_""^^"-.
            /  /   \  \
            |  |.-""-.|        ___ ___ _____ _____ ___ ___
           ////`.;;;;.`\      | _ \ __|_   _|_   _| __| _ \\
          |||; ::/  \:: ;     |   / _|  | |   | | | _||   /
          |||; ::\__/:: ;     |_|_\___| |_|   |_| |___|_|_\\
           \\\\ ';;;;' /      Cryptography & Security moves fast. Keep up!
            `==':-..-'`

                       http://maciejczyzewski.me/retter

                             By: M. A. Czyzewski
                             Date:    06/03/2017

            This code is explicitly placed into the public domain.
Tweet

[COURSES | LIBRARIES | TOOLS | ALGORITHMS | CONFERENCES | CRYPTOGRAPHERS | ORGANIZATIONS & GROUPS]

NOTE: If you see mistakes, expired links or would like to expand the list with your own bookmarks. Feel free to contribute to this project! If you want to know more about this project, please read the README. List below is still in the process of creation...

Courses

  1. 52 Things People Should Know To Do Cryptography

    Cryptography is a highly interdiscplinary area; calling on expertise in Pure Mathematics, Computer Science and Electronic Engineering. At Bristol we cover the full range of these topics and as such our students come with a variety of backgrounds and need to understand a diverse range of topics.

  2. A Graduate Course in Applied Cryptography

    This book is about exactly that; constructing practical cryptosystems for which we can argue security under plausible assumptions. The book covers many constructions for different tasks in cryptography.

  3. Advanced Topics in Cryptography

    The topics covered in this course include interactive proofs, zero-knowledge proofs, zero-knowledge proofs of knowledge, non-interactive zero-knowledge proofs, secure protocols, two-party secure computation, multiparty secure computation, and chosen-ciphertext security.

  4. Berkeley's Computer Security

    Good for beginners course on computer security basics.

  5. CRYPTO101 - Introductory Course

    Is an introductory course on cryptography, freely available for programmers of all ages and skill levels.

  6. Cryptographic Right Answers from Thomas Ptacek

    A short note on the topics of security and cryptography.

  7. Cryptography and Cryptanalysis

    This course features a rigorous introduction to modern cryptography, with an emphasis on the fundamental cryptographic primitives of public-key encryption, digital signatures, pseudo-random number generation, and basic protocols and their computational complexity requirements.

  8. Dan Boneh's Coursera Cryptography Course

    Cryptography is an indispensable tool for protecting information in computer systems. This course explains the inner workings of cryptographic primitives and how to correctly use them. Students will learn how to reason about the security of cryptographic constructions and how to apply this knowledge to real-world applications.

  9. Handbook of Applied Cryptography

    This site provides order information, updates, errata, supplementary information, chapter bibliographies, and other information for the Handbook of Applied Cryptography by Menezes, van Oorschot and Vanstone.

  10. Kali Linux - A guide to Ethical hacking

    Kali is a Debian-derived Linux distribution designed for digital forensics and penetration testing. This site should help to understand basics.

  11. Practical Aspects of Modern Cryptography

    Course include an extensive range of knowledge about modern cryptography.

  12. The Matasano Crypto Challenges

    This is a different way to learn about crypto than taking a class or reading a book. Course give you problems to solve. They're derived from weaknesses in real-world systems and modern cryptographic constructions.

  13. Theory and Practice of Cryptography Mini-Course

    This mini-course was taught in 2007 at Google. It is intended to be a brief survey for a general technical audience.

Libraries

  1. C
  2. C++
  3. C# / .NET
  4. PYTHON
  5. JAVASCRIPT
  6. CLOJURE
  7. ACTIONSCRIPT
  8. RUBY
  9. OBJECTIVE-C
  10. RUST
  11. HASKELL
  12. JAVA

Tools

  1. PENETRATION DISTRIBUTIONS & FRAMEWORKS
  2. NETWORK
  3. SSL ANALYSIS
  4. CRACKERS
  5. DOS & DDOS
  6. ANONIMITY
  7. REVERSE ENGINEERING
  8. FUZZING
  9. FORENSICS
  10. MALWARE & VULNERABILITY ANALYSIS
  11. OTHERS

Algorithms

The list below is a little outdated and confused. However, if you know some interesting algorithm, or you are the creator of it. You can add here a few information.

