shopify visitor statistics

forumsUseful Forums
orangeball Security and Cryptography Forum: Sponsered by DevShed. Discusses issues related to coding, server applications, network protection, data protection, firewalls, ciphers and the like.
orangeball Cryptography Forum: On Topix. Fairly good focus on technical issues.
orangeball Security Forums: On WindowsSecurity.com. Broad range of forums, including cryptographic theory, cryptographic software, firewalls, and malware.
orangeball Crypto Forum Research Group: A general forum for discussing and reviewing uses of cryptographic mechanisms, both for network security in general and for the IETF in particular.new3

KeyCryptography Software
orangeball Bouncy Castle Crypto Package: Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment. The package is distributed at no charge for commercial or non-commercial use.
orangeball Cryptography Code: Another useful collection of software.
orangeball Crypto++ Library: A free C++ class library of cryptographic schemes.
orangeball Botan: Another free C++ class library of cryptographic schemes.

www_iconUseful Web Sites
orangeball Computer Science Student Resource Site: Help and advice for the long-suffering, overworked student.
orangeball Errata sheet: Latest list of errors, updated at most monthly. File name is Errata-Crypto5e-mmyy. If you spot any errors, please contact me at Email.
orangeball Introduction to Cryptography: Provides a Web-based introduction to cryptography for non-CS majors. Although elementary, it provides a useful feel for some key concepts. Originally appeared in the on-line Journal on Educational Resources in Computing, September 2002.
orangeball Cryptography Demos: Animation of a number of cryptographic algorithms.
orangeball Security Cartoon: A cartoon-based approach aimed at improving the understanding of security risk among typical Internet users.

Chapter 1 - Overview

orangeball IETF Security Area: Provides up-to-date information on Internet security standardization efforts
orangeball Internet Cryptography Provides references to the use of cryptography on the Internet, in the form of links to IETF RFCs or Internet Drafts.
orangeball Crypto Forum Research Group An Internet Research Task Force (IRTF) Research Group for the discussion and review of cryptographic mechanisms for network security in general and for the IETF in particular..
orangeball Tom Dunigan's Security Page: An excellent list of pointers to cryptography and network security web sites.
orangeball Peter Gutmann's Home Page: Good collection of cryptography stuff.
orangeball Helger Lipmaa's Cryptology Pointers: Another excellent list of pointers to cryptography and network security web sites.
orangeball Cryptology ePrint Archive: Provides rapid access to recent research in cryptology; consists of a collection of unrefereed papers.
orangeball IEEE Technical Committee on Security and Privacy: Home of the electronic newsletter Cipher, which provides book reviews, new crypto and security links, and links to reports and papers available online.
orangeball Computer Security Resource Center: Maintained by NIST; contains a broad range of information on security threats, technology, and standards.
orangeball European Network and Information Security Agency A source of expertise on security issues for the EU. Includes an excellent set of technical reports, plus numerous other documents and links.
orangeball United States Computer Emergency Readiness Team: US-CERT is a partnership between the Department of Homeland Security and the public and private sectors, intended to coordinate the response to security threats from the Internet. The site has a good collection of technical papers, and information and alerts on current security issues, vulnerabilities and exploits.new3
orangeball Computer and Network Security Reference Index: A good index to vendor and commercial products, FAQs, newsgroup archives, papers, and other Web sites.
orangeball Security Focus: A wide variety of security information, with an emphasis on vendor products and end-user concerns. Maintains the Bugtraq, a mailing list for the detailed discussion and announcement of computer security vulnerabilities.
orangeball SANS Institute: Similar to Security Focus. Extensive collection of white papers. Maintains Internet Storm Center, which provides a warning service to Internet users and organizations concerning security threats.
orangeball CrypTool A freeware program which enables you to apply and analyze cryptographic mechanisms.
orangeball Risks Digest: Forum on risks to the public in computers and related systems.
orangeball Institute for Security and Open Methodologies: An open, collaborative security research community. Lots of interesting information.
orangeball Center for Internet Security: Provides freeware benchmark and scoring tools for evaluating security of operating systems, network devices, and applications. Includes case studies and technical papers.
orangeball Freefire Project: Provides freeware benchmark and scoring tools for evaluating security of operating systems, network devices, and applications. Includes case studies and technical papers.
orangeball Crypto Resources A good collection of pointers. Especially useful is a list of open source crypto software libraries.
orangeball NSA Suite B Cryptography Description of the cryptographic standards approved for for the Secure Sharing of Information Among National Security Systems.new3

