Repository: claucece/useful-crypto-resources Branch: main Commit: ad819953354c Files: 21 Total size: 166.0 KB Directory structure: gitextract_s2e5c9k2/ ├── LICENSE ├── README.md ├── books_to_buy.md ├── cloudflare_tools.md ├── conferences/ │ ├── 2017.md │ └── 2018.md ├── cryptocurrencies.md ├── current_projects.md ├── install.md ├── invest.md ├── like/ │ ├── communication.md │ └── things_like.md ├── math.md ├── messaging.md ├── pets/ │ └── 2017.md ├── problems-libs.md ├── programming.md ├── quantum_crypto/ │ └── crypto.md ├── quantum_physics/ │ └── articles.md ├── tools.md └── vim_stuff.md ================================================ FILE CONTENTS ================================================ ================================================ FILE: LICENSE ================================================ MIT License Copyright (c) 2017 cherenkov Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: README.md ================================================ # Useful Crypto-related Resources This repository contains resources that I considered useful. It is a personal repository. ## General * [Non-Malleable Cryptography](https://www.cs.huji.ac.il/~dolev/pubs/nmc.pdf) by Danny Dolev, Cynthia Dwork, Moni Naor * [The Uneasy Relationship Between Mathematics and Cryptography](https://www.ams.org/notices/200708/tx070800972p.pdf) by Neal Koblitz * [Another Look at “Provable Security”](https://eprint.iacr.org/2004/152.pdf) by Neal Koblitz and Alfred J. Menezes ## Authenticated Encryption * [Challenges in Authenticated Encryption](https://chae.cr.yp.to/chae-20170301.pdf) by Daniel J. Bernstein * [Boosting Authenticated Encryption Robustness With Minimal Modifications](https://eprint.iacr.org/2017/239.pdf) by Tomer Ashur, Orr Dunkelman, and Atul Luykx ## AKE * [An Efficient Protocol for Authenticated Key Agreement](http://cacr.uwaterloo.ca/techreports/1998/corr98-05.pdf) by Laurie Law, Alfred Menezes, Minghua Qu, Jerry Solinas. * [Two-party authenticated key exchange protocol using lattice-based cryptography](https://eprint.iacr.org/2016/761.pdf) by Xiaopeng Yang and Wenping Ma * [The X3DH Key Agreement Protocol](https://whispersystems.org/docs/specifications/x3dh/x3dh.pdf) by Moxie Marlinspike and Trevor Perrin * [Deniable Authentication and Key Exchange](https://eprint.iacr.org/2006/280.ps) by Mario Di Raimondo, Rosario Gennaro and Hugo Krawczyk * [A non-interactive deniable authentication scheme in the standard model](https://pdfs.semanticscholar.org/61bb/605cba4226c15b2733e6e8ee22d900a9200b.pdf?_ga=2.69522008.931186499.1496171578-1355135719.1496171572) by Bin Wang, Qing Zhao and Ke Dai * [A non-interactive deniable authentication scheme in the standard model](https://www.semanticscholar.org/paper/A-non-interactive-deniable-authentication-scheme-i-Wang-Zhao/61bb605cba4226c15b2733e6e8ee22d900a9200b) by Bin Wang, Qing Zhao and Ke Dai * [Authenticated Key Exchange from Ideal Lattices](https://eprint.iacr.org/2014/589.pdf) by Jiang Zhang, Zhenfeng Zhang, Jintai Ding, Michael Snook, and Ozgür Dagdelen ## Network Protocols * [Security Analysis of Network Protocols](http://web.stanford.edu/class/cs259/WWW08/slides/01-Introduction.pdf) by John Mitchell ### TLS * [Encrypting the Internet with Go](https://www.youtube.com/watch?v=CB_VfgwPmxQ) by Filippo Valsorda * [SSL and HTTPS](https://www.youtube.com/watch?v=S2iBR2ZlZf0) by Nickolai Zeldovich and their [notes](https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/lecture-notes/MIT6_858F14_lec14.pdf) * [The New Illustrated TLS Connection](https://tls13.ulfheim.net/) * [TLS Handshake : Under The Hood](https://medium.com/@technospace/tls-handshake-under-the-hood-79d20c0020de#) by Sathya Bandara * [Keyless](https://blog.cloudflare.com/announcing-keyless-ssl-all-the-benefits-of-cloudflare-without-having-to-turn-over-your-private-ssl-keys/) * [Keyless: details](https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/) * [CFSSL](https://blog.cloudflare.com/introducing-cfssl/) by Nick Sullivan * [A Comprehensive Symbolic Analysis of TLS 1.3](https://acmccs.github.io/papers/p1773-cremersA.pdf) by Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott and Thyla van der Merwe * [Introducing Zero Round Trip Time Resumption (0-RTT)](https://blog.cloudflare.com/introducing-0-rtt/) by Nick Sullivan * [Even faster connection establishment with QUIC 0-RTT resumption](https://blog.cloudflare.com/even-faster-connection-establishment-with-quic-0-rtt-resumption/) by Alessandro Ghedini * [The QUIC Transport Protocol: Design and Internet-Scale Deployment](https://storage.googleapis.com/pub-tools-public-publication-data/pdf/8b935debf13bd176a08326738f5f88ad115a071e.pdf) by Adam Langley, Alistair Riddoch, Alyssa Wilk, Antonio Vicente, Charles Krasic, Dan Zhang, Fan Yang, Fedor Kouranov, Ian Swett, Janardhan Iyengar, Jeff Bailey, Jeremy Dorfman, Jim Roskind, Joanna Kulik, Patrik Westin, Raman Tenneti, Robbie Shade, Ryan Hamilton, Victor Vasiliev, Wan-Teh Chang, Zhongyi Shi * [Benchmarking Post-Quantum Cryptography in TLS](https://eprint.iacr.org/2019/1447.pdf) by Christian Paquin, Douglas Stebila and Goutam Tamvada ## X509/ASN.1 * [Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile](https://tools.ietf.org/html/rfc5280) by D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk * [A Layman's Guide to a Subset of ASN.1, BER, and DER](http://luca.ntop.org/Teaching/Appunti/asn1.html) by Burton S. Kaliski Jr. * [New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)](https://tools.ietf.org/pdf/rfc5912.pdf) by P. Hoffman and J. Schaad * [Abstract Syntax Notation One (ASN.1): Specification of basic notation](https://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf) by INTERNATIONAL TELECOMMUNICATION UNION ## OTR ### OTRv2 * [Finite-State Security Analysis of OTR Version 2](http://www.jbonneau.com/doc/BM06-OTR_v2_analysis.pdf) by Joseph Bonneau and Andrew Morrison. * [Protocol](https://otr.cypherpunks.ca/Protocol-2.0.2.txt) by Nikita Borisov and Ian Goldberg. * [Secure Off-the-Record Messaging](https://www.dmi.unict.it/diraimondo/web/wp-content/uploads/papers/otr.pdf) by Mario Di Raimondo, Rosario Gennaro and Hugo Krawczyk ### OTRv3 * [Timeframe](https://bugs.otr.im/lib/libotr/blob/master/src/message.h#L259) ### Multiparty * [Multi-party Off-the-Record Messaging](https://www.cypherpunks.ca/~iang/pubs/mpotr.pdf) by Ian Golberg et Al. * [Improved Group Off-the-Record Messaging](https://www-users.cs.umn.edu/~hoppernj/gotr.pdf) by Hong Liu, Eugene Y. Vasserman and Nicholas Hopper * [Improved Deniable Signature Key Exchange for mpOTR](https://matt.singlethink.net/projects/mpotr/improved-dske.pdf) by Matthew Van Gundy ### Usability * [Improved User Authentication in Off-The-Record Messaging](http://www.cypherpunks.ca/~iang/pubs/impauth.pdf) by Chris Alexander and Ian Goldberg * [A User Study of Off-the-Record Messaging](http://www.cypherpunks.ca/~iang/pubs/otr_userstudy.pdf) by Ryan Stedman, Kayo Yoshida and Ian Goldberg ## Signal Protocol * [A Formal Security Analysis of the Signal Messaging Protocol](https://eprint.iacr.org/2016/1013.pdf) by Katriel Cohn-Gordon, Cas Cremers, Benjamin Dowling, Luke Garratt and Douglas Stebila. * [How Secure is TextSecure?](https://eprint.iacr.org/2014/904.pdf) by Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jorg Schwenk and Thorsten Holz. * [Technology preview: Private contact discovery for Signal](https://signal.org/blog/private-contact-discovery/) * [Is Bob Sending Mixed Signals?](https://www-users.cs.umn.edu/~hoppernj/mixed_signals_wpes17.pdf) by Michael Schliep, Ian Kariniemi and Nicholas Hopper. ## Zero Knowledge Proof * [Multiple Non-Interactive Zero Knowledge Proofs Based on a Single Random String](https://www.computer.org/csdl/proceedings/focs/1990/2082/00/089549.pdf) by Uriel Feige, Dror Lapidot and Adi Shamir. ## Ciphers * [So you want to use an alternative cipher…](https://blog.cryptographyengineering.com/2012/10/09/so-you-want-to-use-alternative-cipher/) by Matthew Green. * [Why switch from AES to a new stream cipher?](https://cr.yp.to/streamciphers/why.html) by Daniel Bernstein. ### Stream cipher #### Nonce * [Introducing Miscreant: a multi-language misuse resistant encryption library](https://tonyarcieri.com/introducing-miscreant-a-multi-language-misuse-resistant-encryption-library) by Tony Arceri * [Nonce misuse resistance 101](https://www.lvh.io/posts/nonce-misuse-resistance-101.html) by lvh * [Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance](http://web.cs.ucdavis.edu/~rogaway/papers/oae.pdf) by Viet Tung Hoang, Reza Reyhanitabar, Phillip Rogaway and Damian Vizár #### AES * [Another New AES Attack](https://www.schneier.com/blog/archives/2009/07/another_new_aes.html) by Bruce Schneier #### Salsa 20 * [Salsa20 security](https://cr.yp.to/snuffle/security.pdf) by Daniel J. Bernstein. * [Notes on the Salsa20 key size](https://cr.yp.to/snuffle/keysizes.pdf) by Daniel J. Bernstein. * [Notes](https://cr.yp.to/snuffle.html) #### XSalsa20 * [Extending the Salsa20 nonce](http://cr.yp.to/snuffle/xsalsa-20081128.pdf) by Daniel J. Bernstein. * [Notes on the Salsa20 key size](https://cr.yp.to/snuffle/keysizes.pdf) by Daniel J. Bernstein. * [Implementation](https://github.com/golang/crypto/blob/master/nacl/secretbox/secretbox.go) in NaCl #### ChaCha20 * [ChaCha20 and Poly1305 for IETF Protocols](https://tools.ietf.org/html/rfc7539) by Y. Nir and A. Langley * [ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS)](https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04) by A. Langley, W. Chang, N. Mavrogiannopoulos, J. Strombergson and S. Josefsson #### Analysis of Salsa, ChaCha and Rumba * [New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba](http://cr.yp.to/rumba20/newfeatures-20071218.pdf) by Jean-Philippe Aumasson, Simon Fischer, Shahram Khazaei, Willi Meier, and Christian Rechberger * [Improved Key Recovery Attacks on Reduced-Round Salsa20 and ChaCha](https://link.springer.com/chapter/10.1007/978-3-642-37682-5_24) by Zhenqing Shi, Bin Zhang, Dengguo Feng and Wenling Wu ### Blockcipher #### In general * [Evaluation of Some Blockcipher Modes of Operation](http://web.cs.ucdavis.edu/~rogaway/papers/modes.pdf) by Phillip Rogaway. ## Symmetric key algorithm ### DES * [On the Security of Multiple