See comparison of cryptographic hash functions or list of the best for uniqueness and speed hashing algorithms.
  1. CHECKSUMS
  2. CYCLIC REDUNDANCY CHECKS
  3. HASH FUNCTIONS (MDCS)
  4. HASH FUNCTIONS (MACS)
  5. BLOCK CIPHERS
  6. STREAM CIPHERS
  7. PUBLIC-KEY CIPHERS
  8. PSEUDORANDOM GENERATORS
  9. PSEUDORANDOM FUNCTION FAMILY
NOTES

Below is a list of notes to algorithms including: description, implementations, cryptoanalysis and materials. It should be a summary of the most important information, with an emphasis on attacks and interesting bookmarks. (in catalogs should be placed useful scripts)

  1. Adler-32

    Compared to a cyclic redundancy check of the same length, it trades reliability for speed. Adler-32 is more reliable than Fletcher-16, and slightly less reliable than Fletcher-32.

    Jonathan Stone discovered in 2001 that Adler-32 has a weakness for very short messages. He wrote "Briefly, the problem is that, for very short packets, Adler-32 is guaranteed to give poor coverage of the available bits. Don't take my word for it, ask Mark Adler :-)"

    Authors: Mark Adler

    Published: 1995
    Structure: Rolling Sums
    Sizes: 32 Bits

    Materials:
    [Cyclic Redundancy Checks, Checksums]


  2. AES

    AES is based on the Rijndael cipher developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes.

    Until May 2009, the only successful published attacks against the full AES were side-channel attacks on some specific implementations.

    Authors: Joan Daemen, Vincent Rijmen

    Structure: Substitution-Permutation Network
    Published: 1998

    Materials:
    [Symmetric-Key Primitives, Block Ciphers]


  3. B.B.S.

    Blum Blum Shub is a pseudorandom number generator proposed in 1986 by Lenore Blum, Manuel Blum and Michael Shub that is derived from Michael O. Rabin's oblivious transfer mapping.

    There is a proof reducing its security to the computational difficulty of solving the Quadratic residuosity problem. A serious problem is very slow computing.

    Authors: Lenore Blum, Manuel Blum, Michael Shub

    Published: 1986
    Structure: Transfer Mapping
    Sizes: Arbitrary

    Materials:
    [Symmetric-Key Primitives, Stream Ciphers, Pseudorandom Generators]


  4. BLAKE

    It is based on Dan Bernstein's ChaCha stream cipher, but a permuted copy of the input block, XORed with some round constants, is added before each ChaCha round.

    Authors: Jean-Philippe Aumasson, Luca Henzen, Willi Meier, Raphael C.-W. Phan

    Series: Blake, Blake2
    Published: 2008
    Rounds: 14 Or 16
    Structure: Haifa Structure
    Sizes: 224, 256, 384 Or 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  5. BSD

    The BSD checksum algorithm is a commonly used, legacy checksum algorithm. It has been implemented in BSD and is also available through the GNU sum command line utility.

    Structure: Crc
    Sizes: 16 Bits

    Materials:
    [Cyclic Redundancy Checks]


  6. CityHash

    CityHash provides hash functions for strings.

    It has been superseded by FarmHash. Further updates to CityHash are fairly unlikely.

    Authors: Geoff Pike and Jyrki Alakuijala

    Published: 2010
    Structure: Product/Rotation
    Sizes: 64, 128, Or 256 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  7. CRC

    A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.

    Authors: W. Wesley Peterson

    Series: Crc-(Number)
    Published: 1961
    Structure: Cyclic Codes
    Sizes: 8, 16, 32, 64 Bits

    Materials:
    [Cyclic Redundancy Checks]


  8. Damm Algorithm

    In error detection, the Damm algorithm is a check digit algorithm that detects all single-digit errors and all adjacent transposition errors.

    Authors: H. Michael Damm

    Published: 2004
    Structure: Quasigroup Operation
    Sizes: 1 Decimal Digit

    Materials:
    [Checksums]


  9. ECOH

    The elliptic curve only hash (ECOH) algorithm was submitted as a candidate for SHA-3 in the NIST hash function competition.

    However, it was rejected in the beginning of the competition since a second pre-image attack was found.

    Authors: Daniel R. L. Brown, Matt Campagna, Rene Struik

    Published: 2008
    Structure: Hash
    Sizes: 224, 256, 384 Or 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  10. Fletcher

    The Fletcher checksum is an algorithm for computing a position-dependent checksum. The objective of the Fletcher checksum was to provide error-detection properties approaching those of a cyclic redundancy check but with the lower computational effort associated with summation techniques.

