If you have any links which should be added to this list, please suggest a link
Real-time certificate transparency log update stream.
- A Few Thoughts on Cryptographic Engineering
Matthew Green's blog discusses his thoughts on cryptography.
- A Graduate Course in Applied Cryptography
A self-contained reference by Dan Boneh and Victor Shoup
- Advanced cryptographic ratcheting
Open Whisper Systems improvement to OTR's forward secrecy ratchet
- An Overview of Cryptography
A paper by Gary Kessler.
- Analysis of the Copial Cipher [PDF]
A description of the features of the book and the method by which the authors deciphered it.
- Basic Cryptanalysis
1990 Field Manual from the US Army
- Cipher Machines and Cryptology
Excellent site with lots of historical information
- Code Execution In Spite Of BitLocker
Bit-flipping in Bitlocker
- Crypto 101
an introductory course on cryptography
- Cryptobytes Newsletter
Historic archive of CryptoBytes, the technical newsletter from RSA Laboratories, the research center of RSA, The Security Division of EMC.
- Cryptographic Software Export Controls in the EU
Historic Masters Thesis (2000) by Simo-Pekka Parviainen of the University of Helsinki, Department of Public Law, Faculty of Law.
- Cryptography Stack Exchange
Questions and answers on PKI problems at Stack Exchange
- Elliptic Curve Cryptography: a gentle introduction
First of a 4-part guide to ECC
- ENIGMA - CodeProject
Some Enigma history and a software simulator
- Handbook of Applied Cryptography
Sample chapters from the Handbook of Applied Cryptography
- Introducing the timechain
Locking information until some time in the future.
- Joe Armstrong: Crypto Tutorial [pdf]
A work-in-progress cryptography tutorial document
- Manual One-time pad
'How to' on manually creating and using a one-time-pad along with some opsec tips
- Mike the Crypto Goat | Exploring Internet security, crypto and civil liberties.
Exploring Internet security, crypto and civil liberties.
- Minimal Perfect Hashing
Research paper on MPH
- Myths about /dev/urandom
Thoughts on /dev/random vs /dev/urandom for crypto use
- NIST's Key Management Standards
NIST's recommendations on Key Management best practices.
- NSA Cryptologs
Declassified NSA Internal technical publication 1974-1997
- Quantum proof Knapsack
Mathematicians propose quantum-computer proof encryption based pn Knapsack
- RSA: implementation and proofs
The maths behind RSA
- Secure Crypto: Weak Ciphers Be Gone! - Speaking of Security - The RSA Blog and Podcast
High-level overview of weak ciphers and why they should not be used
- The Brave New World of Bodacious Assumptions in Cryptography
Neal Koblitz and Alfred Menezes
- The Bristol Cryptography Blog
A blog for the cryptography group of the University of Bristol. To enable discussion on cryptography and other matters related to their research.
- The Cryptolaw survey
A survey of existing and proposed laws and regulations on cryptography.
- The Kalyna Block Cipher
New Encryption Standard of Ukraine
- The Matasano Crypto Challenges
a collection of 48 exercises that demonstrate attacks on real-world crypto
- The VIC Cipher
Soviet pen & paper cipher
Moxie Marlinspike's adventures, and an interesting blog which tackles current cryptography news.
- Time-lock encryption
Thoughts on time-locked files which can only be decrypted after a certain date.
- TripleSec - Symmetric Encryption in the Browser combining AES, Salsa20, and Twofish
Symmetric Encryption Library which encrypts data with Salsa 20, AES, and Twofish
- Venona Cypherpunks Archive
Archive of the Cypherpunks mailing list 1993-2000
Microsoft Certificate Services
- Bulletproof SSL and TLS: Understanding and deploying SSL/TLS and PKI to secure servers and web applications (Feisty Duck)
Highly recommended book - Understanding and deploying SSL/TLS and PKI to secure servers and web applications, by Ivan Ristic - also see the free extended excerpt 'OpenSSL Cookbook'
Real-time certificate transparency log update stream.
- Entrust - A guide to migrating to SHA-2
Entrust's advice and recommendations on migrating from the SHA-1 to SHA-2 hashing algorithm.
- GRC's | SSL/TLS Certificate Revocation Awareness – The case for OCSP Must-Staple
- How to act as your own certificate authority CA
Step by step guide to setting up your own CA infrastructure in a test lab
HTTPSWatch assigns every tracked site a rating approximating the quality of its HTTPS support
- IETF : Transport Layer Security (TLS) Jump Start
Proposal for an optional reduced TLS Handshake to reduce latency
- Implementation Problems on PKI
Implementation problems on PKI specifications. (2003)
- Is TLS Fast Yet?
Analysis of the overhead of TLS connection set-up.
- MD5 considered harmful today
Creating a rogue CA using MD5
- Non-repudiation in the digital environment | McCullagh | First Monday
Paper on Non-repudiation in the digital environment by Adrian McCullagh and William Caelli (2000)
- On the Security of RC4 in TLS
A page is about the security of RC4 encryption in TLS and WPA/TKIP.
- OpenSSL Command-Line HOWTO
Detailed list of the most useful OpenSSL commands
- OpenSSL: The Open Source toolkit for SSL/TLS
, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured
- PKI Posters
Posters showing the lifecycle of SSL certificates by Carl Mehner
- PKI Technical Standards
A comprehensive set of lists of applicable PKI standards.
- PolarSSL SSL Library
Alternative to OpenSSL
- Qualys SSL Labs
Useful tools and links relating to SSL/TLS
- Resources: White Papers, Integration Guides
Data Sheets - Entrust, Data Sheets, White Papers, Case Studies & More
- Revocable Self-signed Certificates using Blockchain
A proof of concept to allow self signed certificates to be validated and revoked via teh Bitcoin Blockchain
- Rolling out Public Key Pinning with HPKP Reporting
Why you should use HPKP Reporting
- Security/Server Side TLS - MozillaWiki
Mozilla recommended configurations for TLS
- Setup your IIS for SSL Perfect Forward Secrecy and TLS 1.2 | Hass
Powershell script to configure Perfect forward secrecy on an IIS 7.5 or 8 server. It also disables weak ciphers and SSL v2.
- SSL/TLS Deployment Best Practices (v 1.3.pdf)
SSL Labs SSL/TLS deployment best practices
- SSL/TLS Strong Encryption: An Introduction - Apache HTTP Server Version 2.4
A list of various concepts, definitions, and examples as a starting point for further exploration.
- Stupid certificate tricks
Interesting manipulation of the modulus to generate a certificate with an embedded message
- Symantec - 1024-bit certificate FAQs
FAQ from Symantec about 1024-bit certificates, how and why to migrate.
- The HTTPS-Only Standard
cio.gov overview of HTTPS
- The Trouble with Certificate Transparency » okTurtles Blog
Summary of Certificate Transparency, and some of the problems with its implementation.
- Transport Layer Protection Cheat Sheet - OWASP
OWASP Transport Layer Protection Cheat Sheet
- Troy Hunt: Everything you need to know about the Heartbleed SSL bug
Detailed analysis of the 'Heartbleed' OpenSSL bug
- Universal SSL: Encryption all the way to the origin, for free
Cloudflare Beta to secure the connection between Cloudflare and the target server for free.
- Why your A grade SSL is 'outdated cryptography' on Chrome
Moving a way from 'outdated cryptography'