Encryption](http://cs.jhu.edu/~sdoshi/crypto/papers/p465-merkle.pdf) by Ralph C. Merkle and Martin E. Hellman ## Key Exchange ### Theory * [Entity Authentication and Key Distribution](https://cseweb.ucsd.edu/~mihir/papers/eakd.pdf) by Mihir Bellare and Phillip Rogaway * [Key Agreement Protocols and their Security Analysis](https://pdfs.semanticscholar.org/fdb0/3a4a533e09b71b18045ba85ba9978de65a2d.pdf) by Simon Blake-Wilson, Don Johnson and Alfred Menezes. ### With Anonymous Authentication * [Key Exchange with Anonymous Authentication using DAA-SIGMA Protocol](https://eprint.iacr.org/2010/454.pdf) by Jesse Walker and Jiangtao Li ### Degenerate * [Degenerate Keys for RSA Encryption](https://pdfs.semanticscholar.org/2a2e/6585b83949cc13e58444f7b4435cf76d2920.pdf) by Seth D. Bergmann * [Info](https://books.google.de/books?id=amW5BQAAQBAJ&pg=PA205&lpg=PA205&dq=check+for+degenerate+key+crypto&source=bl&ots=IChUHyW5O8&sig=WC1JF6QumuLoX_k9lnql_5Aee8c&hl=es-419&sa=X&sqi=2&ved=0ahUKEwjQybzEsZDSAhVnwYMKHfjFDHsQ6AEILDAC#v=onepage&q=check%20for%20degenerate%20key%20crypto&f=false) * [Degenerate Curve Attacks](https://eprint.iacr.org/2015/1233.pdf) by Samuel Neves and Mehdi Tibouchi ### Fault Attacks * [Fault-resistant calculcations on elliptic curves](https://www.google.com/patents/US8457303) by Marc Joye ### Diffie Hellman * [New directions in Cryptography](https://www-ee.stanford.edu/~hellman/publications/24.pdf) by Diffie and Hellman. * [Diffie-Hellman key exchange](http://www.math.ucla.edu/~baker/40/handouts/rev_DH/node1.html) by Nikos Drakos * [Diffie-Hellman Key Agreement Method](https://www.ietf.org/rfc/rfc2631.txt) by E. Rescorla * [Diffie-Hellman parameters](https://wiki.openssl.org/index.php/Diffie-Hellman_parameters) by OpenSSL * [Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice](https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf) by David Adrian et al * [Diffie-hellman](https://www.cryptopp.com/wiki/Diffie-hellman#Key_Agreement_and_Transport) by Crypto++ * [Public key parameters](http://cacr.uwaterloo.ca/hac/about/chap4.pdf#page=164) * [A One Round Protocol for Tripartite Diffie–Hellman](https://pdfs.semanticscholar.org/845e/96c20e5a5ff3b03f4caf72c3cb817a7fa542.pdf) by Antoine Joux * [The Decision Diffie-Hellman Problem](http://crypto.stanford.edu/~dabo/pubs/papers/DDH.pdf) by Dan Boneh * [On Diffie-Hellman key agreement with short exponents](https://www.google.com.ec/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwitwcqf_ObVAhVE5iYKHZ3VA0IQFggkMAA&url=https%3A%2F%2Fpdfs.semanticscholar.org%2F2b39%2F13d1dfcb1dc90463a37edfe606922f093e97.pdf&usg=AFQjCNEm-aBpKhd81J4NHqA81MLS0DOK9g) by P. C. van Oorschot and M. J. Wiener * [Diffie-Hellman Key Agreement Method](https://tools.ietf.org/html/rfc2631) by E. Rescorla * [Additional Diffie-Hellman Groups for Use with IETF Standards](https://tools.ietf.org/html/rfc5114) by M. Lepinski and S. Kent * [HMQV: A High-Performance Secure Diffie-Hellman Protocol](https://eprint.iacr.org/2005/176.pdf) by Hugo Krawczyk * [More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)](https://www.ietf.org/rfc/rfc3526.txt) by T. Kivinen and M. Kojo * [IEEE Standard Specifications for Public-Key Cryptography](https://perso.telecom-paristech.fr/guilley/recherche/cryptoprocesseurs/ieee/00891000.pdf) * [HMQV: A High-Performance Secure Diffie-Hellman Protocol](https://eprint.iacr.org/2005/176.pdf) by Hugo Krawczyk #### Validation * [Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2](https://tools.ietf.org/html/rfc6989#section-2.1) by Y. Sheffer Porticor, S. Fluhrer * [Methods for Avoiding the "Small-Subgroup" Attacks on the Diffie-Hellman Key Agreement Method for S/MIME](https://tools.ietf.org/html/rfc2785) by R. Zuccherato #### Attacks * [Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems](https://42xtjqm0qj0382ac91ye9exr-wpengine.netdna-ssl.com/wp-content/uploads/2015/08/TimingAttacks.pdf) by Paul C. Kocher * [On reusing ephemeral keys in Diffie-Hellman key agreement protocols](http://cacr.uwaterloo.ca/techreports/2008/cacr2008-24.pdf) by Alfred Menezes and Berkant Ustaoglu * [A lesson in timing attacks](https://codahale.com/a-lesson-in-timing-attacks/) by codahale * [Measuring small subgroup attacks against Diffie-Hellman](https://eprint.iacr.org/2016/995.pdf) by Luke Valenta, David Adrian, Antonio Sanso, Shaanan Cohney, Joshua Fried, Marcella Hastings, J. Alex Halderman and Nadia Heninger. [Slides](https://www.seas.upenn.edu/~lukev/files/subgroup-slides.pdf) * [Remote Timing Attacks are Practical](http://crypto.stanford.edu/~dabo/pubs/papers/ssl-timing.pdf) by David Brumley and Dan Boneh * [Why Constant-Time Crypto?](https://www.bearssl.org/constanttime.html) ### Cramer-Shoup * [Cramer Shoup Cryto-System Java implementation](https://github.com/omoeller/cramshou) by omoeller (not audited). * [Cramer Shoup Cryto-System Python implementation](https://github.com/benkreuter/cca2python) by benkreuter. ### ElGamal * [A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms](http://caislab.kaist.ac.kr/lecture/2010/spring/cs548/basic/B02.pdf) by Taher ElGamal * [ElGamal:Public-Key Cryptosystem](http://cs.indstate.edu/~jgrewal/steps.pdf) by Jaspreet Kaur Grewal ### Dual Receiver Encryption * [The Dual Receiver Cryptosystem and Its Applications](https://www.cs.columbia.edu/~angelos/Papers/combo.pdf) by Theodore Diament, Homin K. Lee, Angelos D. Keromytis and Moti Yung * [Practical Dual-Receiver Encryption Soundness, Complete Non-Malleability, and Applications](https://eprint.iacr.org/2013/858.pdf) by Sherman S.M. Chow, Matthew Franklin, and Haibin Zhang ### Elliptic Curve #### Theory * [Elliptic Curves Number Theory and Cryptography](http://people.cs.nctu.edu.tw/~rjchen/ECC2012S/Elliptic%20Curves%20Number%20Theory%20And%20Cryptography%202n.pdf) by Lawrence C. Washington * [Isogenincs](http://math.mit.edu/classes/18.783/LectureNotes5.pdf) for a MIT class. * [Compact representation of an elliptic curve point](https://tools.ietf.org/html/draft-jivsov-ecc-compact-05): This document defines a format for efficient storage representation of an elliptic curve point over prime fields, suitable for use with any IETF format or protocol by A. Jivsov * [Point Generation And Base Point Selection In ECC: An Overview](http://www.ijarcce.com/upload/2014/may/IJARCCE7J%20%20a%20moumita%20Point%20Generation%20And%20Base.pdf) by Moumita Roy1, Nabamita Deb2, Amar Jyoti Kumar. * [SEC 1: Elliptic Curve Cryptography](http://www.secg.org/sec1-v2.pdf) by Certicom Research. * [Elliptic Curves for Security](https://www.ietf.org/rfc/rfc7748.txt) by A. Langley and M. Hamburg. This memo specifies two elliptic curves over prime fields that offer a high level of practical security in cryptographic applications, including Transport Layer Security (TLS). These curves are intended to operate at the ~128-bit and ~224-bit security level, respectively, and are generated deterministically based on a list of required properties. * [ECC2015-Notes](https://github.com/FredericJacobs/ECC2015-Notes) by Frederic Jacobs * [Graphs](https://cryptojedi.org/misc/pstricks.shtml) * [How to design an elliptic-curve signature system](https://blog.cr.yp.to/20140323-ecdsa.html) by blog.cr.yp.to * [Generating Elliptic Curves of Prime Order](http://people.oregonstate.edu/~schmidtt/ourPapers/SavasKoc/ches01curve.pdf) by Erkay Sava, Thomas A. Schmidt, and Cetin K. Koc * [Extended coordinates with a=-1 for twisted Edwards curves](http://www.hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html) * [Elliptic Curves Suitable for Cryptosystems](https://grampus.jaist.ac.jp/miyaji-lab/member/PaperPS/SCIS93-10B.pdf) by Atsuko Miyaji * [Elliptic curves](http://library.msri.org/books/Book44/files/07poonen.pdf) by Bjorn Poonen * [Rigid Parameter Generation for Elliptic Curve Cryptography](https://tools.ietf.org/html/draft-black-rpgecc-01#page-6) by B. Black, J. Bos, C. Costello, A. Langley, P. Longa and M. Naehrig * [Tutorial](https://www.youtube.com/watch?v=w2V2dyL1LO8) by Tanja Lange * [ECC hacks](https://www.youtube.com/watch?v=vEt-D8xZmgE) by Tanja Lange * [Curves Formulas](http://www.hyperelliptic.org/EFD/) by Tanja Lange * [512-bit twisted Edwards curve and curve generation methods in Russian standardization](https://www.ietf.org/mail-archive/web/cfrg/current/msg05975.html) by Stanislav V. Smyshlyaev * Programming: [Sage: Elliptic curves over a general field](http://doc.sagemath.org/html/en/reference/curves/sage/schemes/elliptic_curves/ell_field.html) * [Weierstrass coefficients of the canonical lifting](https://www.math.utk.edu/~finotti/papers/wcoef.pdf) by Luis R. A. Finotti * [Weierstrass equation or model](http://www.lmfdb.org/knowledge/show/ec.weierstrass_coeffs) * [Elliptic Curves, Lattices, and the Upper Half-Plane](https://www.hdevalence.ca/blog/2012-10-31-elliptic-curves-lattices-and-the-upper-half-plane) * [Elliptic Curve Cryptography: a gentle introduction](http://andrea.corbellini.name/2015/05/17/elliptic-curve-cryptography-a-gentle-introduction/) by Andrea Corbellini * [Curves with a Twist](https://ripple.com/dev-blog/curves-with-a-twist/) * [Elliptic vs Hyperelliptic](https://www.yumpu.com/en/document/view/51546701/tanja-lange) by Tanja Lange * [Sign Change Fault Attacks On Elliptic Curve Cryptosystems](https://eprint.iacr.org/2004/227.pdf) by Johannes Blömer, Martin Otto and Jean-Pierre Seifert * [An exploration of affine group laws for elliptic curves](https://www.degruyter.com/view/j/jmc.2011.5.issue-1/jmc.2011.005/jmc.2011.005.xml) by Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter and Ed Dawson * [A Las Vegas algorithm to solve the elliptic curve discrete logarithm problem](https://arxiv.org/pdf/1703.07544.pdf) by Ayan Mahalanobis and Vivek Mallick * [On isogeny classes of Edwards curves over finite fields](http://www.sciencedirect.com/science/article/pii/S0022314X1200025X) by Omran Ahmadi and Robert Granger * [Explicit-Formulas Database](https://hyperelliptic.org/EFD/) by Tanja Lange * [Validation of Elliptic Curve Public Keys](https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf) by Adrian Antipa, Daniel Brown, Alfred Menezes, René Struik and Scott Vanstone * [Fast genus 2 arithmetic based on Theta functions](https://eprint.iacr.org/2005/314.ps) by P. Gaudry * [Point Generation