Cryptography & Security moves fast. Keep up! (original) (raw)

          _""^^"-.
        /  /   \  \
        |  |.-""-.|        ___ ___ _____ _____ ___ ___
       ////`.;;;;.`\      | _ \ __|_   _|_   _| __| _ \\
      |||; ::/  \:: ;     |   / _|  | |   | | | _||   /
      |||; ::\__/:: ;     |_|_\___| |_|   |_| |___|_|_\\
       \\\\ ';;;;' /      Cryptography & Security moves fast. Keep up!
        `==':-..-'`

                   http://maciejczyzewski.me/retter

                         By: M. A. Czyzewski
                         Date:    06/03/2017

        This code is explicitly placed into the public domain.

[COURSES |LIBRARIES |TOOLS |ALGORITHMS |CONFERENCES |CRYPTOGRAPHERS |ORGANIZATIONS & GROUPS]

NOTE: If you see mistakes, expired links or would like to expand the list with your own bookmarks. Feel free to contribute to this project! If you want to know more about this project, please read the README. List below is still in the process of creation...

Courses

  1. 52 Things People Should Know To Do Cryptography
    Cryptography is a highly interdiscplinary area; calling on expertise in Pure Mathematics, Computer Science and Electronic Engineering. At Bristol we cover the full range of these topics and as such our students come with a variety of backgrounds and need to understand a diverse range of topics.
  2. A Graduate Course in Applied Cryptography
    This book is about exactly that; constructing practical cryptosystems for which we can argue security under plausible assumptions. The book covers many constructions for different tasks in cryptography.
  3. Advanced Topics in Cryptography
    The topics covered in this course include interactive proofs, zero-knowledge proofs, zero-knowledge proofs of knowledge, non-interactive zero-knowledge proofs, secure protocols, two-party secure computation, multiparty secure computation, and chosen-ciphertext security.
  4. Berkeley's Computer Security
    Good for beginners course on computer security basics.
  5. CRYPTO101 - Introductory Course
    Is an introductory course on cryptography, freely available for programmers of all ages and skill levels.
  6. Cryptographic Right Answers from Thomas Ptacek
    A short note on the topics of security and cryptography.
  7. Cryptography and Cryptanalysis
    This course features a rigorous introduction to modern cryptography, with an emphasis on the fundamental cryptographic primitives of public-key encryption, digital signatures, pseudo-random number generation, and basic protocols and their computational complexity requirements.
  8. Dan Boneh's Coursera Cryptography Course
    Cryptography is an indispensable tool for protecting information in computer systems. This course explains the inner workings of cryptographic primitives and how to correctly use them. Students will learn how to reason about the security of cryptographic constructions and how to apply this knowledge to real-world applications.
  9. Handbook of Applied Cryptography
    This site provides order information, updates, errata, supplementary information, chapter bibliographies, and other information for the Handbook of Applied Cryptography by Menezes, van Oorschot and Vanstone.
  10. Kali Linux - A guide to Ethical hacking
    Kali is a Debian-derived Linux distribution designed for digital forensics and penetration testing. This site should help to understand basics.
  11. Practical Aspects of Modern Cryptography
    Course include an extensive range of knowledge about modern cryptography.
  12. The Matasano Crypto Challenges
    This is a different way to learn about crypto than taking a class or reading a book. Course give you problems to solve. They're derived from weaknesses in real-world systems and modern cryptographic constructions.
  13. Theory and Practice of Cryptography Mini-Course
    This mini-course was taught in 2007 at Google. It is intended to be a brief survey for a general technical audience.

Libraries

  1. C
    • avr-crypto-lib: Is a set of implementations of different cryptographic primitives. Due to the special limitations of microcontrollers.
    • cryptlib: An open source cross-platform software security toolkit library.
    • crypto-algorithms: Basic implementations of standard cryptography algorithms, like AES and SHA-1.
    • Libgcrypt: Is a cryptographic library developed as a separated module of GnuPG. It provides functions for all cryptograhic building blocks, own multiple precision arithmetic implementation.
    • libsodium: A modern and easy-to-use crypto library.
    • Nettle: A cryptographic library that is designed to fit easily in more or less any context.
    • RHash: Great utility for computing hash sums.
    • sha3sum: SHA-3 and Keccak checksum utility.
  2. C++
    • Botan: It provides a wide variety of cryptographic algorithms, formats, and protocols, e.g. SSL and TLS.
    • Crypto++: Is a free and open source C++ class library of cryptographic algorithms and schemes.
    • HElib: An Implementation of homomorphic encryption.
    • NaCl: High-speed software library for network communication, encryption, decryption, signatures, etc.
  3. C# / .NET
    • Data.HashFunction: Common interface library to non-cryptographic hash functions with numerous implementations.
    • PCLCrypto: Portable Class Library that invokes native implementations of cryptographic functions on Microsoft .NET, Mono, Silverlight, WinRT, Windows Phone, iOS and Android.
  4. PYTHON
    • cryptography: A package designed to expose cryptographic primitives and recipes to Python developers.
    • pycrypto: Widely used package containing various cryptographic modules and functions.
  5. JAVASCRIPT
    • cryptojs: Provide standard and secure cryptographic algorithms for NodeJS.
    • hmacsha1.js: A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined.
    • javascript-crypto-library: Provides web developers with an extensive and efficient set of cryptographic functions.
    • jsHashes: Pure JavaScript implementation of the most extended hash algorithms.
    • sjcl: Is a project by the Stanford Computer Security Lab to build a secure, powerful, fast, small, easy-to-use, cross-browser library for cryptography in Javascript.
  6. CLOJURE
    • pandect: Fast and easy-to-use Message Digest, Checksum and HMAC library for Clojure.
  7. ACTIONSCRIPT
    • as3corelib: An ActionScript 3 Library that contains a number of classes and utilities.
  8. RUBY
    • rbnacl: Ruby binding to the Networking and Cryptography (NaCl) library.
  9. OBJECTIVE-C
    • CocoaSecurity: AES, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, Base64, Hex
    • RNCryptor: CCCryptor (AES encryption) wrappers for iOS and Mac.
  10. RUST
  1. HASKELL
  1. JAVA

Tools

  1. PENETRATION DISTRIBUTIONS & FRAMEWORKS
    • BackBox: Ubuntu-based distribution for penetration tests and security assessments.
    • beef: The Browser Exploitation Framework Project.
    • BlackArch: Arch Linux-based distribution for penetration testers and security researchers.
    • Burp Suite: An integrated platform for performing security testing of web applications.
    • ExploitPack: Graphical tool for penetration testing with a bunch of exploits.
    • Kali: A Linux distribution designed for digital forensics and penetration testing.
    • Metasploit Framework: World's most used penetration testing software.
    • NST: Network Security Toolkit distribution.
    • Pentoo: Security-focused livecd based on Gentoo.
    • Responder: Is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server.
  2. NETWORK
    • airbourne: Script features a shell menu with many options handling network interfaces, injections, wireless monitoring, deauthentication, wep statistical crack, wep ptw method, wpa password list method, wpa john the ripper method.
    • Aircrack-ng: A set of tools for auditing wireless network.
    • DHCPig: DHCP exhaustion script written in python using scapy network library.
    • Dirtbags py-pcap: Read pcap files without libpcap.
    • dnsspoof: DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response.
    • dpkt: Fast, simple packet creation/parsing, with definitions for the basic TCP/IP protocols.
    • dsniff: Is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).
    • etherwall: Is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks.
    • ettercap: Is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
    • flowgrep: Grep through packet payloads using regular expressions.
    • FunkLoad: Functional and load web tester.
    • Kismet: Wireless network detector, sniffer, and IDS.
    • Knock Subdomain Scan: Enumerate subdomains on a target domain through a wordlist.
    • LANs.py: Inject code, jam wifi, and spy on wifi users.
    • libdnet: Low-level networking routines, including interface lookup and Ethernet frame transmission.
    • lorcon: A common injection and control library for wireless packet crafting.
    • Mallory: Extensible TCP/UDP man-in-the-middle proxy, supports modifying non-standard protocols on the fly.
    • MITMf: Framework for Man-In-The-Middle attacks.
    • mitmproxy: SSL-capable, intercepting HTTP proxy. Console interface allows traffic flows to be inspected and edited on the fly.
    • net-creds: Sniffs sensitive data from interface or pcap.
    • netsniff-ng: A Swiss army knife for for network sniffing.
    • Network Tools: Different network tools: ping, lookup, whois, etc.
    • nmap: Free Security Scanner For Network Exploration & Security Audits.
    • pathod: Pathological daemon/client for tormenting HTTP clients and servers.
    • ProxMon: Processes proxy logs and reports discovered issues.
    • pynids: Libnids wrapper offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection.
    • pypcap: Python bindings for libpcap.
    • Pytbull: Flexible IDS/IPS testing framework (shipped with more than 300 tests).
    • Reaver: Brute force attack against Wifi Protected Setup.
    • Scapy: Send, sniff and dissect and forge network packets. Usable interactively or as a library.
    • Seringe: Is a tool that intercepts ARP requests and replies with his own hardware address.
    • SPARTA: Network Infrastructure Penetration Testing Tool.
    • SubBrute: Fast subdomain enumeration tool.
    • tcpdump: A common packet analyzer that runs under the command line.
    • Windmill: Web testing tool designed to let you painlessly automate and debug your web application.
    • Wireshark: A network protocol analyzer for Unix and Windows.
    • WSMap: Find web service endpoints and discovery files.
    • zmap: Is an open-source network scanner that enables researchers to easily perform Internet-wide network studies.
  3. SSL ANALYSIS
    • sslstrip: A demonstration of the HTTPS stripping attacks.
    • SSLyze: SSL configuration scanner.
  4. CRACKERS
  5. DOS & DDOS
    • JS LOIC: JavaScript in-browser version of LOIC.
    • LOIC: An open source network stress tool for Windows.
    • mass-deauth: A script for 802.11 mass-deauthentication.
    • nkiller2: A TCP exhaustion/stressing tool.
    • r-u-dead-yet: Implements the generic HTTP DoS attack via long form field submissions.
    • slowhttptest: Is a highly configurable tool that simulates some Application Layer Denial of Service attacks.
    • slowloris: The low bandwidth, yet greedy and poisonous HTTP client.
    • sockstress: Is (TCP DoS) implementation.
    • torshammer: Tor's hammer. Slow post DDOS tool written in python.
    • ufonet: Is a tool designed to launch DDoS attacks against a target, using "Open Redirect" vectors on third party web applications, like botnet.
    • wifijammer: Continuously jam all wifi clients/routers.
    • wifikill: A python program to kick people off of wifi.
  6. ANONIMITY
    • I2P: The Invisible Internet Project.
    • Tor: The free software for enabling onion routing online anonymity.
  7. REVERSE ENGINEERING
    • Evan's Debugger: OllyDbg-like debugger for Linux.
    • IDA Free: The freeware version of IDA v5.0.
    • IDA Pro: A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger.
    • Immunity Debugger: A powerful new way to write exploits and analyze malware.
    • OllyDbg: An x86 debugger that emphasizes binary code analysis.
    • Radare2: Opensource, crossplatform reverse engineering framework.
    • WDK: Windows Driver Kit and WinDbg.
    • x64_dbg: An open-source x64/x32 debugger for windows.
  8. FUZZING
    • antiparser: Fuzz testing and fault injection API.
    • Construct: Library for parsing and building of data structures (binary or textual). Define your data structures in a declarative manner.
    • Forensic Fuzzing Tools: Generate fuzzed files, fuzzed file systems, and file systems containing fuzzed files in order to test the robustness of forensics tools and examination systems.
    • Fusil: Python library used to write fuzzing programs.
    • Fuzzbox: Multi-codec media fuzzer.
    • fuzzer.py (feliam): simple fuzzer by Felipe Andres Manzano.
    • Mistress: Probe file formats on the fly and protocols with malformed data, based on pre-defined patterns.
    • Peach Fuzzing Platform: Extensible fuzzing framework for generation and mutation based fuzzing (v2 was written in Python).
    • Powerfuzzer: Highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer).
    • sqlmap: Automatic SQL injection and database takeover tool.
    • Sulley: Fuzzer development and fuzz testing framework consisting of multiple extensible components.
    • TAOF: (The Art of Fuzzing) including ProxyFuzz, a man-in-the-middle non-deterministic network fuzzer.
    • Windows IPC Fuzzing Tools: Tools used to fuzz applications that use Windows Interprocess Communication mechanisms.
    • WSBang: Perform automated security testing of SOAP based web services.
  9. FORENSICS
    • aft: Android forensic toolkit.
    • LibForensics: Library for developing digital forensics applications.
    • Rekall: Memory analysis framework developed by Google.
    • TrIDLib: Identify file types from their binary signatures. Now includes Python binding.
    • Volatility: Extract digital artifacts from volatile memory (RAM) samples.
  10. MALWARE & VULNERABILITY ANALYSIS
  1. OTHERS

Algorithms

The list below is a little outdated and confused. However, if you know some interesting algorithm, or you are the creator of it. You can add here a few information.

See comparison of cryptographic hash functions or list of the best for uniqueness and speed hashing algorithms.