Chapter 2 - Classical Encryption Techniques

orangeball American Cryptogram Association: An association of amateur cryptographers. The Web site includes information and links to sites concerned with classical cryptography.
orangeball Crypto Corner: Simon Singh's Website. Lots of good information, plus interactive tools for learning about cryptography.
orangeball Historical Cryptography Web site Maintained by Trinity College. Lots of fascinating information.new3
orangeball Solitaire Encryption Algorithm: Developed by Bruce Schneier. This is perhaps the most secure encryption algorithm that can be implemented without a computer.
orangeball Lanaki Classical Cryptography Course: A free online course in 24 lessons.
orangeball Steganography: Good collection of links and documents.


Chapter 4 - Finite Fields

orangeball PascGalois Project: Contains a clever set of examples and projects to aid in giving students a visual understanding of key concepts in abstract algebra.

Chapter 5 - Advanced Encryption Standard

orangeball AES Home Page: NIST's page on AES. Contains the standard plus a number of other relevant documents
orangeball AES Lounge: Contains a comprehensive bibliography of documents and papers on AES, with access to electronic copies.
orangeball AES Animation: An excellent way to gain an understanding of the inner workings of AES.
orangeball A Stick Figure Guide to AES A fun but worthwhile explanation.new3
orangeball Stan Trenholme’s AES Page A series of articles which describe various aspects of AES, including annotated C code.

Chapter 6 - Block Cipher Operation

orangeball Block Cipher Modes of Operation: NIST page with full information on NIST-approved modes of operation.

Chapter 7 - Pseudorandom Number Generation and Stream Ciphers

orangeball NIST Random Number Generation Technical Working Group: Contains documents and tests developed by NIST that related to PRNGs for cryptographic applications. Also has useful set of links.
orangeball Quantum Random Numbers: You can access quantum random numbers on the fly here.
orangeball RandomNumber.org: Another source of random numbers.
orangeball A Million Random Digits: You'll never know when you're going to need some.
orangeball Can You Behave Randomly?: A set of exercises by Dr Christopher Wetzel, which are intended to help you better understand randomness by getting you to try and behave randomly. Behaving randomly is surprisingly difficult for humans.new3
orangeball Introduction to Probability and Statistics: A good short introduction by John Walker, highly recommended.new3

Chapter 8 - Number Theory

orangeball The Prime Pages: Prime number research, records, and resources.

Chapter 9 - Public-Key Cryptography and RSA

orangeball RSA Laboratories: The research center of RSA Security, Inc., it offers an extensive collection of technical material on RSA and other topics in cryptography.
orangeball RSA Tutorial: Excellent explanation of the math of RSA.

Chapter 10 - Other Public-Key Cryptosystems

orangeball Certicom: Extensive collection of technical material on elliptic curve cryptography and other topics in cryptography.

Chapter 11 - Cryptographic Hash Functions

orangeball NIST Secure Hashing Page: SHA FIPS and related documents.
orangeball Cryptographic Hash Algorithm Competition: NIST page on its competition for a new standardized hash algorithm, to be called SHA-3.
orangeball SHA-3 Home Page: This is the home site for Keccak, the winner of the SHA-3 competition. Complete documentation.
orangeball Video Course on Hash Functions: Series of 7 videos gives an overview of the nature of hash functions, their cryptographic and security properties, and time-stamping as a practical usage for hash functions.
orangeball Illustrated Guide to Cryptographic Hashes: A useful, easy-to-folllow introduction.new3

Chapter 12 - Message Authentication Codes

orangeball Block Cipher Modes of Operation: NIST page with full information on CMAC, CCM, and GCM.