And Base Point Selection In ECC: An Overview](https://www.ijarcce.com/upload/2014/may/IJARCCE7J%20%20a%20moumita%20Point%20Generation%20And%20Base.pdf) by Moumita Roy, Nabamita Deb and Amar Jyoti Kumar * [Fundamental Elliptic Curve Cryptography Algorithms](https://tools.ietf.org/html/rfc6090#section-8) by D. McGrew, K. Igoe and M. Salter * [Elliptic Curve Groups modulo a Prime (ECP Groups) for IKE and IKEv2](https://tools.ietf.org/html/rfc5903) by D. Fu and J. Solinas * [Elliptic Curve Cryptography in Practice](https://eprint.iacr.org/2013/734.pdf) by Joppe W. Bos, J. Alex Halderman, Nadia Heninger, Jonathan Moore, Michael Naehrig and Eric Wustrow * [Why Ellipses Are Not Elliptic Curves](https://www.maa.org/sites/default/files/pdf/upload_library/2/Rice-2013.pdf) by Adrian Rice and Ezra Brown * [Visualization](http://ecc.iteg.at/) by Wolfgang Glas * [Elliptic Curves, Group Law, and Efficient Computation](https://core.ac.uk/download/pdf/10898289.pdf) by Hüseyin Hisil. The [presentation](https://www.ucc.ie/en/media/academic/centreforplanningeducationresearch/EDawson.pdf) * [Some notes](https://crypto.stanford.edu/pbc/notes/elliptic/group.html) by Benn Lynn * [SEC 1: Elliptic Curve Cryptography](http://www.secg.org/sec1-v2.pdf) by Daniel R. L. Brown * [BLS signatures, hashing to curves, and more dispatches from the IETF](https://www.youtube.com/watch?v=5HB8QBoBv98) * [Sage](http://blog.bjrn.se/2015/07/lets-construct-elliptic-curve.html) * [The Jacobi Model of an Elliptic Curve and Side-Channel Analysis])https://eprint.iacr.org/2002/125.pdf) by Olivier Billet and Marc Joye #### Encoding * [Rational points on certain hyperelliptic curves over finite fields](https://arxiv.org/pdf/0706.1448.pdf) by Maciej Ulas * [Construction of Rational Points on Elliptic Curves over Finite Fields](https://pdfs.semanticscholar.org/8986/08930ce6485a61f2f37977fc7f6420093710.pdf) by Andrew Shallue and Christiaan E. van de Woestijne * [Compression and decompression of elliptic curve data points](https://patents.google.com/patent/US6252960) * [Encoding points in hyperelliptic curves over finite fields in deterministic polynomial time](https://arxiv.org/pdf/1005.1454.pdf) by Jean-Gabriel Kammerer, Reynald Lercier, and Guénaël Renault #### Twist * [Twist Insecurity](http://eprint.iacr.org/2015/577.pdf) by Manfred Lochter and Andreas Wiemers * [Twist security](http://safecurves.cr.yp.to/twist.html) #### Jacobic * [The Jacobi Model of an Elliptic Curve and Side-Channel Analysis](https://eprint.iacr.org/2002/125.pdf) by Olivier Billet and Marc Joye #### Kummer varieties * [Arithmetic on Abelian and Kummer Varieties](https://eprint.iacr.org/2014/493.pdf) by David Lubicz And Damien Robert #### In general * [Elliptic Curves for Security draft-irtf-cfrg-curves-02](https://tools.ietf.org/html/draft-irtf-cfrg-curves-02#section-6.2): an algorithm for deterministically generating parameters for elliptic curves over prime fields by A. Langley. * [Elliptic Curves for Security](https://tools.ietf.org/html/rfc7748) by A. Langley and M. Hamburg. * [A brief discussion on selecting new elliptic curves](http://csrc.nist.gov/groups/ST/ecc-workshop-2015/papers/session4-costello-craig.pdf) by Craig Costello, Patrick Longa, and Michael Naehrig * [Curve41417: Karatsuba revisited](http://eprint.iacr.org/2014/526.pdf) by Daniel J. Bernstein, Chitchanok Chuengsatiansup, and Tanja Lange * [Cryptography in NaCl](https://cr.yp.to/highspeed/naclcrypto-20090310.pdf) by Daniel J. Bernstein. Pretty interesnting for sage. * [Subtraction](http://crypto.stackexchange.com/questions/11316/subtracting-a-point-in-elliptic-curve-cryptography) * [Elliptic curve point multiplication](https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication) in Wikipedia. * [Explicit Addition Formulae](https://crypto.stanford.edu/pbc/notes/elliptic/explicit.html) * [Elliptic curve point multiplication](https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Point_multiplication) * [Elliptic vs. hyperelliptic](https://cr.yp.to/talks/2006.09.20/slides.pdf) by Daniel Bernstein * [Operations](http://www.hyperelliptic.org/EFD/g1p/auto-edwards-projective.html#addition-add-2007-bl) by Tanja Lange #### Courses * [MIT course](https://ocw.mit.edu/courses/mathematics/18-783-elliptic-curves-spring-2017/lecture-notes/) #### Conversions * [Fault Attacks on Projective-to-Affine Coordinates Conversion](https://cosade.telecom-paristech.fr/cosade13/presentations/session2_b.pdf) by Diana Maimut, C´edric Murdica, David Naccache and Mehdi Tibouchi. Presentation * [Fault Attacks on Projective-to-Affine Coordinates Conversion](https://books.google.com.ec/books?id=c_y5BQAAQBAJ&pg=PA46&lpg=PA46&dq=toaffine+ecc&source=bl&ots=twi-3g-Ea7&sig=UWNbVQLkW-DSKAk0E2Bw-bG5I4s&hl=en&sa=X&ved=0ahUKEwjajLqVh6LSAhUp04MKHVWZDQUQ6AEISzAI#v=onepage&q=toaffine%20ecc&f=false) by Diana Maimut, C´edric Murdica, David Naccache and Mehdi Tibouchi. Pdf ### wNafs * [wNAF\*, an Efficient Left-to-Right Signed Digit Recoding Algorithm](https://link.springer.com/chapter/10.1007/978-3-540-68914-0_26) by Brian King * [Signed Binary Representations Revisited](https://www.iacr.org/archive/crypto2004/31520122/crypto04_camready2.pdf) by Katsuyuki Okeya, Katja Schmidt-Samoa, Christian Spahn, and Tsuyoshi Takagi #### Ideas * [DNS Curves](https://dnscurve.org/index.html) #### EC255219 * [Curve25519: new Diffie-Hellman speed records](https://cr.yp.to/ecdh/curve25519-20060209.pdf) by Daniel J. Bernstein * [A state-of-the-art Diffie-Hellman function](https://cr.yp.to/ecdh.html#curve25519-paper) by Daniel J. Bernstein * [Usage](https://ianix.com/pub/curve25519-deployment.html) * [A state-of-the-art Diffie-Hellman function - Code](http://cr.yp.to/ecdh.html) by Daniel J. Bernstein * [Benchmark](http://bench.cr.yp.to/impl-scalarmult/curve25519.html) * [Toy implementatio](https://sourceforge.net/p/strobe/code/ci/master/tree/x25519.c) * [High-speed Curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers](http://eprint.iacr.org/2015/343.pdf) by Michael Düll, Björn Haase, Gesine Hinterwälder, Michael Hutter, Christof Paar and Ana Helena Sánchez * [May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519](https://eprint.iacr.org/2017/806.pdf) by Daniel Genkin, Luke Valenta and Yuval Yarom ### Edwards Curve * [Twist Insecurity](http://eprint.iacr.org/2015/577.pdf) by Manfred Lochter and Andreas Wiemers * [Faster Addition and Doubling on Elliptic Curves](http://download.springer.com/static/pdf/846/chp%253A10.1007%252F978-3-540-76900-2_3.pdf?originUrl=http%3A%2F%2Flink.springer.com%2Fchapter%2F10.1007%2F978-3-540-76900-2_3&token2=exp=1483841050~acl=%2Fstatic%2Fpdf%2F846%2Fchp%25253A10.1007%25252F978-3-540-76900-2_3.pdf%3ForiginUrl%3Dhttp%253A%252F%252Flink.springer.com%252Fchapter%252F10.1007%252F978-3-540-76900-2_3*~hmac=06e0fd268cf19d93fc5ef5f63da7b76ee9a37f84e1700968eed20c8142f77f04) by Daniel J. Bernstein and Tanja Lange. * [Twisted Edwards Curves](https://eprint.iacr.org/2008/013.pdf) by Daniel J. Bernstein, Peter Birkner, Marc Joye, Tanja Lange, and Christiane Peters * [Twisted Edwards Curves Revisited](http://iacr.org/archive/asiacrypt2008/53500329/53500329.pdf) by Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson. * [On isogeny classes of Edwards curves over finite fields](https://eprint.iacr.org/2011/135.pdf) by Omran Ahmadi and Robert Granger * [Collective Edwards-Curve Digital Signature Algorithm](https://datatracker.ietf.org/doc/draft-ford-cfrg-cosi/) * [Multiquadratics](https://multiquad.cr.yp.to/software.html) ### X448 * [Implementation](https://git.schwanenlied.me/yawning/x448) #### Theory #### Encoding * [Deterministic Encoding into Twisted Edwards Curves](https://www.researchgate.net/publication/304621009_Deterministic_Encoding_into_Twisted_Edwards_Curves) by Wei Yu, Kunpeng Wang, Bao Li and Song Tian. #### ed448 * [Ed448-Goldilocks](http://ed448goldilocks.sourceforge.net/) by sourceforge. * [Mike Hamburg Implementation](https://sourceforge.net/p/ed448goldilocks/code/ci/decaf/tree/). * [STRIKE implementation](https://github.com/twstrike/ed448). * [Ed448-Goldilocks, a new elliptic curve](https://eprint.iacr.org/2015/625.pdf) by Mike Hamburg. * [Ed448-Goldilocks, a new elliptic curve](http://eprint.iacr.org/2015/625) by Cryptology ePrint Archive * [Decaf: Eliminating cofactors through point compression](https://eprint.iacr.org/2015/673.pdf) by Mike Hamburg * [Implementation on C, on github](https://github.com/coruus/ed448-goldilocks/tree/decaf/include) * [Fast and compact elliptic-curve cryptography](https://shiftleft.org/papers/fff/fff.pdf) by Mike Hamburg * [Ed448-Goldilocks, a new elliptic curve](http://csrc.nist.gov/groups/ST/ecc-workshop-2015/papers/session7-hamburg-michael.pdf) by Mike Hamburg * [Some simple ECC tricks](https://www.math.u-bordeaux.fr/~aenge/ecc2015/documents/hamburg.pdf) by Mike Hamburg * [Spec](http://ed448goldilocks.sourceforge.net/spec/) by Mike Hamburg #### elligator * [Mike Hamburg's explanation](https://moderncrypto.org/mail-archive/curves/2015/000424.html) * [Elligator: Elliptic-curve points indistinguishable from uniform random strings](http://elligator.cr.yp.to/elligator-20130828.pdf) by Daniel J. Bernstein, Mike Hamburg, Anna Krasnova and Tanja Lange * [Implementing Elligator for Curve25519](https://www.imperialviolet.org/2013/12/25/elligator.html) by Adam Langley * [Implementation](https://github.com/Kleshni/Elligator-2) by Kleshni. #### ed225519 * [Implementation](https://ed25519.cr.yp.to/python/ed25519.py) by Daniel J. Bernstein. * [Donna-edition](https://github.com/agl/curve25519-donna) by Adam Langley #### Attacks * [New algorithm for the discrete logarithm problem on elliptic curves](http://eprint.iacr.org/2015/310.pdf) by Igor Semaev. #### BenchMarking * [eBACS: ECRYPT Benchmarking of Cryptographic Systems: SUPERCOP](http://bench.cr.yp.to/supercop.html) #### extra * [Hierarchical Deterministic keys over non-linear Keyspace](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2016/blob/master/topics-and-advance-readings/HDKeys-Ed25519.pdf) by Khovratovich and Law ## Hash Functions * [Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance](http://web.cs.ucdavis.edu/~rogaway/papers/relates.pdf) by P. Rogaway and T. Shrimpton * [The Sponge Functions