awesome-crypto-papers

A curated list of cryptography papers, articles, tutorials and howtos.

GitHub

2k stars
70 watching
139 forks
last commit: 20 days ago
Linked from 8 awesome lists

applied-cryptographyawesomeawesome-listawesome-listscryptographyhowto

Awesome Crypto Papers / The list / Introducing people to data security and cryptography

Nuts and Bolts of Encryption: A Primer for Policymakers
Keys under Doormats Or why cryptography shouldn't be backdoored, by a all-star committee of crypto researches from around the world
An Overview of Cryptography By Gary C. Kessler
Using Encryption for Authentication in Large Networks By Needham, Schroeder: this is were crypto-based auth starts
Communication Theory of Secrecy Systems Fundamental cryptography paper by Claude Shannon
Another Look at “Provable Security” Inquiries into formalism and naive intuition behind security proofs, by Neal Koblitz et al
The security impact of a new cryptographic library Introductory paper on NaCl, discussing important aspects of implementing cryptography and using it as a larger building block in security systems, by Daniel J. Bernstein, Tanja Lange, Peter Schwabe

Awesome Crypto Papers / The list / Specific topics

FIPS 198-1: HMACs The Keyed-Hash Message Authentication Code FIPS document
FIPS 202: SHA3 SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions
Birthday problem The best simple explanation of math behind
On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 Security analysis of different legacy HMAC schemes by Jongsung Kim et al
On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit Security of randomized CBC-MACs and a new construction that resists birthday paradox attacks and provably reaches full security, by E. Jaulmes et al
FIPS 197 AES FIPS document
List of proposed operation modes of AES Maintained by NIST
Recomendation for Block Cipher modes of operation: Methods and Techniques
Stick figure guide to AES If stuff above was a bit hard or you're looking for a good laugh
Cache timing attacks on AES Example of designing great practical attack on cipher implementation, by Daniel J. Bernstein
Cache Attacks and Countermeasures: the Case of AES Side channel attacks on AES, another view, by Dag Arne Osvik, Adi Shamir and Eran Tromer
Salsa20 family of stream ciphers Broad explanation of Salsa20 security cipher by Daniel J. Bernstein
New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba Analysis of Salsa20 family of ciphers, by Jean-Philippe Aumasson et al
ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) IETF Draft of ciphersuite family, by Adam Langley et al
AES submission document on Rijndael Original Rijndael proposal by Joan Daemen and Vincent Rijmen
Ongoing Research Areas in Symmetric Cryptography Overview of ongoing research in secret key crypto and hashes by ECRYPT Network of Excellence in Cryptology
The Galois/Counter Mode of Operation (GCM) Original paper introducing GCM, by by David A. McGrew and John Viega
The Security and Performance of the Galois/Counter Mode (GCM) of Operation Design, analysis and security of GCM, and, more specifically, AES GCM mode, by David A. McGrew and John Viega
GCM Security Bounds Reconsidered An analysis and algorithm for nonce generation for AES GCM with higher counter-collision probability, by Yuichi Niwa, Keisuke Ohashi, Kazuhiko Minematsu, Tetsu Iwata
Proxy-Mediated Searchable Encryption in SQL Databases Using Blind Indexes An overview of existing searchable encryption schemes, and analysis of scheme built on AES-GCM, blind index and bloom filter by Eugene Pilyankevich, Dmytro Kornieiev, Artem Storozhuk
DES is not a group Old but gold mathematical proof that the set of DES permutations (encryption and decryption for each DES key) is not closed under functional composition. That means that multiple DES encryption is not equivalent to single DES encryption and means that the size of the subgroup generated by the set of DES permutations is greater than 10^2499, which is too large for potential attacks on DES, which would exploit a small subgroup
Differential Cryptanalysis of Salsa20/8 A great example of stream cipher cryptanalysis, by Yukiyasu Tsunoo et al
Slide Attacks on a Class of Hash Functions Applying slide attacks (typical cryptanalysis technique for block ciphers) to hash functions, M. Gorski et al
Self-Study Course in Block Cipher Cryptanalysis Attempt to organize the existing literature of block-cipher cryptanalysis in a way that students can use to learn cryptanalytic techniques and ways to break new algorithms, by Bruce Schneier
Statistical Cryptanalysis of Block Ciphers By Pascal Junod
Cryptanalysis of block ciphers and protocols By Elad Pinhas Barkan
Too much crypto Analysis of number of rounds for symmetric cryptography primitives, and suggestions to do fewer rounds, by Jean-Philippe Aumasson
How to Break MD5 and Other Hash Functions A 2005 paper about modular differential collision attack on MD5, MD4 and other hash functions, by Xiaoyun Wang and Hongbo Yu
New attacks on Keccak-224 and Keccak-256 A 2012 paper about using the combination of differential and algebraic techniques for collision attacks on SHA-3, by Itai Dinur, Orr Dunkelman, Adi Shamir
A Single-Key Attack on the Full GOST Block Cipher An attack ("Reflection-Meet-inthe-Middle Attack") on GOST block cipher that allows to recover key with 2^225 computations and 2^32 known plaintexts, by Takanori Isobe
Intro to Linear & Differential Cryptanalysis A beginner-friendly paper explaining and demonstrating techniques for linear and differential cryptanalysis
