Cryptography /Encryption

This list does not attempt to be exhaustive. It provides links to sources we have found particularly useful, and to other more comprehensive lists of sources on the subject.

Elsewhere off this site: Electronic Commerce compendium

Cryptography applied in various ways and circumstances is essential for security and trust:

In sum, read, cryptography impacts upon every aspect of considered e-commerce and private e-business relations.

#agreements Agreements

#groups Interest Groups

#aes AES Algorithm (Advanced Encryption Standard)

#reference Reference

#software Security Software

Crypto Law Survey Bert Jaap Koops

A Short History of Cryptography by Fred Cohen from Introductory Information Protection "a book about keeping people and organizations from harm caused by information. It requires little or mathematics and is suitable as a text for a graduate level or advanced undergraduate course." Fred Cohen & Associates

Why Cryptography Is Harder Than It Looks by Bruce Schneier CTO and Founder Counterpane Internet Security, Inc.

Agreements

Wassenaar Arrangement

Interest Groups

Center for Democracy and Technology

CryptoRights Foundation

Cyber Rights and Cyber Liberties UK on the Wassenaar Arrangement at Cyber Rights & Cyber Liberties

Electronic Frontier Foundation

International Cryptography Campaign

Foundation for Taxpayer and Consumer Rights

Global Internet Liberty Campaign

Free Congress Foundation

Echelonwatch

the American Civil Liberties Union

Electronic Frontiers Texas

Center for Media Education

Industry

Direct Marketing Association

TRUSTe

AES Algorithm (Advanced Encryption Standard)

NIST AES

AES Algorithm Advanced Encryption Standard (AES) Development Effort, Computer Security Division, National Institute of Standards and Technology, NIST is an agency of the U.S. Commerce Department's Technology Administration see Encryption toolkit Advanced Encryption Standard of the National Institute of Standards and Technology (NIST)

Report

"SPECIAL NOTE - Intellectual Property NIST reminds all interested parties that the adoption of AES is being conducted as an open standards-setting activity. Specifically, NIST has requested that all interested parties identify to NIST any patents or inventions that may be required for the use of AES. NIST hereby gives public notice that it may seek redress under the antitrust laws of the United States against any party in the future who might seek to exercise patent rights against any user of AES that have not been disclosed to NIST in response to this request for information."

Information Technology Laboratory

"Our goals are to strengthen the U.S. economy and improve the quality of life by providing the information technology industry and users with needed measurements and standards and to provide NIST with high quality information technology services."

Federal Information Processing Standards Publications

AES entry on Wikipedia

AES Winner announced October 2^nd, 2000

Rijndael by Joan Daemen and Vincent Rijmen   of Belgium.

publications Vincent Rijmen list DBLP Bibliography Server list 2everything

Joan Daemen list DBLP Bibliography Server list 2everything

Cryptix aes "an international volunteer effort to produce robust, open-source cryptographic software libraries. Cryptix products are free, both for commercial and non-commercial use and are being used by developers all over the world. Development is currently focused on Java."

The Rijndael algorithm is based on a block cipher algorithm (The Block Cipher Square Algorithm) described in an article in the October, 1997 issue of DDJ  

6{ 5 Finalists, August 1999

Twofish by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall and Niels Ferguson of Counterpane Systems in Minneapolis, Minn. (Schneier also developed the Blowfish symmetric algorithm).

Rijndael by Joan Daemen and Vincent Rijmen of Belgium.

Serpent * by Ross Anderson (Cambridge University, UK), Eli Biham (Israel) and Lars Knudsen (Norway).

MARS by IBM, Armonk, NY. (previous: DES back in the '70s)

RC6 by Ron Rivest and RSA Laboratories in Bedford, Mass. (previous: RSA public key algorithm and several other well known hashing and private key algorithms)

Data Encryption Standard (DES)

Data Encryption Standard (DES)

Data Encryption Standard (DES), Triple DES, and Skipjack Algorithms

Triple DES Validation List

Overview Triple DES Encryption

Easy DES File Encryption Software for Organizations!

Strong Encryption Package Federal Information Processing

Announcing the Standard for Data Encryption Standard (DES) FIPS PUB 46-2, Supersedes FIPS PUB 46-1, 1988 January 22 Federal Information Processing Standards Publication 46-2 1993 December 30.

Reference & Links

The Crypto Link Farm - Encryption and Security-related Resources A few of (the many) mirrors auto-updated:  

Security and Encryption-related Resources and Links by Peter Gutmann

Security pointers by Tom Dunigan

Security and Cryptography by Mark McCutcheon

Crypto - Cryptography resource on the Web by Matt Blaze

Cryptography and Security [+] by Ronald L. Rivest [+]

Crypto Page Paulo Barreto

Encryption and Security Tutorial

Cryptome

A Cryptographic Compendium   alternative location

EFF "Privacy - Crypto - Export Restrictions, ITAR and EAR" Archive Electronic Frontier Foundation

Cryptography Francis Litterio

Security & Cryptography standards by Michael Waidner

Security and Encryption * Quick Links

Encryption and Security Tutorial

Encryption, Security & Privacy News All E-Commerce

Cryptographic Algorithms Mach5 Cryptography Archives

What's Hot in Encryption - Bulletins EFF

Cryptography: The Study of Encryption Cryptography Francis Litterio

How electronic encryption works and how it will change your business Viacorp. com

Security Encryption PGP

GPG - The GNU Privacy Guard (Open PGP)

The Linux Encryption-HOWTO Homepage Linux Encryption HOWTO by Marc Mutz

OpenPGP (RFC2440)

Snake Oil Warning Signs: Encryption Software to Avoid an FAQ by Matt Curtin

Mitre CVE - Security Dictionary of Common Vulnerabilities and Exposures

Counterpane

Infosyssec - Security Portal for Information System Security Professionals

Security Software

Secure Point to Point Connection and File Sharing

Open Secure Shell - openSSH

Linux FreeS/WAN Secure point to point connection anywhere on the Internet, Strong Encryption. Developed outside the United States and not subject to US export restrictions.