Corner](http://sponge.noekeon.org/) by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche * [The Keccak SHA-3 submission](http://keccak.noekeon.org/Keccak-submission-3.pdf) by by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche * [Stribog](https://github.com/okazymyrov/stribog) * [FIPS 202 and KeccakDerived Functions](http://csrc.nist.gov/news_events/cif_2015/research/day1_research_200-250pt1.pdf) by John Kelsey * [SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash](http://csrc.nist.gov/publications/drafts/800-185/sp800_185_draft.pdf) by NIST * [A new Design Criteria for Hash-Functions](http://www.cs.nyu.edu/~puniya/papers/nist.pdf) by Jean-Sebastien Coron, Yevgeniy Dodis, , Cecile Malinaud, and Prashant Puniya * [BLAKE2: simpler, smaller, fast as MD5](https://eprint.iacr.org/2013/322.pdf) by Jean-Philippe Aumasson, Samuel Neves, Zooko Wilcox-O’Hearn and Christian Winnerlein * [Analysis of BLAKE2](https://eprint.iacr.org/2013/467.pdf) by Jian Guo, Pierre Karpman, Ivica Nikolic, Lei Wang and Shuang Wu * [BLAKE2: “Harder, Better, Faster, Stronger” Than MD5](https://leastauthority.com/blog/BLAKE2-harder-better-faster-stronger-than-MD5/) by Zooko Wilcox-O'Hearn * [BLAKE 2: slides](https://blake2.net/acns/slides.html) * [BLAKE2 — fast secure hashing](https://blake2.net/) ## Key generation function * [Argon2](https://en.wikipedia.org/wiki/Argon2) ## Random Number Generators * [Recommendation for Random Number Generation Using Deterministic Random Bit Generators](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf) by NIST * [Random number generation: An illustrated primer](https://blog.cryptographyengineering.com/2012/02/21/random-number-generation-illustrated/) by Matthew Green * [Surviving a bad RNG](https://blog.cryptographyengineering.com/2012/03/09/surviving-bad-rng/) by Matthew Green * [Computational Alternatives to Random Number Generators](http://www.di.ens.fr/~pointche/Documents/Papers/1998_sac.pdf) by David M’Raıhi, David Naccache, David Pointcheval, and Serge Vaudenay ## Message Authentification Code (MAC) * [SHA3-based MACs](http://csrc.nist.gov/groups/ST/hash/sha-3/Aug2014/documents/perlner_kmac.pdf) by Ray Perlner. * [New Proofs for NMAC and HMAC: Security without Collision-Resistance](http://cseweb.ucsd.edu/~mihir/papers/hmac-new.pdf) by Mihir Bellare. ### Key derivation functions * [Key derivation functions](https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/) by cryptography.io. * [Recommendation for Key Derivation Using Pseudorandom Functions](http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-108.pdf) by Lily Chen in NIST. ## Digital Signatures * [New variant of Guillou-Quisquater digital signature scheme](http://www.ijaamm.com/uploads/2/1/4/8/21481830/v3n1p13-92-97.pdf) by J. Ettanfouhi, O. Khadir * [RSA signatures and Rabin–Williams signatures: the state of the art](https://cr.yp.to/sigs/rwsota-20080131.pdf) by Daniel J. Bernstein. * [Proving tight security for Rabin–Williams signatures](https://cr.yp.to/sigs/rwtight-20080201.pdf) by Daniel J. Bernstein. * [Short signatures from the Weil pairing](https://www.iacr.org/archive/asiacrypt2001/22480516.pdf) by Dan Boneh, Ben Lynn, and Hovav Shacham. * [A Provably Secure Nyberg-Rueppel Signature Variant with Applications](https://eprint.iacr.org/2004/093.pdf) by Giuseppe Ateniese and Breno de Medeiros. * [Performance of Batch-based Digital Signatures](http://bourbon.usc.edu/iml/bistro/papers/mascots2k2-pub.pdf) by William C. Cheng, Cheng-Fu Chou and Leana Golubchik * [How To Prove Yourself: Practical Solutions to Identification and Signature Problems](http://www.math.uni-frankfurt.de/~dmst/teaching/SS2012/Vorlesung/Fiat.Shamir.pdf) by Amos Fiat and Adi Shamir ### Schnorr signatures * [Schnorr Signatures: An Overview](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/blob/master/topics-and-advance-readings/Schnorr-Signatures--An-Overview.md) by Christopher Allen. * [Multi-user Schnorr security, revisited](https://ed25519.cr.yp.to/multischnorr-20151012.pdf) by Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe and Bo-Yin Yang * [Fast and compact elliptic-curve cryptography](https://eprint.iacr.org/2012/309.pdf) by Mike Hamburg * [Efficient Ring Signatures without Random Oracles](https://eprint.iacr.org/2006/289.pdf) by Hovav Shacham and Brent Waters * [Efficient Signature Generation by Smart Cards](https://www.researchgate.net/profile/Claus_Schnorr/publication/227088517_Efficient_signature_generation_by_smart_cards/links/0046353849579ce09c000000.pdf) by C. P. Schnorr * [Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols](http://www.win.tue.nl/~berry/papers/crypto94.pdf) by Ronald Cramer, Ivan Damgard, Aarhus University and Berry Schoenmakers ### Hash-based signatures * [SPHINCS: practical stateless hash-based signatures](https://eprint.iacr.org/2014/795.pdf) by Daniel J. Bernstein, Daira Hopwood, Andreas Hülsing, Tanja Lange, Ruben Niederhagen, Louiza Papachristodoulou, Michael Schneider, Peter Schwabe and Zooko Wilcox-O’Hearn ### EdDSA * [Edwards-curve Digital Signature Algorithm (EdDSA)](https://tools.ietf.org/html/draft-irtf-cfrg-eddsa-05): The elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA) is described by S. Josefsson. * [Ed25519 and Ed448 for DNSSEC](https://tools.ietf.org/id/draft-sury-dnskey-ed25519-02.xml) by O. Sury * [EdDSA notes](http://lukas-prokop.at/proj/eddsa/) * [High-speed high-security signatures](https://ed25519.cr.yp.to/ed25519-20110705.pdf) by Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe and Bo-Yin Yang * [EdDSA for more curves](https://ed25519.cr.yp.to/eddsa-20150704.pdf) by Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe and Bo-Yin Yang * [The Elliptic Curve Digital Signature Algorithm (ECDSA)](https://www.security-audit.com/files/x9-62-09-20-98.pdf) by American National Standards * [Edwards-curve Digital Signature Algorithm (EdDSA)](https://tools.ietf.org/html/draft-irtf-cfrg-eddsa-08) by S. Josefsson and I. Liusvaara (draft) * [Edwards-curve Digital Signature Algorithm (EdDSA)](https://tools.ietf.org/html/draft-irtf-cfrg-eddsa-00) by S. Josefsson and I. Liusvaara (draft) * [Edwards-Curve Digital Signature Algorithm (EdDSA)](https://tools.ietf.org/html/rfc8032) by S. Josefsson and I. Liusvaara * [Breaking Ed25519 in WolfSSL](https://eprint.iacr.org/2017/985.pdf) by Niels Samwel, Lejla Batina, Guido Bertoni, Joan Daemen, and Ruggero Susella * [A Side-Channel Assisted Cryptanalytic Attack Against QcBits](https://eprint.iacr.org/2017/596.pdf) by Melissa Rossi, Mike Hamburg, Michael Hutter and Mark E. Marson * [EdDSA for more curves](https://eprint.iacr.org/2015/677.pdf) by Daniel J. Bernstein, Simon Josefsson, Tanja Lange, Peter Schwabe and Bo-Yin Yang ### XEdDSA * [The XEdDSA and VXEdDSA Signature Schemes](https://whispersystems.org/docs/specifications/xeddsa/#curve448) by Trevor Perrin. ### qDSA * [qDSA: Small and Secure Digital Signatures with Curve-based Diffie–Hellman Key Pairs](http://eprint.iacr.org/2017/518.pdf) by Joost Renes and Benjamin Smith ## Zero-Knowledge * [Concurrent Zero-Knowledge](http://web.cs.ucla.edu/~sahai/work/web/1998%20Publications/STOC_C.Dwork1998.pdf) by Cynthia Dlvork, Moni Naori and Amit Sahai * [Efficient and Non-Malleable Proofs of Plaintext Knowledge and Applications](https://www.google.com.ec/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjDsvG--YzVAhUTxCYKHfzIBxcQFggkMAA&url=https%3A%2F%2Flink.springer.com%2Fchapter%2F10.1007%2F3-540-39200-9_13&usg=AFQjCNFE-emSo_CQP1XMWj6kYq5jVXsijw) by Jonathan Katz ## Validations * [Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography](http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf) by NIST ## Models ### The Random Oracle Model * [The random oracle model: a twenty-year retrospective](https://eprint.iacr.org/2015/140.pdf) by Neal Koblitz and Alfred J. Menezes. ## Formal Verifications * [C murphi](http://mclab.di.uniroma1.it/site/index.php/software/18-cmurphi). * [Formal verification group webpage](http://formalverification.cs.utah.edu/classic/) by the University of Utah (archived) * [Eddy Murphi](http://formalverification.cs.utah.edu/EddyMurphi/) * [Murphi Model Checker](http://formalverification.cs.utah.edu/Murphi/index.html) * [Nik Unger pull request on CMurphi](https://bitbucket.org/mclab/cmurphi/pull-requests/1/make-cmurphi-work-with-modern-optimizing/diff) ## Mix networks * [Sphinx: A Compact and Provably Secure Mix Format](https://www.cypherpunks.ca/~iang/pubs/Sphinx_Oakland09.pdf) by George Danezis and Ian Goldberg. * [From a Trickle to a Flood: Active Attacks on Several Mix Types](https://www.freehaven.net/doc/batching-taxonomy/taxonomy.pdf) by Andrei Serjantov, Roger Dingledine and Paul Syverson * [Heartbeat Traffic to Counter (n-1) Attacks](https://www.freehaven.net/anonbib/cache/danezis:wpes2003.pdf) by George Danezis and Len Sassaman * [The Loopix Anonymity System](https://arxiv.org/pdf/1703.00536.pdf) by Ania Piotrowska, Jamie Hayes, Tariq Elahi, Sebastian Meiser and George Danezis ## Anonimity * [Anonymity Trilemma: Strong Anonymity, Low Bandwidth Overhead, Low Latency—Choose Two](https://eprint.iacr.org/2017/954.pdf) by Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi and Aniket Kate ## Protocol ### Sociallist Millionaire Protocol (SMP) * [Socialist Millionaire Protocol Passphrase Generator](https://github.com/dillbyrne/smpp-generator) by dillbyrne. * [A Fair and Efficient Solution to the Socialist Millionaires’ Problem](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.10.3406&rep=rep1&type=pdf) by Fabrice Boudot, Berry Schoenmakers and Jacques Traoré ### Double Ratchet * [The Double Ratchet Algorithm](https://whispersystems.org/docs/specifications/doubleratchet/) by Trevor Perrin (editor) and Moxie Marlinspike. ### STROBE * [The Strobe Protocol](http://eprint.iacr.org/2017/003.pdf) by Mike Hamburg ### [The OAKLEY Key Determination Protocol] * [The OAKLEY Key Determination Protocol](https://tools.ietf.org/html/rfc2412) by H. Orman ## Schemes * [Folklore, Practice and Theory of Robust Combiners](http://eprint.iacr.org/2002/135.pdf) by Amir Herzberg. ## Security * [Chosen-Ciphertext Security of Multiple Encryption](https://www.cs.nyu.edu/~dodis/ps/2enc.pdf) by Yevgeniy Dodis and Jonathan Katz. * [Encryption Works](https://github.com/freedomofpress/encryption-works/blob/master/original/encryption_works.pdf) by FOPsF * [Project Wycheproof](https://github.com/google/wycheproof) * [Universally Composable Security: A New Paradigm for Cryptographic Protocols](https://eprint.iacr.org/2000/067.pdf) by Ran Canetti * [Security workshop](https://www.youtube.com/watch?v=Qda8plpKDgg) by Dan Boneh ## Compendia * [Theory of Cryptography: 9th Theory of Cryptography Conference, TCC 2012](https://books.google.com.ec/books?id=iWirCAAAQBAJ&pg=PA223&lpg=PA223&dq=malleable+symmetric+schemes&source=bl&ots=3oszTtlOhU&sig=evzVsQk3DbLMdkZLVY_O6RD5BfQ&hl=en&sa=X&ved=0ahUKEwjrh4XU2rPPAhUFox4KHY-UAS0Q6AEIKjAD#v=onepage&q=malleable%20symmetric%20schemes&f=false), edited by Ronald Cramer. * [Recommendation for Key Management](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf) by Elaine Barker in NIST. * [Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography](http://csrc.nist.gov/groups/ST/toolkit/documents/SP800-56Arev1_3-8-07.pdf) by Elaine Barker, Don Johnson, and Miles Smid in NIST. ## School * [Workshop on Elliptic Curve Cryptography (ECC)](https://hyperelliptic.org/ECC/index.html) ## Library ### Pairing-based cryptography * [The PBC (Pairing-Based Cryptography) library](https://crypto.stanford.edu/pbc/) by Ben Lynn. * [A Practical Second-Order Fault Attack against a Real-World Pairing Implementation](https://eprint.iacr.org/2014/543.pdf) by Johannes Blomer, Ricardo Gomes da Silva, Peter Gunther, Juliane Kramer and Jean-Pierre Seifert ### Nik Unger otr implementation * [Off-the-Record Messaging](https://crysp.uwaterloo.ca/software/) by Nik Unger. ### General * [Crypto++ 5.6.5](https://www.cryptopp.com/release565.html) * [cryptopp](https://github.com/weidai11/cryptopp) * [The Apache Milagro Cryptographic Library](https://github.com/MIRACL/amcl) * [DeDiS Advanced Crypto Library for Go](https://github.com/dedis/crypto) * [Relic](https://github.com/relic-toolkit/relic) * [Libsodium docs](https://github.com/jedisct1/libsodium-doc) * [Libsodium: helpers](https://download.libsodium.org/doc/helpers/) * [TweetNaCl](http://tweetnacl.cr.yp.to/tweetnacl-20140917.pdf) by Daniel J. Bernstein1, Bernard van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe3 and Sjaak Smetsers * [NaCl: internals](https://nacl.cr.yp.to/internals.html) * [HACL: A Verified Modern Cryptographic Library](https://eprint.iacr.org/2017/536.pdf) by Jean Karim Zinzindohoué, Karthikeyan Bhargavan, Jonathan Protzenko and Benjamin Beurdouche * [Several](https://cryptojedi.org/crypto) * [Privacy Pass](https://medium.com/@alxdavids/privacy-pass-6f0acf075288) by Alex Davidson * [Apache Milagro Crypto Library](http://milagro.apache.org/files/amcl-doxygen-1.0.0.pdf) ### Javascript * [Stanford Javascript Crypto Library](http://bitwiseshiftleft.github.io/sjcl/) ### CIRCL * [Introducing CIRCL: An Advanced Cryptographic Library](https://blog.cloudflare.com/introducing-circl/) by Kris Kwiatkowski and Armando Faz-Hernández * [Github repo](https://github.com/cloudflare/circl) ## Quatum computing * [The Quantum Menace](https://blog.cloudflare.com/the-quantum-menace/) by Armando Faz-Hernández * [Quantum Computing: Lecture Notes](http://homepages.cwi.nl/~rdewolf/qcnotes.pdf) by Ronald de Wolf * [Polynomial time algorithms for prime discrete logarithms on a quantum computer](http://www.if.pwr.wroc.pl/~biegansk/PS.pdf) by Peter W. Shor * [Simulating Physics with Computers](https://people.eecs.berkeley.edu/~christos/classics/Feynman.pdf) by Richard Feynman * [Quantum Mechanical Computers](http://www.quantum-dynamic.eu/doc/feynman85_qmc_optics_letters.pdf) by Richard Feynman * [Worst-Case to Average-Case Reductions for Module Lattices](http://perso.ens-lyon.fr/damien.stehle/downloads/MSIS.pdf) * [Quantum Computing And The New IT Revolution](https://modernciso.com/2019/02/20/quantum-computing-and-the-new-it-revolution/) by Tommaso Gagliardoni ## Post-Quantum Cryptography * [PQCHacks: A gentle introduction to post-quantum cryptography](https://media.ccc.de/v/32c3-7210-pqchacks#video&t=908) by djb and Tanja Lange in 32c3. * [Towards quantum-resistance cryptosystems from supersingular elliptic curve isogenies](http://eprint.iacr.org/2011/506.pdf) by Luca de Feo, David Jao and Jerome Plut. * [Quantum computers are coming!](https://www.youtube.com/watch?v=c7OHv-L-x50) by Tanja Lange and Daniel J. Bernstein * [Ring learning with errors](https://en.wikipedia.org/wiki/Ring_learning_with_errors) * [A low-resource quantum factoring algorithm](https://eprint.iacr.org/2017/352.pdf) by Daniel J. Bernstein, Jean-François Biasse, and Michele Mosca * [Module-LWE key exchange and encryption: The three bears](https://www.shiftleft.org/papers/threebears/threebears-draft1.pdf) by Mike Hamburg * [On Lattices, Learning with Errors, Random Linear Codes, and Cryptography](http://www.cims.nyu.edu/~regev/papers/qcrypto.pdf) by Oded Regev * [On Agnostic Boosting and Parity Learning](https://www.microsoft.com/en-us/research/wp-content/uploads/2016/11/2008-On_Agnostic_Boosting-and_Parity_Learning.pdf) by Adam Tauman Kalai, Yishay Mansour and Elad Verbin * [Post-Quantum Cryptography](https://www.researchgate.net/profile/Nicolas_Sendrier/publication/226115302_Code-Based_Cryptography/links/540d62d50cf2df04e7549388/Code-Based-Cryptography.pdf) by Daniel Bernstein and Johannes Buchmann * [A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem](https://eprint.iacr.org/2012/688.pdf) by Jintai Ding, Xiang Xie and Xiaodong Lin * [The Learning with Errors Problem](http://www.cims.nyu.edu/~regev/papers/lwesurvey.pdf) by Oded Regev * [Quantum theory, the Church-Turing principle and the universal quantum computer](https://web.archive.org/web/20030915061044/http://www.qubit.org/oldsite/resource/deutsch85.pdf) by David Deutsch * [Post-quantum cryptography –dealing with the fallout of physics success](https://eprint.iacr.org/2017/314.pdf) by Daniel J. Bernstein and Tanja Lange * [A Post-Quantum Digital Signature Scheme Based on Supersingular Isogenies](https://eprint.iacr.org/2017/186) by Youngho Yoo, Reza Azarderakhsh, Amir Jalali, David Jao and Vladimir Soukharev * [Quantum Erasure Cryptography](https://arxiv.org/pdf/1512.00808.pdf) by Hatim Salih * [TESLA: Tightly-Secure Efficient Signatures from Standard Lattices](https://cryptojedi.org/papers/tesla-20160802.pdf) by Erdem Alkim, Nina Bindel, Johannes Buchmann, Özgür Dagdelen and Peter Schwabe * [An improved compression technique for signatures based on learning with errors](https://eprint.iacr.org/2013/838.pdf) by Shi Bai and Steven D. Galbraith * [NTRU Prime](https://ntruprime.cr.yp.to/ntruprime-20160511.pdf) by Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange and Christine van Vredendaal * [An Efficient Quantum Collision Search Algorithm and Implications on Symmetric Cryptography](https://eprint.iacr.org/2017/847.pdf) by André Chailloux, María Naya-Plasencia, and André Schrottenloher * [Low-communication parallel quantum multi-target preimage search](https://eprint.iacr.org/2017/789.pdf) by Gustavo Banegas and Daniel J. Bernstein ### Hashed-based signatures * [Hash-Based Signatures presentation](https://www.youtube.com/watch?v=qkqtsnXTMQM&t=1968s) by Andreas Hülsing * [COSIC seminar "Introduction to Hash Based Signatures"](https://www.youtube.com/watch?v=jiU0ICoiPI0) by John Kelsey ## Searchable symmetric encryption * [Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions](https://eprint.iacr.org/2006/210.pdf) by Reza Curtmola, Juan Garay, Seny Kamara and Rafail Ostrovsky ## Malware * [Encrypted Viruses](http://www.cs.virginia.edu/~ww6r/CS4630/lectures/Encrypted_Virus.pdf) * [Official (ISC)2 Guide to the SSCP CBK, Second Edition](https://books.google.com.ec/books?id=42g1BNUSYPwC&pg=PA98&lpg=PA98&dq=cascade+virus+source+code&source=bl&ots=giqHBUTgnI&sig=HPjGmlzyzbvPpVBad5I0U6drxDI&hl=en&sa=X&ved=0ahUKEwi4yJ-GpOPTAhVr4oMKHeTMA_c4ChDoAQguMAU#v=onepage&q&f=false) * [The Art of Computer Virus](https://books.google.com.ec/books?id=XE-ddYF6uhYC&pg=PT89&lpg=PT89&dq=cascade+virus+source+code&source=bl&ots=GgNOdq_PJY&sig=Zp9naiUWg7U-MtHunpNQELgGWFI&hl=en&sa=X&ved=0ahUKEwizwr_5o-PTAhUr5oMKHZVSCH4Q6AEITDAH#v=onepage&q=cascade%20virus%20source%20code&f=false) * [Examples of Malicious Computer Programs](http://www.rbs2.com/cvirus.htm#anchor222250) by Ronald B. Standler * [Malwaretech](https://www.malwaretech.com/) * [Common Patterns of Virus Research](http://computervirus.uw.hu/ch02lev1sec1.html) * [Automatic Transfer Systems (ATS) for Beginners](https://www.malwaretech.com/2016/08/automatic-transfer-systems-ats-for-beginners.html) by MalwareTech ## MPC * [A Full CryptoCurrency Custody Solution Based on MPC and Threshold ECDSA](https://www.youtube.com/watch?v=Qv4-vh-KJ1s&feature=youtu.be) by Yehuda Lindell ## Passwords * [SPHINX: A Password Store that Perfectly Hides from Itself](http://webee.technion.ac.il/~hugo/sphinx.pdf) by Maliheh Shirvanian, Stanislaw Jarecki†, Hugo Krawczyk and Nitesh Saxena * [Exploring implicit memory for painless password recovery](https://dl.acm.org/doi/abs/10.1145/1978942.1979323) by Tamara Denning, Kevin D Bowers, Marten V van Dijk, Ari Juels * [Effects of Password Type and Memory Techniques on User Password Memory](https://pdfs.semanticscholar.org/2c65/65ea8876b6f9ca3b643b984536a3ad1e042f.pdf) by Lezlie Y. España * [Forget the Password: Password Memory and Security Applications of Augmented Cognition](https://link.springer.com/chapter/10.1007/978-3-319-91467-1_11) by Nancy MogireEmail, Michael-Brian Ogawa, Randall K. Minas, Brent Auernheimer and Martha E. Crosby * [Password-based authentication: a system perspective](https://ieeexplore.ieee.org/abstract/document/1265412) by A. Conklin, G. Dietrich and D. Walz * [Too many passwords? How understanding our memory can increase password memorability](https://www.sciencedirect.com/science/article/abs/pii/S1071581917301581) by Naomi Woods and Mikko Siponen * [A novel image-based implicit password authentication system (IPAS) for mobile and non-mobile devices](https://www.sciencedirect.com/science/article/pii/S0895717712001719) by Sadiq Almuairfi, Prakash Veeraraghavan and Naveen Chilamkurti * [Implicit Authentication through Learning User Behavior](https://link.springer.com/chapter/10.1007/978-3-642-18178-8_9) by Elaine