    The Fletcher checksum cannot distinguish between blocks of all 0 bits and blocks of all 1 bits. For example, if a 16-bit block in the data word changes from 0x0000 to 0xFFFF, the Fletcher-32 checksum remains the same. This also means a sequence of all 00 bytes has the same checksum as a sequence (of the same size) of all FF bytes.

    Authors: John Gould Fletcher

    Published: 1970
    Structure: Sum
    Sizes: 4, 8, 16, 32 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Checksums, Cyclic Redundancy Checks]


  11. Fowler–Noll–Vo Hash Function

    The basis of the FNV hash algorithm was taken from an idea sent as reviewer comments to the IEEE POSIX P1003.2 committee by Glenn Fowler and Phong Vo in 1991. In a subsequent ballot round, Landon Curt Noll improved on their algorithm.

    Authors: Glenn Fowler, Landon Curt Noll, Phong Vo

    Published: 1991
    Structure: Xor/Product Or Product/Xor
    Sizes: 32, 64, 128, 256, 512, Or 1024 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  12. FSB

    In cryptography, the Fast Syndrome-based hash Functions (FSB) are a family of cryptographic hash functions introduced in 2003 by Daniel Augot, Matthieu Finiasz, and Nicolas Sendrier.

    Authors: Daniel Augot, Matthieu Finiasz, Nicolas Sendrier

    Published: 2003
    Structure: Hash
    Sizes: 160 To 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  13. GOST

    The GOST hash function, defined in the standards GOST R 34.11-94 and GOST 34.311-95, is a 256-bit cryptographic hash function. It was initially defined in the Russian national standard GOST R 34.11-94 Information Technology - Cryptographic Information Security - Hash Function. The equivalent standard used by other member-states of the CIS is GOST 34.311-95.

    In 2008, an attack was published that breaks the full-round GOST hash function. The paper presents a collision attack in 2^105 time, and first and second preimage attacks in 2^192 time (2^n time refers to the approximate number of times the algorithm was calculated in the attack).

    Authors: FAPSI

    Published: 1994
    Rounds: 32
    Structure: Hash
    Sizes: 256 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  14. Grøstl

    Grøstl is a cryptographic hash function submitted to the NIST hash function competition by Praveen Gauravaram, Lars Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, and Søren S. Thomsen. Grøstl was chosen as one of the five finalists of the competition. It uses the same S-box as AES in a custom construction. The authors claim speeds of up to 21.4 cycles per byte on an Intel Core 2 Duo.

    Authors: Praveen Gauravaram, Lars Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, and Søren S. Thomsen

    Published: 2008
    Rounds: 10 And 14
    Structure: Hash
    Sizes: 256 And 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  15. HAS-160

    HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.

    Authors: Korean

    Published: 2002
    Rounds: 80
    Structure: Hash
    Sizes: 160 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  16. HAVAL

    HAVAL is a cryptographic hash function. Unlike MD5, but like most modern cryptographic hash functions, HAVAL can produce hashes of different lengths. HAVAL can produce hashes in lengths of 128 bits, 160 bits, 192 bits, 224 bits, and 256 bits. HAVAL also allows users to specify the number of rounds (3, 4, or 5) to be used to generate the hash.

    Research has uncovered weaknesses which make further use of HAVAL (at least the variant with 128 bits and 3 passes with 2^6 operations) questionable. On 17 August 2004, collisions for HAVAL (128 bits, 3 passes) were announced by Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu.

    Authors: Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry

    Published: 1992
    Rounds: 4
    Structure: Hash
    Sizes: 128 To 256 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  17. ISAAC

    ISAAC is a cryptographically secure pseudorandom number generator and a stream cipher. The algorithm has similarities with RC4.

    Marina Pudovkina attack (2001) can recover the initial state with a complexity that is approximated to be less than the time needed for searching through the square root of all possible initial states.

    Authors: Robert J. Jenkins Jr.

    Published: 1996
    Structure: Indirection, Shift, Accumulate, Add, And Count
    Sizes: Arbitrary

    Materials:
    [Symmetric-Key Primitives, Stream Ciphers, Pseudorandom Generators]


  18. Jenkins Hash Function

    The Jenkins hash functions are a collection of (non-cryptographic) hash functions for multi-byte. They can be used also as checksums to detect accidental data corruption or detect identical records in a database.