Chapter 13 - Digital Signatures

orangeball Digital Signatures: NIST page with information on NIST-approved digital signature options.

Chapter 14 - Key Management and Distribution

orangeball Public-Key Infrastructure Working Group: IETF group developing standards based on X.509v3.
orangeball NIST PKI Program: Good source of information.
orangeball Verisign: A leading commercial vendor of X.509-related products; white papers and other worthwhile material at this site

Chapter 15 - User Authentication

orangeball MIT Kerberos Site: Information about Kerberos, including the FAQ, papers and documents, and pointers to commercial product sites.
orangeball MIT Kerberos Consortium: Created to establish Kerberos as the universal authentication platform for the world's computer networks.
orangeball USC/ISI Kerberos Page: Another good source of Kerberos material.
orangeball Kerberos Working Group: IETF group developing standards for Kerberos.
orangeball Strong Authentication at Fermilab A very detailed description of a large Kerberos V5 implementation. Well worth studying.new3

Chapter 16 - Transport-Level Security

orangeball TLS Charter: Latest RFCs and internet drafts for TLS.
orangeball OpenSSL Project: Project to develop open-source SSL and TLS software. Site includes documents, links, and software.

Chapter 17 - Wireless Network Security

orangeball Wi-Fi Alliance: An industry group promoting the interoperabiltiy of 802.11 products with each other and with Ethernet.
orangeball IEEE 802.11 Wireless LAN Working Group: Contains working group documents plus discussion archives.
orangeball Extensible Authentication Protocol (EAP) Method Update Working Group: IETF working group responsible for issuing standard EAP method specifications.
orangeball Open Mobile Alliance:Consolidation of the WAP Forum and the Open Mobile Architecture Initiative. Provides WAP technical specifications and industry links.

Chapter 18 - Electronic Mail Security

orangeball Symantec PGP Page: PGP Web site of Symantec, the leading PGP commercial vendor.
orangeball International PGP Home Page: Designed to promote worldwide use of PGP. Contains documents and links of interest.
orangeball S/MIME Charter: Latest RFCs and internet drafts for S/MIME.
orangeball DKIM Website hosted by Mutual Internet Practices Association, this site contains a wide range of documents and information related to DKIM.
orangeball DKIM Charter: Latest RFCs and internet drafts for DKIM.

Chapter 19 - IP Security

orangeball NIST IPsec Project: Contains papers, presentations, and reference implementations.
orangeball IPsec Maintenance and Extensions Charter: Latest RFCs and internet drafts for IPsec.

Chapter 20 - Intruders

orangeball Open Security Foundation: Runs the DataLossDB project, which compiles a wide variety of statistics, charts, graphs, and incident report.new3
orangeball CERT Coordination Center: The organization that grew from the computer emergency response team formed by the Defense Advanced Research Projects Agency. Site provides good information on Internet security threats, vulnerabilities, and attack statistics.
orangeball Packet Storm: Resource of up-to-date and historical security tools, exploits, and advisories.
orangeball Honeynet Project: A research project studying the techniques of predatory hackers and developing honeypot products
orangeball Honeypots: A good collection of research papers and technical articles.
orangeball Password Usage and Generation NIST documents on this topic

Chapter 21 - Malicious Software

orangeball Vmyths: Dedicated to exposing virus hoaxes and dispelling misconceptions about real viruses.
orangeball SecureList: Site maintained by commercial antivirus software provider. Good collection of useful information on viruses, hackers, and spam.
orangeball DDoS Attacks/Tools: Extensive list of links and documents.

Chapter 22 - Firewalls

orangeball Firewall.com: Numerous links to firewall references and software resources.

Chapter 23 - Legal and Ethical Aspects

orangeball Criminal Justice Resources: CyberCrime: Excellent collection of links maintained by Michigan State University.
orangeball International High Technology Crime Investigation Association: A collaborative effort of law enforcement and the private sector. Contains useful set of links and other resources.
orangeball Computer Ethics Institute: Includes documents, case studies, and links.