MEGA: Malleable Encryption Goes Awry Proof-of-concept versions of attacks on MEGA data storage. Showcasing their practicality and exploitability.
New Directions in Cryptography Seminal paper by Diffie and Hellman, introducing public key cryptography and key exchange/agreement protocol
RFC 2631: Diffie-Hellman Key Agreement An explanation of the Diffie-Hellman methon in more engineering terms
A Method for Obtaining Digital Signatures and Public-Key Cryptosystems Original paper introducing RSA algorithm
RSA Algorithm Rather education explanation of every bit behind RSA
Secure Communications Over Insecure Channels Paper by R. Merkle, predated "New directions in cryptography" though it was published after it. The Diffie-Hellman key exchange is an implementation of such a Merkle system
On the Security of Public Key Protocols Dolev-Yao model is a formal model, used to prove properties of interactive cryptographic protocols
How to Share a Secret 8 over 4 years ago A safe method for sharing secrets
Twenty Years of Attacks on the RSA Cryptosystem Great inquiry into attacking RSA and it's internals, by Dan Boneh
Remote timing attacks are practical An example in attacking practical crypto implementationby D. Boneh, D. Brumley
The Equivalence Between the DHP and DLP for Elliptic Curves Used in Practical Applications, Revisited by K. Bentahar
SoK: Password-Authenticated Key Exchange – Theory, Practice, Standardization and Real-World Lessons History and classification of the PAKE algorithms
RSA, DH and DSA in the Wild Collection of implementation mistakes which lead to exploits of assymetric cryptography
Elliptic Curve cryptography: A gentle introduction
Explain me like I'm 5: How digital signatures actually work EdDSA explained with ease and elegance
Elliptic Curve Cryptography: finite fields and discrete logarithms
Detailed Elliptic Curve cryptography tutorial
Elliptic Curve Cryptography: ECDH and ECDSA
Elliptic Curve Cryptography: breaking security and a comparison with RSA
Elliptic Curve Cryptography: the serpentine course of a paradigm shift Historic inquiry into development of ECC and it's adoption
Let's construct an elliptic curve: Introducing Crackpot2065 Fine example of building up ECC from scratch
Explicit-Formulas Database For many elliptic curve representation forms
Curve25519: new Diffie-Hellman speed records Paper on Curve25519
Software implementation of the NIST elliptic curves over prime fields Pracitcal example of implementing elliptic curve crypto, by M. Brown et al
High-speed high-security signatures Seminal paper on EdDSA signatures on ed25519 curve by Daniel J. Bernstein et al
Recommendations for Discrete Logarithm-Based Cryptography: Elliptic Curve Domain Parameters (NIST SP 800-186) Official NIST guide how securely implement elliptic curves. It also includes math shortcuts, optimizations and possible security risk of wrong algorithm implementation
Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies Computing private keys by analyzing and exploiting biases in ECDSA nonces
Minerva: The curse of ECDSA nonces Exploiting timing/bit-length leaks for recovering private keys from ECDSA signatures
LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage Breaking 160-bit curve ECDSA using less than one bit leakage
Proofs of knowledge A pair of papers which investigate the notions of proof of knowledge and proof of computational ability, M. Bellare and O. Goldreich
How to construct zero-knowledge proof systems for NP Classic paper by Goldreich, Micali and Wigderson
Proofs that yield nothing but their validity and a Methodology of Cryptographic protocol design By Goldreich, Micali and Wigderson, a relative to the above
A Survey of Noninteractive Zero Knowledge Proof System and Its Applications
How to Prove a Theorem So No One Else Can Claim It By Manuel Blum
Information Theoretic Reductions among Disclosure Problems Brassau et al
Knowledge complexity of interactive proof systems 3 about 4 years ago By GoldWasser, Micali and Rackoff. Defining computational complexity of "knowledge" within zero knowledge proofs
A Survey of Zero-Knowledge Proofs with Applications to Cryptography Great intro on original ZKP protocols
Zero Knowledge Protocols and Small Systems A good intro into Zero knowledge protocols
Multi-Theorem Preprocessing NIZKs from Lattices Construction of non-interactive zero-knowledge (NIZK) proofs using lattice-based preprocessing models, by Sam Kim and David J. Wu
Recommendation for Key Management – Part 1: General Methodologically very relevant document on goals and procedures of key management
Selecting Cryptographic Key Sizes Classic paper from 1999 with guidelines for the determination of key sizes for symmetric cryptosystems, RSA, ECC, by Arjen K. Lenstra and Eric R. Verheul
PRIMES is in P Unconditional deterministic polynomial-time algorithm that determines whether an input number is prime or composite
Post-quantum cryptography - dealing with the fallout of physics success Brief observation of mathematical tasks that can be used to build cryptosystems secure against attacks by post-quantum computers
Post-quantum cryptography Introduction to post-quantum cryptography
Post-quantum RSA Daniel Bernshtein's insight how to save RSA in post-quantum period
MAYO: Practical Post-Quantum Signatures from Oil-and-Vinegar Maps The Oil and Vinegar signature scheme, proposed in 1997 by Patarin, is one of the oldest and best-understood multivariate quadratic signature schemes. It has excellent performance and signature sizes. This paper is about enhancing this algorithm in usage in the post-quantum era.