    Authors: Bob Jenkins

    Published: 1997
    Structure: Xor/Addition
    Sizes: 32 Or 64 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Checksums]


  19. JH

    JH is a cryptographic hash function submitted to the NIST hash function competition by Hongjun Wu. JH has a 1024-bit state, and works on 512-bit input blocks.

    Authors: Hongjun Wu

    Published: October 2008
    Structure: Hash
    Sizes: 224, 256, 384, 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  20. Luhn Algorithm

    The Luhn algorithm or Luhn formula, also known as the "modulus 10" or "mod 10" algorithm, is a simple checksum formula used to validate a variety of identification numbers, such as credit card numbers, IMEI numbers, National Provider Identifier numbers in US and Canadian Social Insurance Numbers.

    Authors: Hans Peter Luhn

    Published: 1954
    Structure: Sum
    Sizes: 4 Bits

    Materials:
    [Checksums]


  21. MD2

    The MD2 Message-Digest Algorithm is a cryptographic hash function. The algorithm is optimized for 8-bit computers. Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA.

    Rogier and Chauvaud (1997) described collisions of MD2's compression function, although they were unable to extend the attack to the full MD2. In 2009, security updates were issued disabling MD2 in OpenSSL, GnuTLS, and Network Security Services.

    Authors: Ronald Rivest

    Series: Md2, Md4, Md5, Md6
    Published: August 1989
    Rounds: 18
    Structure: Hash
    Sizes: 128 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  22. MD4

    The MD4 Message-Digest Algorithm is a cryptographic hash function. The digest length is 128 bits. The algorithm has influenced later designs, such as the MD5, SHA-1 and RIPEMD algorithms.

    The security of MD4 has been severely compromised. The first full collision attack against MD4 was published in 1995 and several newer attacks have been published since then. As of 2007, an attack can generate collisions in less than 2 hash operations. A theoretical preimage attack also exists.

    Authors: Ronald Rivest

    Series: Md2, Md4, Md5, Md6
    Published: October 1990
    Rounds: 3
    Structure: Merkle–Damgård Construction
    Sizes: 128 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  23. MD5

    The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32 digit hexadecimal number. MD5 has been utilized in a wide variety of cryptographic applications, and is also commonly used to verify data integrity.

    A 2013 attack by Xie Tao, Fanbao Liu, and Dengguo Feng breaks MD5 collision resistance in 2^18 time. This attack runs in less than a second on a regular computer.

    Authors: Ronald Rivest

    Series: Md2, Md4, Md5, Md6
    Published: April 1992
    Rounds: 4
    Structure: Merkle–Damgård Construction
    Sizes: 128 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  24. MD6

    The MD6 Message-Digest Algorithm is a cryptographic hash function. It uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 cycles per byte for MD6-256 on an Intel Core 2 Duo and provable resistance against differential cryptanalysis.

    Authors: Ronald Rivest, Benjamin Agre, Dan Bailey, Sarah Cheng, Christopher Crutchfield, Yevgeniy Dodis, Kermin Fleming, Asif Khan, Jayant Krishnamurthy, Yuncheng Lin, Leo Reyzin, Emily Shen, Jim Sukha, Eran Tromer, Yiqun Lisa Yin

    Series: Md2, Md4, Md5, Md6
    Published: 2008
    Structure: Merkle Tree
    Sizes: 128 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)]


  25. Mersenne Twister

    The Mersenne Twister is a pseudorandom number generator (PRNG). Its name derives from the fact that its period length is chosen to be a Mersenne prime.

    Authors: Makoto Matsumoto, Takuji Nishimura

    Published: 1997
    Period: (2^19937)-1
    Structure: Mersenne Primes
    Sizes: 64 Bits

    Materials:
    [Pseudorandom Generators]


  26. MurmurHash

    MurmurHash is a non-cryptographic hash function suitable for general hash-based lookup.

    Authors: Austin Appleby

    Published: 2008
    Structure: Product/Rotation
    Sizes: 32, 64, Or 128 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Random Sequences]


  27. Pearson Hashing

    Pearson hashing is a hash function designed for fast execution on processors with 8-bit registers.