Linux PPTP Server the PPTP Linux Server works with WinNT PPTP clients and C. S. Ananian's PPTP Linux clients. Virtual Private Networking technology enables the use the public Internet backbone for private data communications, encryption and encapsulation technology, permitting the carving out of a private channel/passageway through the Internet.

Bizee free download of V-ONE technology that permits secure connection with other users of the same technology. It performs authentication and uses 168-bit Triple DES encryption to secure e-commerce, as well as to encrypt data being transmitted as part of auctions, chat rooms, e-mail and classified advertisements. Adequate security has been a big obstacle to business-to-business commerce to date... July 1999

Gnutella

Gnut Linux/Unix console gnutella clone

Freenet (The Free Network Project Homepage) "Re-Wiring the Internet". Hosted by Source Forge "Freenet is a peer-to-peer network designed to allow the distribution of information over the Internet in an efficient manner, without fear of censorship. Freenet is completely decentralized, meaning that there is no person, computer, or organisation in control of Freenet or essential to its operation. This means that Freenet cannot be attacked like centralized peer-to-peer systems such as Napster. Freenet also employs intelligent routing and caching meaning that it learns to route requests more efficiently, automatically mirrors popular data, makes network flooding almost impossible, and moves data to where it is in greatest demand. All of this makes it much more efficient and scalable than systems such as Gnutella."

Mojo Nation claimed to be "a revolutionary new publishing and content-sharing network. [That]combines the flexibility of the marketplace and the distributed computing power of the Internet to go far beyond current filesharing systems... Mojo Nation is building an efficient, massively scalable and secure marketplace for distributors and consumers of digital content."

Wheres dot com Internet file sharing programs

Encrypted Files and Mail

#linux Linux Solutions

#commercial Commercial

UP - Ultimate Privacy

Speek Freely

Speak Free Secure fully encrypted Chat Program

Speak Freely Unix Windows

HushMail web based secure e-mail

Freedom "Untraceable" privacy system from ZeroKnowledge

1on1 Secure Mail The free-to-use service that requires the use of a sizable e-mail Windows PC client, which may be downloaded from the site or obtained on CD.

Mutt a pgp-aware mailer

SUIDNet "secure IRC network"

The International PGP Page

Top level home page for www.pgp.net

GPG - GNU Privacy Guard Download GPG which uses only free algorithms, and conforming to the OpenPGP standard

OpenPGP (RFC2440)

PGP Sites #fix

PGP DH v RSA FAQ

Linux Encryption Solutions

See also Linux Encryption

GPG - GNU Privacy Guard Download GPG which uses only free algorithms, and conforming to the OpenPGP standard

Project Aegypten (Free Software Sphinx-Clients) for Linux "The Sphinx project launched by German authorities aims to improve secure email exchange... Proprietary products are already on the way, but with the project ?gypten there is now also a Free Software solution going to be realized for popular mail user agents (sphinx-enabling KMail and mutt are essential goals)."

SuSE Linux (since v7.2) provides a Secure Crypto File System based on Twofish

The Linux Encryption-HOWTO Homepage Linux Encryption HOWTO by Marc Mutz

Encrypting Disks

Encrypting your Disks with Linux Doobee. R. Tzeck

PPDD requires recompiling (patching) the Linux kernel to allow strong encryption and a special device. Good documentation.

TCFS involves the running of a daemon which exports an encrypted filesystem as an NFS share.

Crypto Kernel Patch a patch for any given Linux kernel to make the loopback device use encryption algorithms.

BestCrypt Jetico

Steganography

Steghide

Outguess Steganography

StegFS - A Steganographic File System for Linux

Organizations

Internet Engineering Task Force

IEEE Computer Society

International Association for Cryptography Research

National Security Agency U.S.A.

National Institute of Standards and Technology NIST is an agency of the U.S. Commerce Department's Technology Administration

NCSA

DSS Defense Security Service

National Infrastructure Protection U.S. Department of Homeland Security

The Critical Infrastructure Assurance Office (CIAO) moved to the U.S. Department of Homeland Security

ANSI - American National Standards Institute

National Information Assurance Partnership

Office of Information Security

International Telecommunication Union

Internet Security Alliance a non-profit collaboration between EIA and Carnegie Mellon's CERT Coordination Center (CERT/CC), with a diverse and international membership

ETSI Telecom Standards

SET Secure Electronic Transactions

Association for Computing Machinery

SANS Institute

CSI - Computer Security Institute

TruSecure

CERT a center of Internet security expertise

Commercial

RSA Data Security RSA

RSA Security "the most trusted name in e-security"

RSA Security Incorporated owned key encryption patents (US) which expired September 26^th 2000.

Baltimore Security

Other

UP - Ultimate Privacy

VeriSign

Speek Freely

Speak Free Secure fully encrypted Chat Program

Speak Freely Unix Windows

Crypto-Central SHA algorithm MD5 etc. Delphi: Advanced encryption Components

Biometrics

The Biometric Consortium

The International Biometric Society

Biometrics A Journal of the International Biometric Society

Biometric Consortium

Biometrics

Biometric Encryption information

The Bio API

VeriSign

Quantum physics cryptography

NTT Japan

Almaden Research Lab IBM

Los Alamos

British Telecom