  1. CHECKSUMS
  2. CYCLIC REDUNDANCY CHECKS
  3. HASH FUNCTIONS (MDCS)
  4. HASH FUNCTIONS (MACS)
  5. BLOCK CIPHERS
    • AES: [~] 1998
  6. STREAM CIPHERS
  7. PUBLIC-KEY CIPHERS
    • RSA: [+] 1977
  8. PSEUDORANDOM GENERATORS
  9. PSEUDORANDOM FUNCTION FAMILY

Below is a list of notes to algorithms including: description, implementations, cryptoanalysis and materials. It should be a summary of the most important information, with an emphasis on attacks and interesting bookmarks. (in catalogs should be placed useful scripts)

  1. Adler-32
    Compared to a cyclic redundancy check of the same length, it trades reliability for speed. Adler-32 is more reliable than Fletcher-16, and slightly less reliable than Fletcher-32.
    Jonathan Stone discovered in 2001 that Adler-32 has a weakness for very short messages. He wrote "Briefly, the problem is that, for very short packets, Adler-32 is guaranteed to give poor coverage of the available bits. Don't take my word for it, ask Mark Adler :-)"
    Authors: Mark Adler
    Published: 1995
    Structure: Rolling Sums
    Sizes: 32 Bits
    Materials:

[Cyclic Redundancy Checks, Checksums] 2. AES
AES is based on the Rijndael cipher developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes.
Until May 2009, the only successful published attacks against the full AES were side-channel attacks on some specific implementations.
Authors: Joan Daemen, Vincent Rijmen
Structure: Substitution-Permutation Network
Published: 1998
Materials:

[Symmetric-Key Primitives, Block Ciphers] 3. BLAKE
It is based on Dan Bernstein's ChaCha stream cipher, but a permuted copy of the input block, XORed with some round constants, is added before each ChaCha round.
Authors: Jean-Philippe Aumasson, Luca Henzen, Willi Meier, Raphael C.-W. Phan
Series: Blake, Blake2
Published: 2008
Rounds: 14 Or 16
Structure: Haifa Structure
Sizes: 224, 256, 384 Or 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 4. BSD
The BSD checksum algorithm is a commonly used, legacy checksum algorithm. It has been implemented in BSD and is also available through the GNU sum command line utility.
Structure: Crc
Sizes: 16 Bits
Materials:

[Cyclic Redundancy Checks] 5. CityHash
CityHash provides hash functions for strings.
It has been superseded by FarmHash. Further updates to CityHash are fairly unlikely.
Authors: Geoff Pike and Jyrki Alakuijala
Published: 2010
Structure: Product/Rotation
Sizes: 64, 128, Or 256 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 6. Damm Algorithm
In error detection, the Damm algorithm is a check digit algorithm that detects all single-digit errors and all adjacent transposition errors.
Authors: H. Michael Damm
Published: 2004
Structure: Quasigroup Operation
Sizes: 1 Decimal Digit
Materials:

[Checksums] 7. ECOH
The elliptic curve only hash (ECOH) algorithm was submitted as a candidate for SHA-3 in the NIST hash function competition.
However, it was rejected in the beginning of the competition since a second pre-image attack was found.
Authors: Daniel R. L. Brown, Matt Campagna, Rene Struik
Published: 2008
Structure: Hash
Sizes: 224, 256, 384 Or 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 8. Fletcher
The Fletcher checksum is an algorithm for computing a position-dependent checksum. The objective of the Fletcher checksum was to provide error-detection properties approaching those of a cyclic redundancy check but with the lower computational effort associated with summation techniques.
The Fletcher checksum cannot distinguish between blocks of all 0 bits and blocks of all 1 bits. For example, if a 16-bit block in the data word changes from 0x0000 to 0xFFFF, the Fletcher-32 checksum remains the same. This also means a sequence of all 00 bytes has the same checksum as a sequence (of the same size) of all FF bytes.
Authors: John Gould Fletcher
Published: 1970
Structure: Sum
Sizes: 4, 8, 16, 32 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Checksums, Cyclic Redundancy Checks] 9. Fowler–Noll–Vo Hash Function
The basis of the FNV hash algorithm was taken from an idea sent as reviewer comments to the IEEE POSIX P1003.2 committee by Glenn Fowler and Phong Vo in 1991. In a subsequent ballot round, Landon Curt Noll improved on their algorithm.
Authors: Glenn Fowler, Landon Curt Noll, Phong Vo
Published: 1991
Structure: Xor/Product Or Product/Xor
Sizes: 32, 64, 128, 256, 512, Or 1024 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 10. GOST
The GOST hash function, defined in the standards GOST R 34.11-94 and GOST 34.311-95, is a 256-bit cryptographic hash function. It was initially defined in the Russian national standard GOST R 34.11-94 Information Technology - Cryptographic Information Security - Hash Function. The equivalent standard used by other member-states of the CIS is GOST 34.311-95.
In 2008, an attack was published that breaks the full-round GOST hash function. The paper presents a collision attack in 2^105 time, and first and second preimage attacks in 2^192 time (2^n time refers to the approximate number of times the algorithm was calculated in the attack).
Authors: FAPSI
Published: 1994
Rounds: 32
Structure: Hash
Sizes: 256 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 11. Grøstl
Grøstl is a cryptographic hash function submitted to the NIST hash function competition by Praveen Gauravaram, Lars Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, and Søren S. Thomsen. Grøstl was chosen as one of the five finalists of the competition. It uses the same S-box as AES in a custom construction. The authors claim speeds of up to 21.4 cycles per byte on an Intel Core 2 Duo.
Authors: Praveen Gauravaram, Lars Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, and Søren S. Thomsen
Published: 2008
Rounds: 10 And 14
Structure: Hash
Sizes: 256 And 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 12. HAS-160
HAS-160 is a cryptographic hash function designed for use with the Korean KCDSA digital signature algorithm. It is derived from SHA-1, with assorted changes intended to increase its security. It produces a 160-bit output.
Authors: Korean
Published: 2002
Rounds: 80
Structure: Hash
Sizes: 160 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 13. HAVAL
HAVAL is a cryptographic hash function. Unlike MD5, but like most modern cryptographic hash functions, HAVAL can produce hashes of different lengths. HAVAL can produce hashes in lengths of 128 bits, 160 bits, 192 bits, 224 bits, and 256 bits. HAVAL also allows users to specify the number of rounds (3, 4, or 5) to be used to generate the hash.
Research has uncovered weaknesses which make further use of HAVAL (at least the variant with 128 bits and 3 passes with 2^6 operations) questionable. On 17 August 2004, collisions for HAVAL (128 bits, 3 passes) were announced by Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu.
Authors: Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry
Published: 1992
Rounds: 4
Structure: Hash
Sizes: 128 To 256 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 14. ISAAC
ISAAC is a cryptographically secure pseudorandom number generator and a stream cipher. The algorithm has similarities with RC4.
Marina Pudovkina attack (2001) can recover the initial state with a complexity that is approximated to be less than the time needed for searching through the square root of all possible initial states.
Authors: Robert J. Jenkins Jr.
Published: 1996
Structure: Indirection, Shift, Accumulate, Add, And Count
Sizes: Arbitrary
Materials:

[Symmetric-Key Primitives, Stream Ciphers, Pseudorandom Generators] 15. Jenkins Hash Function
The Jenkins hash functions are a collection of (non-cryptographic) hash functions for multi-byte. They can be used also as checksums to detect accidental data corruption or detect identical records in a database.
Authors: Bob Jenkins
Published: 1997
Structure: Xor/Addition
Sizes: 32 Or 64 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Checksums] 16. JH
JH is a cryptographic hash function submitted to the NIST hash function competition by Hongjun Wu. JH has a 1024-bit state, and works on 512-bit input blocks.
Authors: Hongjun Wu
Published: October 2008
Structure: Hash
Sizes: 224, 256, 384, 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 17. Luhn Algorithm
The Luhn algorithm or Luhn formula, also known as the "modulus 10" or "mod 10" algorithm, is a simple checksum formula used to validate a variety of identification numbers, such as credit card numbers, IMEI numbers, National Provider Identifier numbers in US and Canadian Social Insurance Numbers.
Authors: Hans Peter Luhn
Published: 1954
Structure: Sum
Sizes: 4 Bits
Materials:

[Checksums] 18. MD2
The MD2 Message-Digest Algorithm is a cryptographic hash function. The algorithm is optimized for 8-bit computers. Although MD2 is no longer considered secure, even as of 2014, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA.
Rogier and Chauvaud (1997) described collisions of MD2's compression function, although they were unable to extend the attack to the full MD2. In 2009, security updates were issued disabling MD2 in OpenSSL, GnuTLS, and Network Security Services.
Authors: Ronald Rivest
Series: Md2, Md4, Md5, Md6
Published: August 1989
Rounds: 18
Structure: Hash
Sizes: 128 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 19. MD4
The MD4 Message-Digest Algorithm is a cryptographic hash function. The digest length is 128 bits. The algorithm has influenced later designs, such as the MD5, SHA-1 and RIPEMD algorithms.
The security of MD4 has been severely compromised. The first full collision attack against MD4 was published in 1995 and several newer attacks have been published since then. As of 2007, an attack can generate collisions in less than 2 hash operations. A theoretical preimage attack also exists.
Authors: Ronald Rivest
Series: Md2, Md4, Md5, Md6
Published: October 1990
Rounds: 3
Structure: Merkle–Damgård Construction
Sizes: 128 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 20. MD5
The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32 digit hexadecimal number. MD5 has been utilized in a wide variety of cryptographic applications, and is also commonly used to verify data integrity.
A 2013 attack by Xie Tao, Fanbao Liu, and Dengguo Feng breaks MD5 collision resistance in 2^18 time. This attack runs in less than a second on a regular computer.
Authors: Ronald Rivest
Series: Md2, Md4, Md5, Md6
Published: April 1992
Rounds: 4
Structure: Merkle–Damgård Construction
Sizes: 128 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 21. MD6
The MD6 Message-Digest Algorithm is a cryptographic hash function. It uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 cycles per byte for MD6-256 on an Intel Core 2 Duo and provable resistance against differential cryptanalysis.
Authors: Ronald Rivest, Benjamin Agre, Dan Bailey, Sarah Cheng, Christopher Crutchfield, Yevgeniy Dodis, Kermin Fleming, Asif Khan, Jayant Krishnamurthy, Yuncheng Lin, Leo Reyzin, Emily Shen, Jim Sukha, Eran Tromer, Yiqun Lisa Yin
Series: Md2, Md4, Md5, Md6
Published: 2008
Structure: Merkle Tree
Sizes: 128 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)] 22. Mersenne Twister
The Mersenne Twister is a pseudorandom number generator (PRNG). Its name derives from the fact that its period length is chosen to be a Mersenne prime.
Authors: Makoto Matsumoto, Takuji Nishimura
Published: 1997
Period: (2^19937)-1
Structure: Mersenne Primes
Sizes: 64 Bits
Materials:

[Pseudorandom Generators] 23. MurmurHash
MurmurHash is a non-cryptographic hash function suitable for general hash-based lookup.
Authors: Austin Appleby
Published: 2008
Structure: Product/Rotation
Sizes: 32, 64, Or 128 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Random Sequences] 24. Pearson Hashing
Pearson hashing is a hash function designed for fast execution on processors with 8-bit registers.
Authors: Peter K. Pearson
Published: 1990
Structure: Xor/Table
Sizes: 8 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 25. RadioGatún
RadioGatún is a cryptographic hash primitive created by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. It was first publicly presented at the NIST Second Cryptographic Hash Workshop, held in Santa Barbara, California, on August 24–25, 2006, as part of the NIST hash function competition.
The most effective attack against the algorithm with a complexity of 2^11 is given in the paper "Cryptanalysis of RadioGatun" by Thomas Fuhr and Thomas Peyrin. While more effective than the other attacks this attack still does not break the security claim.
Authors: Guido Bertoni, Joan Daemen, Michaël Peeters, Gilles Van Assche
Published: 2006
Structure: Hash
Sizes: Up To 1216 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 26. RIPEMD
RIPEMD (RACE Integrity Primitives Evaluation Message Digest) is a family of cryptographic hash functions developed in Leuven, Belgium, by Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven, and first published in 1996. RIPEMD was based upon the design principles used in MD4, and is similar in performance to the more popular SHA-1.
Authors: Hans Dobbertin, Antoon Bosselaers and Bart Preneel
Published: 1996
Structure: Hash
Sizes: 128, 160, 256, 320 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 27. RSA
RSA is one of the first practical public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and differs from the decryption key which is kept secret.
Authors: Ron Rivest, Adi Shamir, Leonard Adleman
Structure: Factoring Problem
Published: 1977
Materials:

[Public-Key Primitives, Public-Key Ciphers] 28. SHA-1
In cryptography, SHA-1 is a cryptographic hash function designed by the United States National Security Agency and is a U.S. Federal Information Processing Standard published by the United States NIST.
As of 2012, the most efficient attack against SHA-1 is considered to be the one by Marc Stevens with an estimated cost of $2.77M to break a single hash value by renting CPU power from cloud servers. Stevens developed this attack in a project called HashClash, implementing a differential path attack. On 8 November 2010, he claimed he had a fully working near-collision attack against full SHA-1 working with an estimated complexity equivalent to 2^57.5 SHA-1 compressions. He estimates this attack can be extended to a full collision with a complexity around 2^61.
Authors: National Security Agency
Series: Sha-1, Sha-2, Sha-3
Published: 1995
Rounds: 80
Structure: Merkle–Damgård Construction
Sizes: 160 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)] 29. SHA-2
SHA-2 is a set of cryptographic hash functions designed by the NSA (U.S. National Security Agency). SHA stands for Secure Hash Algorithm.
Currently, the best public attacks break preimage resistance 52 rounds of SHA-256 or 57 rounds of SHA-512, and collision resistance for 46 rounds of SHA-256.
Authors: National Security Agency
Series: Sha-1, Sha-2, Sha-3
Published: 2001
Rounds: 64 Or 80
Structure: Merkle–Damgård Construction
Sizes: 224, 256, 384, Or 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)] 30. SHA-3
SHA-3, a subset of the cryptographic primitive family Keccak. SHA-3 uses the sponge construction, in which message blocks are XORed into a subset of the state, which is then transformed as a whole. In the version used in SHA-3, the state consists of a 5×5 array of 64-bit words, 1600 bits total.
Authors: Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche
Series: Sha-1, Sha-2, Sha-3
Published: 2012
Structure: Sponge Construction
Sizes: Arbitrary
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Symmetric-Key Primitives, Hash Functions (MACs)] 31. SipHash
SipHash is an Add-Rotate-Xor (ARX) based family of pseudorandom functions created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.
Authors: Jean-Philippe Aumasson, Daniel J. Bernstein
Published: 2012
Structure: Non-Collision-Resistant Prf
Sizes: 64 Bits
Materials:

[Symmetric-Key Primitives, Hash Functions (MACs), Pseudorandom Sequences, Pseudorandom Function Family, Pseudorandom Generators] 32. Skein
Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak.
In October 2010, an attack that combines rotational cryptanalysis with the rebound attack was published. The attack finds rotational collisions for 53 of 72 rounds in Threefish-256, and 57 of 72 rounds in Threefish-512. It also affects the Skein hash function. This is a follow-up to the earlier attack published in February, which breaks 39 and 42 rounds respectively.
Authors: Bruce Schneier, Niels Ferguson
Published: 2010
Structure: Unique Block Iteration
Sizes: Arbitrary
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 33. Snefru
Snefru is a cryptographic hash function which supports 128-bit and 256-bit output. It was named after the Egyptian Pharaoh Sneferu, continuing the tradition of the Khufu and Khafre block ciphers.
Authors: Ralph Merkle
Published: 1990
Structure: Hash
Sizes: 128 Or 256 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 34. Spectral Hash
Spectral hash is a new family of hash functions using the discrete Fourier transform and a nonlinear transformation constructed via data dependent permutations. DFT is a well-known cryptographic primitive perfect for generating diffusion and confusion.
Authors: Gokay Saldamlı, Cevahir Demirkıran, Megan Maguire, Carl Minden, Jacob Topper, Alex Troesch, Cody Walker, Çetin Kaya Koç
Published: 2009
Structure: Wide Pipe Merkle-Damgård Construction
Sizes: 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 35. SWIFFT
In cryptography, SWIFFT is a collection of provably secure hash functions. It is based on the concept of the Fast Fourier Transform (FFT). SWIFFT is not the first hash function based on FFT, but it sets itself apart by providing a mathematical proof of its security. It also uses the LLL basis reduction algorithm.
Known working attacks are: Generalized Birthday Attack, which takes 2^106 operations and inversion attacks which takes 2^448 operations for a standard parameter choice. This is usually considered to be enough to render an attack by an adversary infeasible.
Authors: Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, Alon Rosen
Published: 2008
Structure: Hash
Sizes: 512 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 36. SYSV
The SYSV checksum algorithm is commonly used, legacy checksum algorithms. It has been implemented in UNIX System V and is also available through the GNU sum command line utility.
Re-arranging the same bytes in another order does not change the checksum. Increasing one byte and decreasing another byte by the same amount does not change the checksum. Adding or removing zero bytes does not change the checksum.
Structure: Crc
Sizes: 16 Bits
[Unkeyed Primitives, Hash Functions (MDCs), Cyclic Redundancy Checks] 37. Tiger
In cryptography, Tiger is a cryptographic hash function designed by Ross Anderson and Eli Biham in 1995 for efficiency on 64-bit platforms. The size of a Tiger hash value is 192 bits. Truncated versions (known as Tiger/128 and Tiger/160) can be used for compatibility with protocols assuming a particular hash size. Unlike the SHA-2 family, no distinguishing initialization values are defined; they are simply prefixes of the full Tiger/192 hash value.
John Kelsey and Stefan Lucks have found a collision-finding attack on 16-round Tiger with a time complexity equivalent to about 2^44 compression function invocations and another attack that finds pseudo-near collisions in 20-round Tiger with work less than that of 2^48 compression function invocations. Florian Mendel et al. have improved upon these attacks by describing a collision attack spanning 19 rounds of Tiger, and a 22-round pseudo-near-collision attack. These attacks require a work effort equivalent to about 2^62 and 2^44 evaluations of the Tiger compression function, respectively.
Authors: Ross Anderson and Eli Biham
Published: 1996
Rounds: 24
Structure: Merkle-Damgård Construction
Sizes: 192 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs)] 38. Verhoeff Algorithm
It was the first decimal check digit algorithm which detects all single-digit errors, and all transposition errors involving two adjacent digits, which was at the time thought impossible with such a code.
Authors: Jacobus Verhoeff
Published: 1969
Structure: Sum
Sizes: 4 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Checksums] 39. Wichmann-Hill
Wichmann-Hill is a pseudorandom number generator. In its core, numbers are generated by taking the fractional part of a sum of rectangularly distributed numbers from imperfect algorithms.
Authors: Brian Wichmann, David Hill
Structure: Fractional
Published: 1982
Materials:

[Pseudorandom Generators] 40. Xorshift
Xorshift random number generators are a class of pseudorandom number generators that was discovered by George Marsaglia.
They are a subclass of linear feedback shift registers, but their simple implementation typically makes them faster and use less space.
Authors: George Marsaglia
Published: July 2003
Structure: Xor/Shift
Sizes: 16, 32, 64, 128 Bits
Materials:

[Pseudorandom Generators] 41. xxHash
xxHash is an Extremely fast Hash algorithm, running at RAM speed limits.
Authors: Yann Collet
Published: 2012
Sizes: 32, 64 Bits
Materials:

[Unkeyed Primitives, Hash Functions (MDCs), Random Sequences] 42. Zobrist Hashing
Zobrist hashing is a hash function construction used in computer programs that play abstract board games, such as chess and Go, to implement transposition tables, a special kind of hash table that is indexed by a board position and used to avoid analyzing the same position more than once.
Authors: Albert Lindsey Zobrist
Published: 1969
Structure: Xor
Sizes: Variable
Materials:

[Symmetric-Key Primitives, Signatures, Identification Primitives]

Conferences

Mihir Bellare conducts calendar, which is often updated, also worth a look at IEEE Cipher's.

See current list of call for papers.

[security |crypto |hack]

MAJOR

Cryptographers

  1. Adam Back
  2. Adam Shostack
  3. Adi Shamir
  4. Alan Theodore Sherman
  5. Andy Klapper
  6. Ankur Tyagi
  7. Anne Canteaut
  8. Anton Stiglic
  9. Antoon Bosselaers
  10. Arnoud Engelfriet
  11. Avrim Blum
  12. Bart Preneel
  13. Bennet Yee
  14. Bob Jenkins
  15. Brian LaMacchia
  16. Bruce Schneier
  17. Carl Ellison
  18. Christian Cachin
  19. Claude Crepeau
  20. Clifford Neuman
  21. Cunsheng Ding
  22. D. J. Bernstein
  23. Damien Doligez
  24. Dan Boneh
  25. Daniele Micciancio
  26. David A. McGrew
  27. David Chaum
  28. David Wagner
  29. Derek Atkins
  30. Don Davis
  31. Doug Stinson
  32. Doug Tygar
  33. Egor Homakov
  34. Eli Biham
  35. Eyal Kushilevitz
  36. Frank Stajano
  37. George Davida
  38. Gilles Brassard
  39. Giuseppe Persiano
  40. Gordon B. Agnew
  41. Helger Lipmaa
  42. Hendrik W. Lenstra
  43. James Donald
  44. Joan Boyar
  45. Joan Feigenbaum
  46. Johan Hastad
  47. Joseph H. Silverman
  48. Kevin McCurley
  49. Lars R. Knudsen
  50. Laurent Demailly
  51. Leonard Adleman
  52. Liran Lerman
  53. Maciej A. Czyzewski
  54. Markus Jakobsson
  55. Markus Kuhn
  56. Matt Blaze
  57. Matt Franklin
  58. Mihir Bellare
  59. Mike Just
  60. Mike Luby
  61. Moni Naor
  62. Moti Yung
  63. Oded Goldreich
  64. Paul Kocher
  65. Peter Gutmann
  66. Peter Neumann
  67. Phil Karn
  68. Phillip Rogaway
  69. Piete Brooks
  70. Rafail Ostrovsky
  71. Ralph C. Merkle
  72. Ran Canetti
  73. Robert J. McEliece
  74. Roger Clarke
  75. Ronald L. Rivest
  76. Ross Anderson
  77. Russell Impagliazzo
  78. Sean Murphy
  79. Shafi Goldwasser
  80. Shai Halevi
  81. Simon R. Blackburn
  82. Stanislaw Jarecki
  83. Stephen A. Weis
  84. Tanja Lange
  85. Tom Berson
  86. Trevor Jim
  87. Ueli Maurer
  88. Victor Shoup
  89. Vince Cate
  90. Wei Dai
  91. Yiannis Tsiounis
  92. Yvo G. Desmedt

Organizations & Groups

#crypto & #security