    Authors: Peter K. Pearson

    Published: 1990
    Structure: Xor/Table
    Sizes: 8 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  28. RadioGatún

    RadioGatún is a cryptographic hash primitive created by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. It was first publicly presented at the NIST Second Cryptographic Hash Workshop, held in Santa Barbara, California, on August 24–25, 2006, as part of the NIST hash function competition.

    The most effective attack against the algorithm with a complexity of 2^11 is given in the paper "Cryptanalysis of RadioGatun" by Thomas Fuhr and Thomas Peyrin. While more effective than the other attacks this attack still does not break the security claim.

    Authors: Guido Bertoni, Joan Daemen, Michaël Peeters, Gilles Van Assche

    Published: 2006
    Structure: Hash
    Sizes: Up To 1216 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  29. RC4

    In cryptography, RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher.

    RC4 does not take a separate nonce alongside the key. This means that if a single long-term key is to be used to securely encrypt multiple streams, the protocol must specify how to combine the nonce and the long-term key to generate the stream key for RC4.

    Authors: Ron Rivest

    Published: 1987

    Materials:
    [Symmetric-Key Primitives, Stream Ciphers]


  30. RIPEMD

    RIPEMD (RACE Integrity Primitives Evaluation Message Digest) is a family of cryptographic hash functions developed in Leuven, Belgium, by Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven, and first published in 1996. RIPEMD was based upon the design principles used in MD4, and is similar in performance to the more popular SHA-1.

    Authors: Hans Dobbertin, Antoon Bosselaers and Bart Preneel

    Published: 1996
    Structure: Hash
    Sizes: 128, 160, 256, 320 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  31. RSA

    RSA is one of the first practical public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and differs from the decryption key which is kept secret.

    Authors: Ron Rivest, Adi Shamir, Leonard Adleman

    Structure: Factoring Problem
    Published: 1977

    Materials:
    [Public-Key Primitives, Public-Key Ciphers]


  32. SHA-1

    In cryptography, SHA-1 is a cryptographic hash function designed by the United States National Security Agency and is a U.S. Federal Information Processing Standard published by the United States NIST.

    As of 2012, the most efficient attack against SHA-1 is considered to be the one by Marc Stevens with an estimated cost of $2.77M to break a single hash value by renting CPU power from cloud servers. Stevens developed this attack in a project called HashClash, implementing a differential path attack. On 8 November 2010, he claimed he had a fully working near-collision attack against full SHA-1 working with an estimated complexity equivalent to 2^57.5 SHA-1 compressions. He estimates this attack can be extended to a full collision with a complexity around 2^61.

    Authors: National Security Agency

    Series: Sha-1, Sha-2, Sha-3
    Published: 1995
    Rounds: 80
    Structure: Merkle–Damgård Construction
    Sizes: 160 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)]


  33. SHA-2

    SHA-2 is a set of cryptographic hash functions designed by the NSA (U.S. National Security Agency). SHA stands for Secure Hash Algorithm.

    Currently, the best public attacks break preimage resistance 52 rounds of SHA-256 or 57 rounds of SHA-512, and collision resistance for 46 rounds of SHA-256.

    Authors: National Security Agency

    Series: Sha-1, Sha-2, Sha-3
    Published: 2001
    Rounds: 64 Or 80
    Structure: Merkle–Damgård Construction
    Sizes: 224, 256, 384, Or 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)]


  34. SHA-3

    SHA-3, a subset of the cryptographic primitive family Keccak. SHA-3 uses the sponge construction, in which message blocks are XORed into a subset of the state, which is then transformed as a whole. In the version used in SHA-3, the state consists of a 5×5 array of 64-bit words, 1600 bits total.

    Authors: Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche

    Series: Sha-1, Sha-2, Sha-3
    Published: 2012
    Structure: Sponge Construction
    Sizes: Arbitrary

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)]


  35. SipHash

    SipHash is an Add-Rotate-Xor (ARX) based family of pseudorandom functions created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.

    Authors: Jean-Philippe Aumasson, Daniel J. Bernstein

    Published: 2012
    Structure: Non-Collision-Resistant Prf
    Sizes: 64 Bits

    Materials:
    [Symmetric-Key Primitives, Hash Functions (MACs), Pseudorandom Sequences, Pseudorandom Function Family, Pseudorandom Generators]


  36. Skein

    Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak.

    In October 2010, an attack that combines rotational cryptanalysis with the rebound attack was published. The attack finds rotational collisions for 53 of 72 rounds in Threefish-256, and 57 of 72 rounds in Threefish-512. It also affects the Skein hash function. This is a follow-up to the earlier attack published in February, which breaks 39 and 42 rounds respectively.

    Authors: Bruce Schneier, Niels Ferguson

    Published: 2010
    Structure: Unique Block Iteration
    Sizes: Arbitrary

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  37. Snefru

    Snefru is a cryptographic hash function which supports 128-bit and 256-bit output. It was named after the Egyptian Pharaoh Sneferu, continuing the tradition of the Khufu and Khafre block ciphers.

    Authors: Ralph Merkle

    Published: 1990
    Structure: Hash
    Sizes: 128 Or 256 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  38. Spectral Hash

    Spectral hash is a new family of hash functions using the discrete Fourier transform and a nonlinear transformation constructed via data dependent permutations. DFT is a well-known cryptographic primitive perfect for generating diffusion and confusion.

    Authors: Gokay Saldamlı, Cevahir Demirkıran, Megan Maguire, Carl Minden, Jacob Topper, Alex Troesch, Cody Walker, Çetin Kaya Koç

    Published: 2009
    Structure: Wide Pipe Merkle-Damgård Construction
    Sizes: 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  39. SWIFFT

    In cryptography, SWIFFT is a collection of provably secure hash functions. It is based on the concept of the Fast Fourier Transform (FFT). SWIFFT is not the first hash function based on FFT, but it sets itself apart by providing a mathematical proof of its security. It also uses the LLL basis reduction algorithm.

    Known working attacks are: Generalized Birthday Attack, which takes 2^106 operations and inversion attacks which takes 2^448 operations for a standard parameter choice. This is usually considered to be enough to render an attack by an adversary infeasible.

    Authors: Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, Alon Rosen

    Published: 2008
    Structure: Hash
    Sizes: 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  40. SYSV

    The SYSV checksum algorithm is commonly used, legacy checksum algorithms. It has been implemented in UNIX System V and is also available through the GNU sum command line utility.

    Re-arranging the same bytes in another order does not change the checksum. Increasing one byte and decreasing another byte by the same amount does not change the checksum. Adding or removing zero bytes does not change the checksum.

    Structure: Crc
    Sizes: 16 Bits

    [Unkeyed Primitives, Hash Functions (MDCs), Cyclic Redundancy Checks]


  41. Tiger

    In cryptography, Tiger is a cryptographic hash function designed by Ross Anderson and Eli Biham in 1995 for efficiency on 64-bit platforms. The size of a Tiger hash value is 192 bits. Truncated versions (known as Tiger/128 and Tiger/160) can be used for compatibility with protocols assuming a particular hash size. Unlike the SHA-2 family, no distinguishing initialization values are defined; they are simply prefixes of the full Tiger/192 hash value.

    John Kelsey and Stefan Lucks have found a collision-finding attack on 16-round Tiger with a time complexity equivalent to about 2^44 compression function invocations and another attack that finds pseudo-near collisions in 20-round Tiger with work less than that of 2^48 compression function invocations. Florian Mendel et al. have improved upon these attacks by describing a collision attack spanning 19 rounds of Tiger, and a 22-round pseudo-near-collision attack. These attacks require a work effort equivalent to about 2^62 and 2^44 evaluations of the Tiger compression function, respectively.

    Authors: Ross Anderson and Eli Biham

    Published: 1996
    Rounds: 24
    Structure: Merkle-Damgård Construction
    Sizes: 192 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  42. Verhoeff Algorithm

    It was the first decimal check digit algorithm which detects all single-digit errors, and all transposition errors involving two adjacent digits, which was at the time thought impossible with such a code.

    Authors: Jacobus Verhoeff

    Published: 1969
    Structure: Sum
    Sizes: 4 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Checksums]


  43. Whirlpool

    In computer science and cryptography, Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function. It was designed by Vincent Rijmen (co-creator of the Advanced Encryption Standard) and Paulo S. L. M. Barreto, who first described it in 2000.

    Authors: Vincent Rijmen, Paulo S. L. M. Barreto

    Published: 2000
    Rounds: 10
    Structure: Miyaguchi-Preneel
    Sizes: 512 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs)]


  44. Wichmann-Hill

    Wichmann-Hill is a pseudorandom number generator. In its core, numbers are generated by taking the fractional part of a sum of rectangularly distributed numbers from imperfect algorithms.