Shi, Yuan Niu, Markus Jakobsson and Richard Chow * [Touch me once and i know it's you!: implicit authentication based on touch screen patterns](https://dl.acm.org/doi/abs/10.1145/2207676.2208544) by Alexander De Luca, Alina Hang, Frederik Brudy, Christian Lindner, and Heinrich Hussmann ## Cryptocurrencies * [ZCash Ceremony](http://www.radiolab.org/story/ceremony/) ### Bitcoin * [Bitcoin and Cryptocurrency Technologies](https://lopp.net/pdf/princeton_bitcoin_book.pdf) by Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller and Steven Goldfeder ## Usability * [Obstacles to the Adoption of Secure Communication Tools](http://www.jbonneau.com/doc/ASBDNS17-IEEESP-secure_messaging_obstacles.pdf) by Ruba Abu-Salma, Anastasia Danilova, M. Angela Sasse, Alena Naiakshina, Joseph Bonneau and Matthew Smith * [Listen to Developers! A Participatory Design Study on Security Warnings for Cryptographic APIs](https://dl.acm.org/doi/abs/10.1145/3313831.3376142) by Peter Leo Gorski, Yasemin Acar, Luigi Lo Iacono and Sascha Fahl * [“We make it a big deal in the company”: Security Mindsets in Organizations that Develop Cryptographic Products](https://www.usenix.org/system/files/conference/soups2018/soups2018-haney-mindsets.pdf) by Julie M. Haney, Mary F. Theofanos, Yasemin Acar and Sandra Spickard Prettyman * [Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse](https://www.usenix.org/system/files/conference/soups2018/soups2018-gorski.pdf) by Peter Leo Gorski, Luigi Lo Iacono, Dominik Wermke, Christian Stransky, Sebastian Möller, Yasemin Acar, and Sascha Fahl * [Comparing the Usability of Cryptographic APIs](https://www.cl.cam.ac.uk/~rja14/shb17/fahl.pdf) by Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek, and Christian Stransky ## Mailing List * [Modern Crypto](https://moderncrypto.org/mail-archive/) * [The Internet Engineering Task Force -IETF-](https://www.ietf.org/mail-archive/web/cfrg/current/maillist.html) * [Cypherpunks](https://lists.cypherpunks.ca/pipermail) ## Hacking (in general) * [Awesome-Hacking](https://github.com/Hack-with-Github/Awesome-Hacking) ## Various * [Rebooting the Web-of-Trust](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust) * [Tor Browser Bundle - iSEC Deliverable 1.3](https://github.com/iSECPartners/publications/blob/052caf9c9c683ec0bed55782714df4d35c38f107/reports/Tor%20Browser%20Bundle/Tor%20Browser%20Bundle%20-%20iSEC%20Deliverable%201.3.pdf) * [Privacy Enhancement for Internet Electronic Mail: Part I -- Message Encipherment and Authentication Procedures](https://tools.ietf.org/html/rfc1113) by J. Linn * [Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies](https://tools.ietf.org/html/rfc2045) by N. Freed and N. Borenstein * [Exploiting mathematical structures in cryptography](https://pure.tue.nl/ws/files/97946090/20180605_Vredendaal.pdf) by van Vredendaal, C ## Password managers * [Password Managers: Under the Hood of Secrets Management](https://www.securityevaluators.com/casestudies/password-manager-hacking/) * [Recovering the Master Password from a Locked Password Manager (1Password 4)](https://blog.securityevaluators.com/recovering-the-master-password-from-a-locked-password-manager-1password-4-5d32cd569907) by Adrian Bednarek ## VPRFs / (V)OPRFs * [A verifiable random function with short proofs and keys](https://eprint.iacr.org/2004/310.pdf) by Yevgeniy Dodis and Aleksandr Yampolskiy * [Privacy Pass: Bypassing Internet Challenges Anonymously](https://www.petsymposium.org/2018/files/papers/issue3/popets-2018-0026.pdf) by Alex Davidson, Ian Goldberg, Nick Sullivan, George Tankersley, and Filippo Valsorda * [EC-OPRF: Oblivious Pseudorandom Functions using Elliptic Curves](https://eprint.iacr.org/2017/111.pdf) by Jonathan Burns, Daniel Moore, Katrina Ray, Ryan Speers and Brian Vohaska * [Verifiable Random Functions](https://people.csail.mit.edu/silvio/Selected%20Scientific%20Papers/Pseudo%20Randomness/Verifiable_Random_Functions.pdf) by Silvio Micali, Michael Rabiny and Salil Vadha * [Composable & Modular Anonymous Credentials: Definitions and Practical Constructions](https://eprint.iacr.org/2015/580.pdf) by Jan Camenisch, Maria Dubovitskaya, Kristiyan Haralambiev , and Markulf * [Malleable Signatures: Complex Unary Transformations and Delegatable Anonymous Credentials](https://eprint.iacr.org/2013/179.pdf) by Melissa Chase, Markulf Kohlweiss and Anna Lysyanskaya * [Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials](https://cs.brown.edu/people/alysyans/papers/camlys02.pdf) by Jan Camenisch and Anna Lysyanskaya * [The Signal Private Group System and Anonymous Credentials Supporting Efficient Verifiable Encryption](https://eprint.iacr.org/2019/1416.pdf) by Melissa Chase, Trevor Perrin and Greg Zaverucha * [Anonymous Tokens with Private Metadata Bit](https://eprint.iacr.org/2020/072.pdf) by Ben Kreuter, Tancrede Lepoint, Michele Orru, and Mariana Raykova ## Post-quantum Cryptography and protocols * [Hybrid key exchange in TLS 1.3](https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design) by D. Stebila, S. Fluhrer and S. Gueron ================================================ FILE: books_to_buy.md ================================================ # Things to buy ## Books * [Introduction to Number Theory (Art of Problem Solving Introduction)](https://www.amazon.com/Introduction-Number-Theory-Problem-Solving/dp/1934124125) by Mathew Crawford. * [Prime Numbers: The Most Mysterious Figures in Math](https://www.amazon.com/exec/obidos/ASIN/0471462349/mathblogdk-20) by David Wells. * [A History of Mathematics, Second Edition](https://www.amazon.com/exec/obidos/ASIN/0471543977/mathblogdk-20) by Carl B. Boyer (Author), Uta C. Merzbach (Author), Isaac Asimov (Foreword). * [Algorithms](https://www.amazon.com/gp/product/032157351X/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=algs4-coursera-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=032157351X) by Robert Sedgewick and Kevin Wayne. * [The Art of problem solving](https://www.amazon.com/Art-Problem-Solving-Vol-Basics/dp/0977304566) by Sandor Lehoczky and Richard Rusczyk. * [Post-Quantum Cryptography](http://www.springer.com/la/book/9783540887010) by Bernstein, Daniel J., Buchmann, Johannes, Dahmen, Erik (Eds.) * [Concrete Mathematics: A Foundation for Computer Science (2nd Edition)](https://www.amazon.com/gp/product/0201558025/ref=pe_355360_220209680_em_1p_6_lm) by Ronald L. Graham (Author), Donald E. Knuth (Author), Oren Patashnik (Author) * [Information Theory and Reliable Communication](https://www.amazon.com/Information-Theory-Reliable-Communication-Gallager/dp/0471290483/ref=sr_1_1?s=books&ie=UTF8&qid=1484436547&sr=1-1&keywords=information+theory+and+reliable+communication) by R. G. Gallager. ## Papers: * [The state of elliptic curve cryptography, towards a quarter-century of public key cryptography](http://link.springer.com/chapter/10.1007%2F978-1-4757-6856-5_5#page-1) by N. Koblitz, A. Menezes, and S. Vanstone. * [Sequences and Their Applications](https://books.google.com.ec/books?id=wDZqCQAAQBAJ&printsec=frontcover#v=onepage&q&f=false) by SETA 2010 * [Codes and designs](https://books.google.com.ec/books?id=E62qwfwLJpsC&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false) by De Gruyter * [Binary Arithmetic](http://www.sciencedirect.com/science/article/pii/S0065245808606105?np=y&npKey=6d6b4e76e7539ace948e93c0cdce662ad3cb10a25a870feadfddd0ce6cd5624e) by George W. Reitwiesner ## Challenges * [The cryptopals crypto challenges](https://cryptopals.com/) ## To Apply (some day) * [Budapest semester in math](https://www.budapestsemesters.com/apply-2/) ## Literature * [Borges and Mathematics](https://www.amazon.com/Borges-Mathematics-Guillermo-Martz/dp/1557536325) ## Philosophy * [Wittgenstein on Rules and Private Language](https://www.amazon.com/Wittgenstein-Rules-Private-Language-Elementary/dp/0674954017/ref=sr_1_1?ie=UTF8&qid=1484551426&sr=8-1&keywords=Wittgenstein+on+Rules+and+Private+Language) by Saul Kripke // Summary: [wikipedia](https://en.wikipedia.org/wiki/Wittgenstein_on_Rules_and_Private_Language) * [Name and necessity](https://www.amazon.com/Wittgenstein-Rules-Private-Language-Elementary/dp/0674954017/ref=sr_1_1?ie=UTF8&qid=1484551426&sr=8-1&keywords=Wittgenstein+on+Rules+and+Private+Language) by Saul Kripke * [The Unreality of Time](https://www.amazon.com/Unreality-Time-John-McTaggart-Ellis-ebook/dp/B018IY44WY/ref=sr_1_1?ie=UTF8&qid=1484666334&sr=8-1&keywords=The+Unreality+of+Time) by John McTaggart Ellis McTaggart * [The principles of mathematics] by Bertrand Russell * [The Foundations of Arithmetic] by Gottlob Frege * [Tractatus Logico-Philosophicus] by Wittgenstein ## Maybe interesting * John Searle ================================================ FILE: cloudflare_tools.md ================================================ # Cloudflare tools ## Workers * [Introducing Secrets and Environment Variables to Cloudflare Workers](https://blog.cloudflare.com/workers-secrets-environment/) by John Donmoyer and Nena ## Pages * [Website](https://pages.cloudflare.com/) ## GeoKM * [Presentation](https://crypto.dance/projects/6730853) by Nick Sullivan ================================================ FILE: conferences/2017.md ================================================ # Conferences ### CCC #### first day * [Dude, you broke the Future!](https://events.ccc.de/congress/2017/Fahrplan/events/9270.html) by Charles Stross [*] * [eMMC hacking, or: how I fixed long-dead Galaxy S3 phones](https://events.ccc.de/congress/2017/Fahrplan/events/8784.html) by oranav [*] [*] * [End-to-end formal ISA verification of RISC-V processors with riscv-formal](https://events.ccc.de/congress/2017/Fahrplan/events/8768.html) by Clifford Wolf (*) * [Squeezing a key through a carry bit](https://events.ccc.de/congress/2017/Fahrplan/events/9021.html) by Filippo Valsorda [*] * [How can you trust formally verified software?](https://events.ccc.de/congress/2017/Fahrplan/events/8915.html) by Alastair Reid [*] [*] * [BBSs and early Internet access in the 1990ies](https://events.ccc.de/congress/2017/Fahrplan/events/9034.html) by LaForge (*) [*] [*] * [Inside Intel Management Engine](https://events.ccc.de/congress/2017/Fahrplan/events/8762.html) by Maxim Goryachy and Mark Ermolov [*] [*] * [1-day exploit development