Up to The World Wide Web Virtual Library

Cryptography

There are two kinds of cryptosystems: symmetric and asymmetric. Symmetric cryptosystems use the same key (the secret key) to encrypt and decrypt a message, and asymmetric cryptosystems use one key (the public key) to encrypt a message and a different key (the private key) to decrypt it. Assymetric cryptosystems are also called public key cryptosystems.

Symmetric cryptosystems have a problem: how do you transport the secret key from the sender to the recipient securely and in a tamperproof fashion? If you could send the secret key securely, then, in theory, you wouldn't need the symmetric cryptosystem in the first place -- because you would simply use that secure channel to send your message. Frequently, trusted couriers are used as a solution to this problem. Another, more efficient and reliable solution is a public key cryptosystem, such as RSA, which is used in the popular security tool PGP.

sci.crypt and sci.crypt.research are two USENET newsgroups that deal exclusively with cryptography. The latter is a moderated group.

Cryptography Web Sites, Publications, FAQs, and References

Bruce Schneier's Applied Cryptography (2nd Ed.) is the crypto Bible for the professional engineer and interested layman. It's a good survey of the state of the art in crypto techniques and protocols. You can also subscribe to and read back issues of Crypto-Gram, Bruce Schneier's monthly newsletter about cryptography.

FAQS and References

Recurring Publications

Crypto-gram is a monthly email newletter published by Bruce Schneier
CrytpoBytes, a technical newsletter on cryptography from RSA Laboratories

Books

Applied Cryptography (2nd Ed.) by Bruce Schneier (includes an errata sheet)
Handbook of Applied Cryptography by Alfred Menezes, Paul van Oorschot and Scott Vanstone
Building in Big Brother: The Cryptographic Policy Debate edited by Lance Hoffman

Cryptography Web Sites and Organizations

The Center for Democracy and Technology Cryptography Page
The Crypto Policy Archive at the Electronic Privacy Information Center (EPIC)
John Gilmore's Cryptography Export Control Archives
Crypto.com is Matt Blaze's Cryptography information Web site
Cryptography World has introductory information for beginners
International Association for Cryptologic Research (IACR)
The National Security Agency
The North American Cryptography Archives
Paul Leyland's cryptography FTP archive
The Public Key Cryptography Standards (PKCS) Archive at RSADSI
Ron Rivest's Cryptography and Security Page
Quadralay's Cryptography Archive
Vince Cate's Cryptorebel/Cypherpunk Page

Online Documents

Chaffing and Winnowing: Confidentiality without Encryption by Ron Rivest
Computer Generated Random Numbers by David W. Deley
The Crypto Anarchist Manifesto by Tim C. May
Diceware for Passphrase Generation and Other Cryptographic Applications by Arnold G. Reinhold
The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability by David Chaum, J. Cryptology (1988)
The Magic Words are Squeamish Ossifrage by D. Atkins, M. Graff, A. Lenstra, and P. Leyland
(This document is in PostScript format only.)
The Mathematical Guts of RSA Encryption by Francis Litterio
One-Time Pad FAQ
Online Cash Checks by David Chaum
P=?NP Doesn't Affect Cryptography by Arnold G. Reinhold
Survey on PGP Passphrase Usage by Arnold G. Reinhold
TEMPEST in a Teapot by Grady Ward (1993)
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms by David Chaum, Communications of the ACM
Why Are One-Time Pads Perfectly Secure? by Fran Litterio
Why Cryptography is Harder Than It Looks by Bruce Schneier

Anonymous E-Mail Remailers

Sending anonymous email via the Web
Global Internet Liberty Campaign Anonymous Remailer
Riot Anonymous Remailer (secure Web site)