    Authors: Brian Wichmann, David Hill

    Structure: Fractional
    Published: 1982

    Materials:
    [Pseudorandom Generators]


  45. Xorshift

    Xorshift random number generators are a class of pseudorandom number generators that was discovered by George Marsaglia.

    They are a subclass of linear feedback shift registers, but their simple implementation typically makes them faster and use less space.

    Authors: George Marsaglia

    Published: July 2003
    Structure: Xor/Shift
    Sizes: 16, 32, 64, 128 Bits

    Materials:
    [Pseudorandom Generators]


  46. xxHash

    xxHash is an Extremely fast Hash algorithm, running at RAM speed limits.

    Authors: Yann Collet

    Published: 2012
    Sizes: 32, 64 Bits

    Materials:
    [Unkeyed Primitives, Hash Functions (MDCs), Random Sequences]


  47. Zobrist Hashing

    Zobrist hashing is a hash function construction used in computer programs that play abstract board games, such as chess and Go, to implement transposition tables, a special kind of hash table that is indexed by a board position and used to avoid analyzing the same position more than once.

    Authors: Albert Lindsey Zobrist

    Published: 1969
    Structure: Xor
    Sizes: Variable

    Materials:
    [Symmetric-Key Primitives, Signatures, Identification Primitives]


Conferences

Mihir Bellare conducts calendar, which is often updated, also worth a look at IEEE Cipher's.

See current list of call for papers.

[security | crypto | hack]

MAJOR MEETING WORKSHOP

Cryptographers

  1. Adam Back
  2. Adam Shostack
  3. Adi Shamir
  4. Alan Theodore Sherman
  5. Andy Klapper
  6. Ankur Tyagi
  7. Anne Canteaut
  8. Anton Stiglic
  9. Antoon Bosselaers
  10. Arnoud Engelfriet
  11. Avrim Blum
  12. Bart Preneel
  13. Bennet Yee
  14. Bob Jenkins
  15. Brian LaMacchia
  16. Bruce Schneier
  17. Carl Ellison
  18. Christian Cachin
  19. Claude Crepeau
  20. Clifford Neuman
  21. Cunsheng Ding
  22. D. J. Bernstein
  23. Damien Doligez
  24. Dan Boneh
  25. Daniele Micciancio
  26. David A. McGrew
  27. David Chaum
  28. David Wagner
  29. Derek Atkins
  30. Don Davis
  31. Doug Stinson
  32. Doug Tygar
  33. Egor Homakov
  34. Eli Biham
  35. Eyal Kushilevitz
  36. Frank Stajano
  37. George Davida
  38. Gilles Brassard
  39. Giuseppe Persiano
  40. Gordon B. Agnew
  41. Helger Lipmaa
  42. Hendrik W. Lenstra
  43. James Donald
  44. Joan Boyar
  45. Joan Feigenbaum
  46. Johan Hastad
  47. Joseph H. Silverman
  48. Kevin McCurley
  49. Lars R. Knudsen
  50. Laurent Demailly
  51. Leonard Adleman
  52. Liran Lerman
  53. Maciej A. Czyzewski
  54. Markus Jakobsson
  55. Markus Kuhn
  56. Matt Blaze
  57. Matt Franklin
  58. Mihir Bellare
  59. Mike Just
  60. Mike Luby
  61. Moni Naor
  62. Moti Yung
  63. Oded Goldreich
  64. Paul Kocher
  65. Peter Gutmann
  66. Peter Neumann
  67. Phil Karn
  68. Phillip Rogaway
  69. Piete Brooks
  70. Rafail Ostrovsky
  71. Ralph C. Merkle
  72. Ran Canetti
  73. Robert J. McEliece
  74. Roger Clarke
  75. Ronald L. Rivest
  76. Ross Anderson
  77. Russell Impagliazzo
  78. Sean Murphy
  79. Shafi Goldwasser
  80. Shai Halevi
  81. Simon R. Blackburn
  82. Stanislaw Jarecki
  83. Stephen A. Weis
  84. Tanja Lange
  85. Tom Berson
  86. Trevor Jim
  87. Ueli Maurer
  88. Victor Shoup
  89. Vince Cate
  90. Wei Dai
  91. Yiannis Tsiounis
  92. Yvo G. Desmedt

Organizations & Groups

#crypto & #security