for Cisco IOS](https://events.ccc.de/congress/2017/Fahrplan/events/8936.html) by Artem Kondratenko [*] [*] * [Tightening the Net in Iran](https://events.ccc.de/congress/2017/Fahrplan/events/8900.html) by Mahsa Alimardani [*] [*] [*] * [Lets break modern binary code obfuscation](https://events.ccc.de/congress/2017/Fahrplan/events/8789.html) by Tim Blazytko and Moritz Contag [*] [*] Check the papers. * [iOS kernel exploitation archaeology](https://events.ccc.de/congress/2017/Fahrplan/events/8720.html) by Patroklos Argyroudis (*) * [Access To Bodies](https://events.ccc.de/congress/2017/Fahrplan/events/9040.html) by Nadja Buttendorf (*) * [Defeating (Not)Petya's Cryptography](https://events.ccc.de/congress/2017/Fahrplan/events/8724.html) by Sebastian Eschweiler [*] [*] * [Microarchitectural Attacks on Trusted Execution Environments](https://events.ccc.de/congress/2017/Fahrplan/events/8950.html) by Keegan Ryan (*) * [Catch me if you can: Internet Activism in Saudi Arabia](https://events.ccc.de/congress/2017/Fahrplan/events/9190.html) by Noujoum (*) * [Doping your Fitbit](https://events.ccc.de/congress/2017/Fahrplan/events/8908.html) by Jiska and DanielAW [*] [*] * [BootStomp: On the Security of Bootloaders in Mobile Devices](https://events.ccc.de/congress/2017/Fahrplan/events/9205.html) by Audrey [*] * [KRACKing WPA2 by Forcing Nonce Reuse](https://events.ccc.de/congress/2017/Fahrplan/events/9273.html) by Mathy Vanhoef [*] * [Practical Mix Network Design](https://events.ccc.de/congress/2017/Fahrplan/events/8974.html) by David Stainton and jeffburdges [*] [*] #### second day * [Mobile Data Interception from the Interconnection Link](https://events.ccc.de/congress/2017/Fahrplan/events/8879.html) by Dr. Silke Holtmanns [*] [*] * [We should share our secrets](https://events.ccc.de/congress/2017/Fahrplan/events/8885.html) by Daan Sprenkels [*] [*] check papers * [Deep Learning Blindspots](https://events.ccc.de/congress/2017/Fahrplan/events/8860.html) by Katharine Jarmul [*] [*] check papers * [Reverse engineering FPGAs](https://events.ccc.de/congress/2017/Fahrplan/events/9237.html) by MathiasL (*) * [May contain DTraces of FreeBSD](https://events.ccc.de/congress/2017/Fahrplan/events/9196.html) by raichoo (*) * [Electromagnetic Threats for Information Security](https://events.ccc.de/congress/2017/Fahrplan/events/8920.html) by EMHacktivity and José Lopes Esteves [*] [*] * [Free Electron Lasers](https://events.ccc.de/congress/2017/Fahrplan/events/8832.html) by Thorsten [*] [*] * [Everything you want to know about x86 microcode, but might have been afraid to ask](https://events.ccc.de/congress/2017/Fahrplan/events/9058.html) by Benjamin Kollenda and Philipp Koppe (*) * [avatar²](https://events.ccc.de/congress/2017/Fahrplan/events/9195.html) by nsr [*] [*] * [Console Security - Switch](https://events.ccc.de/congress/2017/Fahrplan/events/8941.html) by plutoo, derrek and naehwert [*] [*] * [Taking a scalpel to QNX](https://events.ccc.de/congress/2017/Fahrplan/events/8730.html) by Jos Wetzels and Ali Abbasi (*) * [Intel ME: Myths and reality](https://events.ccc.de/congress/2017/Fahrplan/events/8782.html) by Igor Skochinsky and Nicola Corna (*) * [The making of a chip](https://events.ccc.de/congress/2017/Fahrplan/events/9250.html) by Ari [*] [*] * [The Noise Protocol Framework](https://events.ccc.de/congress/2017/Fahrplan/events/9222.html) by Trevor Perrin (*) * [LatticeHacks](https://events.ccc.de/congress/2017/Fahrplan/events/9075.html) by djb, Tanja Lange and Nadia Heninger [*] [*] * [ASLR on the line](https://events.ccc.de/congress/2017/Fahrplan/events/9135.html) by brainsmoke (*) * [Implementing an LLVM based Dynamic Binary Instrumentation framework](https://events.ccc.de/congress/2017/Fahrplan/events/9006.html) by Charles Hubain and Cédric TESSIER (*) * [Uncovering vulnerabilities in Hoermann BiSecur](https://events.ccc.de/congress/2017/Fahrplan/events/9029.html) by Markus Müllner and Markus Kammerstetter [*] [*] * [Robot Music](https://events.ccc.de/congress/2017/Fahrplan/events/9150.html) by jacob remin and goto80 (*) #### thrid day * [Holography of Wi-Fi radiation](https://events.ccc.de/congress/2017/Fahrplan/events/9024.html) by Friedemann Reinhard [*] [*] * [Coming Soon: Machine-Checked Mathematical Proofs in Everyday Software and Hardware Development](https://events.ccc.de/congress/2017/Fahrplan/events/9105.html) by Adam Chlipala [*] [*] * [History and implications of DRM](https://events.ccc.de/congress/2017/Fahrplan/events/9110.html) by Molly de Blanc [*] * [OONI: Let's Fight Internet Censorship, Together!](https://events.ccc.de/congress/2017/Fahrplan/events/8923.html) by Arturo Filastò [*] * [Policing in the age of data exploitation](https://events.ccc.de/congress/2017/Fahrplan/events/8940.html) by Eva Blum and Millie Wood (*) * [Vintage Computing for Trusted Radiation Measurements and a World Free of Nuclear Weapons](https://events.ccc.de/congress/2017/Fahrplan/events/8994.html) by Moritz and ALX [*] [*] * [How to drift with any car](https://events.ccc.de/congress/2017/Fahrplan/events/8758.html) by Guillaume Heilles and Stanislas Lejay [*] * [Protecting Your Privacy at the Border](https://events.ccc.de/congress/2017/Fahrplan/events/9086.html) by Kurt Opsahl and William Budington [*] * [Zamir Transnational Network und Zagreb Dairy](https://events.ccc.de/congress/2017/Fahrplan/events/8842.html) by Wam (P.J.H.F.) Kat [*] [*] * [How Alice and Bob meet if they don't like onions](https://events.ccc.de/congress/2017/Fahrplan/events/9104.html) by Muelli, Erik and Matthias [*] [*] * [Decoding Contactless (Card) Payments](https://events.ccc.de/congress/2017/Fahrplan/events/8965.html) by Simon Eumes [*] * [Public FPGA based DMA Attacking](https://events.ccc.de/congress/2017/Fahrplan/events/9111.html) by Ulf Frisk [*] #### fourth day * [library operating systems](https://events.ccc.de/congress/2017/Fahrplan/events/8949.html) by Mindy Preston [*] [*] * [Modern key distribution with ClaimChain](https://events.ccc.de/congress/2017/Fahrplan/events/9094.html) by Marios Isaakidis [*] [*] * [TrustZone is not enough](https://events.ccc.de/congress/2017/Fahrplan/events/8831.html) by Pascal Cotret [*] [*] * [Briar](https://events.ccc.de/congress/2017/Fahrplan/events/8937.html) by Torsten Grote [*] [*] * [Hardening Open Source Development](https://events.ccc.de/congress/2017/Fahrplan/events/9249.html) by gronke [*] [*] * [The Internet in Cuba: A Story of Community Resilience](https://events.ccc.de/congress/2017/Fahrplan/events/8740.html) by Will Scott and kopek [?] * [MQA - A clever stealth DRM-Trojan](https://events.ccc.de/congress/2017/Fahrplan/events/9113.html) by Christoph Engemann [*] [*] check papers * [Tracking Transience](https://events.ccc.de/congress/2017/Fahrplan/events/9281.html) by Hasan Elahi * [Type confusion: discovery, abuse, and protection](https://events.ccc.de/congress/2017/Fahrplan/events/8848.html) by gannimo [*] [*] * [SCADA - Gateway to (s)hell](https://events.ccc.de/congress/2017/Fahrplan/events/8956.html) by nezza (*) ### RWC To check * AWS * KMS * Zero knowledge, subversion-resistance, and concrete attacks * Side channel attacks on implementations of Curve25519 * The problem of private identification protocols * Finding collisions for SHA-1 * Post-quantum signatures * Noise protocol * Supersingular isogeny based cryptography gets practical * Quam Bene Non Quantum: identifying bias in a commercial quantum random number generator * HACL* ### ECRYPT-CSA * Dan Bogdanov (Cybernetica/Sharemind), Cryptographic Deployments: Lessons Learned ================================================ FILE: conferences/2018.md ================================================ # 35c3 First day: * The Rocky Road to TLS 1.3 and better Internet Encryption * Locked up science * Going Deep Underground to Watch the Stars * Election Cybersecurity Progress Report * "The" Social Credit System * Taming the Chaos: Can we build systems that actually work? * SiliVaccine: North Korea's Weapon of Mass Detection * Digital Airwaves * Information Biology - Investigating the information flow in living systems * Afroroutes: Africa Elsewhere * Transmission Control Protocol * A Routing Interregnum: Internet infrastructure transition in Crimea after Russian annexation * What The Fax?! * Exploiting Kernel Memory Corruptions on Microsoft Windows 10 RedStone 5 * Quantum Mechanics * Tactical Embodiment * Inside the AMD Microcode ROM Second day: * Modern Windows Userspace Exploitation * Explaining Online US Political Advertising * Sense without sight: a crash course on #BlindNavigation * Reality Check! Basel/Lagos?? In virtual reality? * How medicine discovered sex * The good, the strange and the ugly in art and science/technology in 2018 * The Enemy * Feminist Perspectives * Attacking end-to-end email encryption * A Christmas Carol - The Spectres of the Past, Present, and Future * Wallet Security * Simulating Universes * A deep dive into the world of DOS viruses * The year in post-quantum crypto Third day * Provable Security * How light in the Antarctic Ice unveiled the first cosmic particle accelerator * Safe and Secure Drivers in High-Level Languages * Planes and Ships and Saving Lives * Viva la Vita Vida * Matrix, the current status and year to date * Memsad * Domain Name System * Web-based Cryptojacking in the Wild * Russia vs. Telegram: technical notes on the battle * Modeling and Simulation of Physical Systems for Hobbyists * Conquering Large Numbers at the LHC * No evidence of communication and morality in protocols: Off-the-Record protocol version 4 * Media Disruption Led By The Blind Fourth Day * Hacking how we see * Are machines feminine? ================================================ FILE: cryptocurrencies.md ================================================ # Cryptocurrencies ## Blockchain * [Blockchain Explained](https://www.youtube.com/watch?v=QphJEO9ZX6s) by IBM Cloud ## Monero * [How Does Monero Work?](https://www.youtube.com/watch?v=cjbHqvr4ffo) by Siraj Raval ================================================ FILE: current_projects.md ================================================ # Current projects information ## VOPRF * [Draft](https://github.com/cfrg/draft-irtf-cfrg-voprf) * [POC](https://github.com/alxdavids/voprf-poc) ## Privacy