Go to file
2016-06-07 22:50:38 +03:00
.editorconfig Added tests and styleguide. 2016-05-25 21:02:12 +03:00
.gitattributes Added tests and styleguide. 2016-05-25 21:02:12 +03:00
.gitignore Travis file updated, since it was invalid. 2016-05-25 21:24:35 +03:00
.travis.yml Travis file updated, since it was invalid. 2016-05-25 21:24:35 +03:00
CONTRIBUTING.md Some style fixes, enforced new rules to the PR. 2016-06-02 23:38:31 +03:00
package.json Removed spacing in lists 2016-06-04 00:11:58 +03:00
README.md Added 'A Few Thoughts on Cryptographic Engineering' to Blogs (#6) 2016-06-07 22:50:38 +03:00

Awesome Cryptography Awesome

Build Status

A curated list of cryptography resources and links.


Theory

Algorithms

Symmetric encryption

  • 3DES - or Triple Data Encryption Algorithm (TDEA or Triple DEA) symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.
  • AES - is a symmetric-key block cipher algorithm and U.S. government standard for secure and classified data encryption and decryption (also known as Rijndael).
  • Blowfish - is a symmetric-key block cipher, designed in 1993 by Bruce Schneier. Notable features of the design include key-dependent S-boxes and a highly complex key schedule.

Asymmetric encryption

  • RSA - is one of the first practical public-key cryptosystems and is widely used for secure data transmission. In RSA, this asymmetry is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem.

Hash functions

  • MD5 - is a widely used hash function producing a 128-bit hash value. MD5 was initially designed to be used as a cryptographic hash function, but it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption.
  • SHA1 - is a cryptographic hash function designed by the NSA. SHA-1 produces a 160-bit hash value known as a message digest. SHA-1 is no longer considered secure against well-funded opponents.
  • SHA2 - is a set of hash functions designed by the NSA. SHA-256 and SHA-512 are novel hash functions computed with 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds.

Books

Courses

  • Applied Cryptography - Cryptography is present in everyday life, from paying with a credit card to using the telephone. Learn all about making and breaking puzzles in computing.
  • Crypto Strikes Back! - This talk will cover crypto vulnerabilities in widely-deployed systems and how the smallest oversight resulted in catastrophe.
  • Cryptography - Stanford University - This course explains the inner workings of cryptographic primitives and how to correctly use them. Students will learn how to reason about the security of cryptographic constructions and how to apply this knowledge to real-world applications.
  • Cryptography I - The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems.
  • Cybrary Cryptography - This online course we will cover how cryptography is the cornerstone of security, and how through its use of different encryption methods, such as ciphers, and public or private keys, you can protect private or sensitive information from unauthorized access.
  • Journey into cryptography - The course of cryptography by Khan Academy.
  • Practical Aspects of Modern Cryptography - Practical Aspects of Modern Cryptography, Winter 2006 University of Washington CSE.
  • Theory and Practice of Cryptography - Introduction to Modern Cryptography, Using Cryptography in Practice and at Google, Proofs of Security and Security Definitions and A Special Topic in Cryptography.

Tools

Standalone

  • blackbox - safely store secrets in Git/Mercurial/Subversion.
  • certbot - previously the Let's Encrypt Client, is EFF's tool to obtain certs from Let's Encrypt, and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
  • gpg - is a complete and free implementation of the OpenPGP standard. It allows to encrypt and sign your data and communication, features a versatile key management system. GnuPG is a command line tool with features for easy integration with other applications.

Plugins

Git

  • git-secret - A bash-tool to store your private data inside a git repository.

Frameworks and Libs

C

  • cryptlib - is an open source cross-platform software security toolkit library.
  • crypto-algorithms - Basic implementations of standard cryptography algorithms, like AES and SHA-1.
  • libgcrypt - is a cryptographic library developed as a separated module of GnuPG.
  • libtomcrypt - is a fairly comprehensive, modular and portable cryptographic toolkit.
  • NaCl - high-speed library for network communication, encryption, decryption, signatures, etc.
  • retter - a collection of hash functions, ciphers, tools and libraries.
  • RHash - Great utility for computing hash sums.
  • tiny-AES128-C - Small portable AES128 in C.
  • xxHash - Extremely fast hash algorithm.

C++

  • Bcrypt - a cross platform file encryption utility.
  • Botan - is a cryptography library written in C++11.
  • Crypto++ - Crypto++ Library is a free C++ class library of cryptographic schemes.
  • HElib - is a software library that implements homomorphic encryption (HE).
  • libsodium - a modern and easy-to-use crypto library.
  • Nettle - a low-level cryptographic library.
  • s2n - an implementation of the TLS/SSL protocols.

C-sharp

  • Bouncy Castle - All-purpose cryptographic library.
  • libsodium-net - libsodium for .NET - A secure cryptographic library.
  • PCLCrypto - provides cryptographic APIs over algorithms implemented by the platform, including exposing them to portable libraries.
  • StreamCryptor - Stream encryption & decryption with libsodium and protobuf.

Clojure

  • buddy-core - Cryptographic Api.
  • pandect - Fast and easy-to-use Message Digest, Checksum and HMAC library for Clojure.

Common Lisp

  • crypto-shortcuts - Collection of common cryptography functions.
  • ironclad - Collection of common crypto shortcuts.
  • trivial-ssh - an SSH client library for Common Lisp (Built on libssh2).

Delphi

  • DelphiEncryptionCompendium - Cryptographic library for Delphi.
  • LockBox - LockBox 3 is a Delphi library for cryptography.
  • SynCrypto - Fast cryptographic routines (hashing and cypher), implementing AES, XOR, RC4, ADLER32, MD5, SHA1, SHA256 algorithms, optimized for speed.
  • TForge - TForge is open-source crypto library written in Delphi, compatible with FPC.

Elixir

  • cipher - Elixir crypto library to encrypt/decrypt arbitrary binaries.
  • cloak - Cloak makes it easy to use encryption with Ecto.
  • comeonin - Password authorization (bcrypt) library for Elixir.
  • elixir-rsa - public_key cryptography wrapper for Elixir.
  • elixir_tea - TEA implementation in Elixir.
  • ex_crypto - Elixir wrapper for Erlang crypto and public_key modules. Provides sensible defaults for many crypto functions to make them easier to use.
  • exgpg - Use gpg from Elixir.
  • pot - Erlang library for generating one time passwords compatible with Google Authenticator.
  • siphash-elixir - Elixir implementation of the SipHash hash family.

Erlang

  • crypto - The functions for computation of message digests, and functions for encryption and decryption.

Go

  • crypto - Official Website Resources.
  • cryptoballot - Cryptographically secure online voting.
  • dedis/crypto - Advanced crypto library for the Go language.
  • gocrypto - Example source code for the Practical Crypto with Go book.

Haskell

Haxe

JavaScript

  • cryptojs - Provide standard and secure cryptographic algorithms for NodeJS.
  • javascript-crypto-library - The JavaScript Crypto Library provides web developers with an extensive and efficient set of cryptographic functions.
  • JShashes - Fast and dependency-free cryptographic hashing library for node.js and browsers (supports MD5, SHA1, SHA256, SHA512, RIPEMD, HMAC).
  • sjcl - Stanford Javascript Crypto Library.

Java

  • Apache Shiro - Performs authentication, authorization, cryptography and session management.
  • Bouncy Castle - All-purpose cryptographic library. JCA provider, wide range of functions from basic helpers to PGP/SMIME operations.
  • Google Keyczar - Easy to use, yet safe encryption framework with key versioning.
  • pac4j - Security engine.

Julia

  • Crypto.jl - a library that wraps OpenSSL, but also has pure Julia implementations for reference.

Lua

  • lua-lockbox - a collection of cryptographic primitives written in pure Lua.
  • LuaCrypto - Lua bindings to OpenSSL.

Objective-C

  • CocoaSecurity - AES, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, Base64, Hex.
  • RNCryptor - CCCryptor (AES encryption) wrappers for iOS and Mac.
  • Themis - High-level crypto library, providing basic asymmetric encryption.

PHP

  • halite - a simple library for encryption using libsodium.
  • PHP Encryption - This is a library for encrypting data with a key or password in PHP.
  • TCrypto - TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library.

Python

  • charm - a framework for rapidly prototyping cryptosystems.
  • cryptography - is a Python library which exposes cryptographic recipes and primitives.
  • cryptopy - is a pure python implmentation of cryptographic algorithms and applications.
  • Google Keyczar - Easy-to-use crypto toolkit.
  • hashids - Implementation of hashids in Python.
  • paramiko - a Python implementation of the SSHv2 protocol, providing both client and server functionality.
  • pycrypto - The Python Cryptography Toolkit.
  • pynacl - Python binding to the Networking and Cryptography (NaCl) library.

Ruby

  • RbNaCl - Ruby binding to the Networking and Cryptography (NaCl) library.

Rust

  • octavo - Highly modular & configurable hash & crypto library.
  • ring - Safe, fast, small crypto using Rust & BoringSSL's cryptography primitives.
  • rust-crypto - a (mostly) pure-Rust implementation of various cryptographic algorithms.
  • rust-openssl - OpenSSL bindings for Rust.
  • sodiumoxide - Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium).
  • suruga - TLS 1.2 implementation in Rust.
  • webpki - Web PKI TLS X.509 certificate validation in Rust.

Scala

  • scrypto - Cryptographic primitives for Scala.

Swift

  • CryptoSwift - Crypto related functions and helpers for Swift implemented in Swift programming language.
  • IDZSwiftCommonCrypto - a wrapper for Apple's Common Crypto library written in Swift.
  • OpenSSL - Swift OpenSSL for OS X and Linux.
  • SweetHMAC - a tiny and easy to use Swift class to encrypt strings using HMAC algorithms.
  • Swift-Sodium - Swift interface to the Sodium library for common crypto operations for iOS and OS X.
  • SwiftSSL - an Elegant crypto toolkit in Swift.

Resources

Web-tools

  • Crypo - Best encryption for network security.Encrypt or Decrypt sensitive data using AES/DES/RCA encryptors (security tools).
  • Cryptolab - is a set of cryptography related tools.
  • keybase.io - Keybase maps your identity to your public keys, and vice versa.

Web-sites

  • Cryptography Stackexchange - Cryptography Stack Exchange is a question and answer site for software developers, mathematicians and others interested in cryptography.
  • Cryptography Stackoverflow - Cryptography covers, among other things, encryption, hashing and digital signatures.
  • Garykessler Crypto - An Overview of Cryptography.
  • Learn Cryptography - is dedicated to helping people understand how and why the cryptographic systems they use everyday without realizing work to secure and protect their privacy.
  • Subreddit of Cryptography - This subreddit is intended for links and discussions surrounding the theory and practice of strong cryptography.
  • WebCryptoAPI - This specification describes a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.

Blogs

  • A Few Thoughts on Cryptographic Engineering - Some random thoughts about crypto.
  • Bristol Cryptography Blog - The official blog for the University of Bristol cryptography research group. It's a group blog, primarily targeted towards cryptographers and crypto students.
  • Charles Engelke's Blog - WebCrypto Blog Posts.
  • Root Labs rdist - Nate Lawson and his co-authors write on a variety of topics including hardware implementation, cryptographic timing attacks, DRM, and the Commodore 64.
  • Schneier on security - One of the oldest and most famous security blogs. Bruce covers topics from block cipher cryptanalysis to airport security.

Contributing

Your contributions are always welcome! Please take a look at the contribution guidelines first.

License

awesome-cryptography by sobolevn

To the extent possible under law, the person who associated CC0 with awesome-cryptography has waived all copyright and related or neighboring rights to awesome-cryptography.

You should have received a copy of the CC0 legalcode along with this work. If not, see http://creativecommons.org/publicdomain/zero/1.0/.