Awesome Crypto Papers / The list / Books

A Graduate Course in Applied Cryptography By Dan Boneh and Victor Shoup. A well-balanced introductory course into cryptography, a bit of cryptanalysis and cryptography-related security
Analysis and design of cryptographic hash functions, MAC algorithms and block ciphers Broad overview of design and cryptanalysis of various ciphers and hash functions, by Bart Van Rompay
CrypTool book Predominantly mathematically oriented information on learning, using and experimenting cryptographic procedures
Handbook of Applied Cryptography By Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Good classical introduction into cryptography and ciphers
The joy of Cryptography By Mike Rosulek. A lot of basic stuff covered really well. No ECC
A Computational Introduction to Number Theory and Algebra By Victor Shoup, excellent starters book on math universally used in cryptography

Awesome Crypto Papers / The list / Lectures and educational courses

Understanding cryptography: A textbook for Students and Practitioners Textbook, great lectures and problems to solve
Crypto101 Crypto 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels
A Course in Cryptography Lecture notes by Rafael Pass, Abhi Shelat
Lecture Notes on Cryptography Famous set of lectures on cryptography by Shafi Goldwasser (MIT), M. Bellare (University of California)
Introduction to Cryptography by Christof Paar Video course by Christof Paar (University of Bochum in Germany). In english
Cryptography I Stanford University course on Coursera, taught by prof. Dan Boneh. is still in development

Backlinks from these awesome lists: