetimes of cryptographic hash functions

New Unsorted Links

Bitcoin 27: 3 Things to Know About Bitcoin Mining in China (June 13, 2017)
Bitcoin 28: Banks fear bitcoin's mining centralization in China
Custom RBIX Shellcode Encoder/Decoder -- INTERESTING PROJECT
Ch 3a: Why can I encrypt data with one DES key and successfully decrypt with another?
Ch 3b: A Tutorial on Linear and Differential Cryptanalysis
Brainwallet - JavaScript Client-Side Bitcoin Address Generator -- SHOW TO CLASS
NIST POST-QUANTUM CRYPTO STANDARDIZATION CFP Deadline Nov 30, 2017
Hash-based Signatures: An Outline for a New Standard (from 2015)
Google Tests New Crypto in Chrome to Fend Off Quantum Attacks (2016)
Introducing Azure confidential computing--ENCRYPTING DATA IN USE
Ch 4a: AES Rijndael Cipher - Visualization - YouTube
Ch 4b: PyCrypto API Documentation
Ch 5a: Block cipher mode of operation - Wikipedia
Ch 5b: Galois/Counter Mode - Wikipedia
Ch 5c: Shor's algorithm - Wikipedia
Ch 2g: What is the Difference Between Common Law and Civil Law?
Penetration Testing in Active Directory using Metasploit (Part 2)
Ch 6a: CSRC - NIST Computer Security Publications
SpiderLabs/CryptOMG: CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
Ch 5d: Bug #996193 "OFB chaining mode requires padding" : Bugs : Python-Crypto
Ch 5e: Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2) -- CCMP Mode Explained
2017-10-08: Algorithm for Linux $6$ password hashes
c - python crypt in OSX - Stack Overflow
Ch 7a: RSA numbers - Wikipedia
Ch 7b: Attacking RSA exponentiation with fault injection
Ch 7c: Fault-Based Attack of RSA Authentication
Hash Length Extension Attacks
CryptOMG Walkthrough - Challenge 1
CryptOMG Walkthough - Challenge 2
php - Can I blindly replace all mysql_ functions with mysqli_? - Stack Overflow
MariaDB - How to reset MySQL root user password
Automated Padding Oracle Attacks with PadBuster
Padding oracle attack explained
FeatherDuster is a tool for brushing away magical crypto fairy dust
The Padding Oracle Attack - why crypto is terrifying
The Cryptopals Crypto Challenges
Crypto.PublicKey.ElGamal.ElGamalobj
Ch 9a: A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography
Why RSA encryption padding is critical
Ch 8a: Chinese remainder theorem - Wikipedia
Generate Random Prime Numbers
rsatool can be used to calculate RSA and RSA-CRT parameters
Calculating RSA private keys from its public counterpart
IBM Blockchain 101: Quick-start guide for developers
Ch 9b: security - The length of the Bitcoin's private keys - Bitcoin Stack Exchange
Ch 9c: Keylength - ECRYPT II Report on Key Sizes (2012)
Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem
Install Node.js - Ubuntu 16
nodesource/distributions: NodeSource Node.js Binary Distributions
Cryptology ePrint Archive
How the Byzantine General Sacked the Castle: A Look Into Blockchain
Bitcoin.org - The Byzantine Generals' Problem
Ethereum Casper 101
Attack of the 50 Foot Blockchain: Bitcoin, Blockchain, Ethereum & Smart Contracts
Ethereum Contracts Are Going To Be Candy For Hackers (from 2016)
Attacks on RSA cryptosystem
Understanding Common Factor Attacks: An RSA-Cracking Puzzle
MTC3 — The Cipher Contest
trufflesuite/ganache-cli: Fast Ethereum RPC client for testing and development
Blockchain Demo - A visual demo of blockchain technology
The ultimate guide to audit a Smart Contract Most dangerous attacks in Solidity
How $800k Evaporated from the PoWH Coin Ponzi Scheme Overnight (Feb., 2018)
Hack This Contract - An Ethereum / Smart Contract Exploit Training Course
Comparison of the different TestNets - Ethereum Stack Exchange
Rinkeby is extremely slow at confirming transactions - Ethereum Stack Exchange
Ethernaut Coin Flip problem
Ethernaut
ERC20 - Ethereum Token Standard
How to stop mining empty blocks? - MultiChain Developer Q&A
MultiChain/multichain-web-demo: Simple web interface for MultiChain blockchains, written in PHP.
Crypto Identifier - Tool To Uncipher Data Using Multiple Algorithms And Block Chaining Modes
Quantum Algorithm Zoo
Post-quantum Key Exchange—A New Hope
PQCrypto Usage & Deployment
GCHQ on Quantum key distribution - NOT RECOMMENDED
PadBuster v0.3 and the .NET Padding Oracle Attack
NewHope: Quantum-robust Crypto for Key Generation using Ring Learning With Errors
Introduction to post-quantum cryptography and learning with errors
The Feynman Double Slit--QUANTUM MECHANICS EXPLAINED
How to write a quantum program in 10 lines of code (for beginners)
Crypton: Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems -- MORE PROJECTS
A Guide to Post-Quantum Cryptography
EC Council ECES. Cryptography Certification -- TechExams Community
How to generate MD5 and SHA-1 collisions of several types
From "Hello World" to "Hello Quantum" --VERY GOOD
Another New AES Attack - Schneier on Security (from 2009)
Serious Security: What 2000 years of cryptography can teach us
Beyond the doomsday economics of "proof-of-work" in cryptocurrencies -- EXCELLENT SUMMARY OF BITCOIN
Ch 2a: Utah Data Center - Wikipedia
Ch 2b: Fresh Tomcat takes loong time to start up
Ch 2c: Haveged - ArchWiki
Ch 2d: On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng (2007)
Ch 2e: How a Crypto 'Backdoor' Pitted the Tech World Against the NSA
Ch 2f: The Strange Story of Dual_EC_DRBG - Schneier on Security
Ch 2g: NIST formally chops NSA-tainted random number generator (2015)
Ch 2h: Documents Reveal N.S.A. Campaign Against Encryption (NY Times, 2013)
Ch 2i: Crypto shocker: four of every 1,000 public keys provide no security (2012)
MD5 considered harmful today (from 2008)
Why it's harder to forge a SHA-1 certificate than it is to find a SHA-1 collision
Potential Backdoor in Russian Cryptography Systems
Ch 3a: What we can learn from attacks on the WEP Protocol
Ch 3c: Cryptography | NIST
Ch 3d: Jan. 2019 Status of NIST Post-Quantum Cryptography Standards: 17 survivors, including NewHope
Ch 3e: SP 800-131A Rev. 2 (DRAFT) Transitioning the Use of Cryptographic Algorithms and Key Lengths (July, 2018)
Ch 3f: Keylength - NIST Report on Cryptographic Key Length and Cryptoperiod (2016)
Ch 3g: Should We Start Using 4096 bit RSA keys?
Ch 3h: Shonen Crypto #1 Cryptocurrency Manga
Ch 3i: Ethereum's Memory Hardness Explained, and the Road to Mining It with Custom Hardware
Ch 3j: NTLM Decrypter
Ch 3k: Another New AES Attack - Schneier on Security
Ch 3l: OAEP Reconsidered
Ch 3m: Breaking 512-bit RSA with Amazon EC2 is a cinch. So why all the weak keys?
Ch 4a: AES Rijndael Cipher explained as a Flash animation - YouTube
Ch 4b: Staples Insecure Encryption
Ch 4c: Ciphertext stealing - Wikipedia
Ch 4d: Block cipher mode of operation - Wikipedia
Ch 5a:: Microsoft Office Encryption 2003 and 2007
Ch 5b: The Misuse of RC4 in Microsoft Word and Excel; by hongjun wu
Ch 5c: How to break XOR cipher with repeating key?
Ch 5d: ASIC vs GPU vs CPU Cryptocurrency Mining Equipment
Ch 5e: A Stream Cipher Proposal: Grain-128 (2006)
Ch 5f: Fault Analysis of Grain-128 by Targeting NFSR
Ch 5g: Grain-128a: a new version of Grain-128 with optional authentication (2011)
Ch 5i: On cellular encryption -- A Few Thoughts on Cryptographic Engineering
Ch 5k: IETF takes rifle off wall, grabs RC4 cipher's collar, goes behind shed (2004)
Ch 5l: Microsoft kills RC4 crypto (2016)
Ch 5k: RC4 - Wikipedia
Ch 5l: RC4 NOMORE
Ch 5k: eSTREAM - Wikipedia
Ch 5l: Salsa20 - Wikipedia
Ch 5k: The Underhanded C Contest ďż˝ 2007
Ch 5l: Satellite Phone Encryption Calls Can be Cracked in Fractions of a Second (2017)
Ch 6a: BLAKE2: "Harder, Better, Faster, Stronger" Than MD5
Ch 6b: BLAKE2
Ch 6c: Finding Collisions in MD4
Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu (2019)
Ch 6d: Birthday problem - Wikipedia
Ch 6e: RC5 and cracking a 72-bit key- Wikipedia
Ch 6f: distributed.net - Wikipedia
Ch 6g: Is 80 bits of key size considered safe against brute force attacks? - Cryptography Stack Exchange
Ch 6h: Create your own MD5 collisions
Crypto_MD5_Collision.pdf
Ch 6j: How to Break MD5 and Other Hash Functions (Wang)
Ch 6k: Parallel hash collision search by Rho method with distinguished points - LISAT2018_Weber_Zhang.pdf
Ch 7a: What do the magic numbers 0x5c and 0x36 in the opad/ipad calc in HMAC do? - Cryptography Stack Exchange
NIST finally dumps NSA-tainted random number algorithm (2014)
Juniper Networks Hack via ECC (2017)
Arrow of time and its reversal on the IBM quantum computer--SHOW TO CLASS
Grover's algorithm - Quantum Crypto v. AES
Ch 9a: What's "P=NP?", and why is it such a famous question?
Ch 9b: Non-deterministic Turing machine - Wikipedia
Ch 9c: Nondeterministic algorithm - Wikipedia
Ch 9d: P versus NP problem - Wikipedia
Ch 9e: Finally, a Problem That Only Quantum Computers Will Ever Be Able to Solve
Ch 9f: NP-Complete - explain xkcd
Ch 9g: The Original RSA Paper from 1978
Ch 9h: Weak Diffie-Hellman and the Logjam Attack
Ch 9i: CECPQ1 - Wikipedia
Ch 9j: Lattice-based cryptography -- Episode IV - A new hope - newhope.pdf
Ch 10a: Optimal asymmetric encryption padding - Wikipedia
Ch 10b: How the EverCrypt Library Creates Hacker-Proof Cryptography
Different Types of Hash Codes-How to Find Which Hash types?
psypanda/hashID: Software to identify the different types of hashes
Ch 11a: Security/Server Side TLS - MozillaWiki
Ch 12a: Secure Remote Password protocol - Wikipedia
Ch 12b: Practical_Invalid_Curve_Attacks_on_TLS-ECDH
Ch 12c: JSON Libraries Patched Against Invalid Curve Crypto Attack
Ch 13a: What Happens in a TLS Handshake? | Cloudflare
Ch 13b : SecureString Class (System.Security) | Microsoft Docs
Ch 13c: Trustwave sold root certificate for surveillance
Ch 13d: Law Enforcement Appliance Subverts SSL
Ch 13e: Gogo Inflight Internet is intentionally issuing fake SSL certificate
Ch 13f: SSL broken! Hackers create rogue CA certificate using MD5 collisions
Ch 13g: HTTP Strict Transport Security - Wikipedia
Ch 13h: HTTP Public Key Pinning - Wikipedia
Ch 13i: Expect-CT - HTTP | MDN
Ch 13j: Secure your web application with these HTTP headers
Ch 14a: Digital Electronics/Logic Gates/Fundamental Digital Gates
Ch 14c: Digital electronics - Wikipedia
Ch 14e: Shor's algorithm -- Experience Documentation 2.0 documentation
Ch 14d: Grover's Algorithm: IBM Q Experience
Ch 14d: Grover's Algorithm -- Experience Documentation 2.0 documentation
Scientists Crack Longest Encryption Key Ever--795 bits (Dec 2019)
CyberChef--Many cryptographic tasks
Wikizero - Number Theoretic Algorithms (at bottom of page)
Seriously, stop using RSA | Trail of Bits Blog
CRYSTALS: Cryptographic Suite for Algebraic Lattices -- One of IBM's Quantum-Resistant Encryption Methods
IBM Quantum-safe cryptography: What it means for your data in the cloud
Pentesting Ethereum dApps. An Ethereum decentralized application
Minimum Viable Ethereum Mobile Wallet
How to Make a Cryptocurrency Using Litecoin v0.15 Source
Differential and Linear Cryptanalysis in Evaluating AES Candidate Algorithms (1998)
GitHub - eth-sri/securify2: Securify v2.0 - Scan Solidity Contracts for Vulnerabilities
National Security Agency | Frequently Asked Questions: Quantum Computing and Post-Quantum Cryptography
The limitation of the computational power of the universe
ID card security: Spain is facing chaos over chip crypto flaws (from 2017)
The Universe has the capacity to perform a maximum of 10^123 logic operations
Ch 9k: PQC Standardization Process: Third Round Candidate Announcement | NIST
Quantum Computers Won't Find Hash Collisions Faster than Classical Computers
A Survey of Security Vulnerabilities in Ethereum Smart Contracts
Exploring Bitcoin’s Lightning Network Podcast
History of Cryptographic Key Sizes
A curated list of blockchain security Capture the Flag (CTF) competitions
SP 800-131A Rev. 2, Transitioning the Use of Crypto Algorithms and Key Lengths | CSRC
Breaking 256-bit Elliptic Curve Encryption with a Quantum Computer - Schneier on Security
Bitcoin and quantum computing
Kyber and Post-Quantum Crypto - How does it work? -- RedRocket
Computer Scientist Explains Zero-Knowledge Proofs in 5 Levels of Difficulty
2023-11-21: Adventures in PQC: Exploring Kyber in Python - Part I - The Cryptography Caffè -- USE FOR PROJECT
Post-quantum cryptography - lattice-based cryptography
A (somewhat) gentle introduction to lattice-based post-quantum cryptography – Cybersecurity-Blog
Kyber - How does it work? | Approachable Cryptography
From Baby to Teenage Kyber | LinkedIn


Last Updated: 1-3-18 8:59 am