Pass * [Draft: protocol](https://tools.ietf.org/html/draft-davidson-pp-protocol-00) * [Draft: architecture](https://tools.ietf.org/pdf/draft-davidson-pp-architecture-00.pdf) * [Draft: http API](https://tools.ietf.org/pdf/draft-svaldez-pp-http-api-00.pdf) * [All IETF material](https://github.com/alxdavids/privacy-pass-ietf) * [IETF 107 BoF](https://datatracker.ietf.org/meeting/107/materials/agenda-107-privacypass) ## CFSSL and certificate management * [Introducing CFSSL - CloudFlare's PKI toolkit](https://blog.cloudflare.com/introducing-cfssl/) by Nick Sullivan * [Github Repo](https://github.com/cloudflare/cfssl) * [certmgr](https://github.com/cloudflare/certmgr) ## HashToCurve * [Draft](https://tools.ietf.org/pdf/draft-irtf-cfrg-hash-to-curve-06.pdf) ## CRYSTALS * [PR](https://github.com/cloudflare/circl/pull/87) * [Website](https://pq-crystals.org/dilithium/resources.shtml) * [CRYSTALS-Dilithium paper](https://pq-crystals.org/dilithium/data/dilithium-specification-round2.pdf) * [CRYSTALS-Dilithium algo paper](https://pq-crystals.org/dilithium/data/dilithium-specification.pdf) ## Lattices * [Lattice Introduction - Gate](https://www.youtube.com/watch?v=3EAYX-wZH0g) * [Lattices ∩ Quantum](https://www.youtube.com/watch?v=ZpJ2G0nk91Y) # Research * [Equations For Modular Curves](https://www.math.auckland.ac.nz/~sgal018/thesis.pdf) by Steven D. Galbraith * [ellipticnews](https://ellipticnews.wordpress.com/) * [Mathematics of Isogeny Based Cryptography](https://arxiv.org/pdf/1711.04062.pdf) * [Fast Algorithms for Towers of Finite Fields and Isogenies](https://pastel.archives-ouvertes.fr/tel-00547034v3/document) * [High-Speed Cryptography and Cryptanalysis](https://cryptojedi.org/peter/thesis/data/phdthesis-schwabe-printed.pdf) * [Guide to Elliptic Curve Cryptography](http://cacr.uwaterloo.ca/ecc/order.html) * [An Introduction to Mathematical Cryptography](http://www.math.brown.edu/~jhs/MathCryptoHome.html) * [The Arithmetic of Elliptic Curves](http://www.math.brown.edu/~jhs/AECHome.html) * [Elliptic Curves: Number Theory and Cryptography](http://www-users.math.umd.edu/~lcw/ec.html) * [Handbook of Elliptic and Hyperelliptic Curve Cryptography](http://www.hyperelliptic.org/HEHCC/) * [Algorithmic Cryptanalysis](http://www.joux.biz/algcrypt/index.html) * [Mathematics of Public Key Cryptography](https://www.math.auckland.ac.nz/~sgal018/crypto-book/crypto-book.html) ## Memory management * [Go memory management](https://povilasv.me/go-memory-management/) by Povilas * [Go: Memory Management and Allocation](https://medium.com/a-journey-with-go/go-memory-management-and-allocation-a7396d430f44) by Vincent Blanchon * [Building a better Go linker](https://docs.google.com/document/d/1D13QhciikbdLtaI67U6Ble5d_1nsI4befEd6_k1z91U/view#heading=h.g4m43nddv64t) * [Visualizing Garbage Collection Algorithms](https://spin.atomicobject.com/2014/09/03/visualizing-garbage-collection-algorithms/) * [Go GC: Solving the Latency Problem](https://www.youtube.com/watch?v=aiv1JOfMjm0&index=16&list=PL2ntRZ1ySWBf-_z-gHCOR2N156Nw930Hm) by Rick Hudson * [Implementing memory management with Golang’s garbage collector](https://hub.packtpub.com/implementing-memory-management-with-golang-garbage-collector/) * [On-the-Fly Garbage Collection: An Exercise in Cooperation](https://lamport.azurewebsites.net/pubs/garbage.pdf) by Dijkstra, Lamport , Martin, Scholten, and Steffens * [Getting to Go: The Journey of Go's Garbage Collector](https://blog.golang.org/ismmkeynote) by Rick Hudson * [Garbage Collection In Go : Part I - Semantics](https://www.ardanlabs.com/blog/2018/12/garbage-collection-in-go-part1-semantics.html) * [RICH: Automatically Protecting Against Integer-Based Vulnerabilities](https://web.archive.org/web/20121010025025/http://www.cs.cmu.edu/~dbrumley/pubs/integer-ndss-07.pdf) by David Brumley, Tzi-cker Chiueh, Robert Johnson * [Golang's GC](https://github.com/golang/go/blob/master/src/runtime/mgc.go) * [A micro-manual for lisp - not the whole truth](https://www.ee.ryerson.ca/~elf/pub/misc/micromanualLISP.pdf) by John McCarthy ## Digital contact-tracing app * [Principles for technology-assisted contact-tracing](https://www.aclu.org/report/aclu-white-paper-principles-technology-assisted-contact-tracing) by Daniel Kahn Gillmor * [Data Rights for Exposure Notification](https://exposurenotification.org/) * [Apps Gone Rogue: Maintaining Personal Privacy in an Epidemic](https://arxiv.org/pdf/2003.08567.pdf) * [Covid-19: The tough questions on a digital contact-tracing app](https://thespinoff.co.nz/society/29-04-2020/covid-19-the-tough-questions-on-a-digital-contact-tracing-app/) * [Privacy-Preserving Contact Tracing](https://www.apple.com/covid19/contacttracing/) by Apple and Google ## TLS * [The Transport Layer Security v 1.3](https://tools.ietf.org/html/rfc8446) * [Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)](https://tools.ietf.org/html/rfc7250) * [Transport Layer Security (TLS) Cached Information Extension](https://tools.ietf.org/html/rfc7924) * [Measuring TLS key exchange with post-quantum KEM](https://csrc.nist.gov/CSRC/media/Events/Second-PQC-Standardization-Conference/documents/accepted-papers/kwiatkowski-measuring-tls.pdf) * [Post-quantum TLS without handshake signatures](https://eprint.iacr.org/2020/534.pdf) * [kemtls-experiment](https://github.com/thomwiggers/kemtls-experiment) * [dilithium](https://github.com/pq-crystals/dilithium) * [kyber](https://github.com/pq-crystals/kyber) ### Delegated Credentials * [The current repo](https://github.com/tlswg/tls-subcerts) * [PR](https://github.com/cloudflare/tls-tris/pull/95) * [Second PR](https://github.com/cloudflare/tls-tris/pull/32) * [The draft](https://tools.ietf.org/html/draft-ietf-tls-subcerts-09) ### Exported Authenticators * [draft](https://github.com/tlswg/tls-exported-authenticator) * [Usage of OPAQUE with TLS 1.3](https://github.com/grittygrease/draft-sullivan-tls-opaque) ## OPAQUE * [draft](https://github.com/cfrg/draft-irtf-cfrg-opaque/blob/master/draft-irtf-cfrg-opaque.md) ## Stalkware and domestic abuse * [MariaLab org](https://www.instagram.com/p/CAWMEqEHlNz/) and [also](https://www.marialab.org/) * [ipvtechresearch](https://www.ipvtechresearch.org/) * [Technology facilitating domestic violence. How is that possible?](https://stopstalkerware.org/) * [Threat Lab: Year in Review 2019](https://www.eff.org/deeplinks/2019/12/threat-lab-year-review-2019) * [Queer privacy](https://leanpub.com/queerprivacy) * [Stalkerware-indicators](https://github.com/Te-k/stalkerware-indicators) * [How security researchers are working to expose stalkerware on your phone](https://netzpolitik.org/2020/how-security-researchers-are-working-to-expose-stalkerware-on-your-phone/) * [Feminism and protocols](https://tools.ietf.org/html/draft-guerra-feminism-00) * [Taller de comunicación mujer](https://www.tcmujer.org/wb#/inicio) * [Navegando libres por la red](https://www.navegandolibres.org/) * [Vita-activa](https://vita-activa.org/) * [Acoso Online](https://acoso.online/cl/) * [Dominemos la tecnología](https://www.takebackthetech.net/es/know-more/heyamiga) * [Safer nudes](https://www.codingrights.org/safernudes/) * [Alerta Machitrol](https://mtroll.karisma.org.co/) * [ConsenfulTech](https://www.consentfultech.io/) * [Diagnóstico Violencia de género Ecuador](https://www.navegandolibres.org/images/navegando/Diagnostico_navegando_libres_f.pdf) * [Security and Privacy Experiences and Practices of Survivors of Intimate Partner Abuse](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8055664) * [Safe at Home: Towards a Feminist Critique of Cybersecurity](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3429851) * [Privacy threats in intimate relationships](https://academic.oup.com/cybersecurity/article/6/1/tyaa006/5849222) ## Quantum computing and LLVM * [Tutorial: Quantum Programming](https://sites.google.com/ncsu.edu/qc-tutorial) * [An Introduction to Quantum Computing for Non-Physicists](https://arxiv.org/PS_cache/quant-ph/pdf/9809/9809016v2.pdf) * [Programming Quantum Computers Tutorial](https://www.youtube.com/watch?v=SCRZVVSUCp0&feature=youtu.be) * [Architectural Principles for a Quantum Internet](https://datatracker.ietf.org/doc/draft-irtf-qirg-principles/) ## Modelling * [Random Oracles are Practical: A Paradigm for Designing Efficient Protocols](https://cseweb.ucsd.edu/~mihir/papers/ro.pdf) by Mihir Bellare and Phillip Rogaway * [The random oracle model: a twenty-year retrospective](https://eprint.iacr.org/2015/140.pdf) by Neal Koblitz and Alfred J. Menezes * [The Random Oracle Hypothesis is False](https://www.csc.kth.se/~johanh/randomoracle.pdf) by Richard Chang, Benny Chor, Oded Goldreich, Juris Hartmanis, Johan Hastad, Desh Ranjan and Panka J Rohatgi * [Systems of logic based on ordinals](https://pure.mpg.de/rest/items/item_2403325/component/file_2403324/content) by Turing * A proof of freedom from contradiction by Church * [Logic and Computation Intertwined](https://cs.uwaterloo.ca/~plragde/flaneries/LACI/) by Prabhakar Ragde * [Random Oracles in a Quantum World](https://link.springer.com/chapter/10.1007/978-3-642-25385-0_3) by Dan Boneh, Özgür Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner and Mark Zhandry * [Universally Composable Security: A New Paradigm for Cryptographic Protocols](https://eprint.iacr.org/2000/067.pdf) by Ran Canetti * [Turing Oracle Machines, Online Computing, and Three Displacements in Computability Theory](http://www.people.cs.uchicago.edu/~soare/History/turing.pdf) by Robert I. Soare ## Message franking * [Private Message Franking with After Opening Privacy](https://eprint.iacr.org/2018/938.pdf) by Iraklis Leontiadis and Serge Vaudenay * [Message Franking via Committing Authenticated Encryption](https://eprint.iacr.org/2017/664.pdf) by Paul Grubbs, Jiahui Lu, and Thomas Ristenpart * [Asymmetric Message Franking: Content Moderation for Metadata-Private End-to-End Encryption](https://eprint.iacr.org/2019/565.pdf) by Nirvan Tyagi, Paul Grubbs, Julia Len, Ian Miers, and Thomas Ristenpart ## Side channel attacks * [Wikipedia page](https://en.wikipedia.org/wiki/Side-channel_attack) ## Programming language design * [PL+HCI Seminar](https://pl-hci-seminar.seas.harvard.edu/) * [Bits and behavior](https://medium.com/bits-and-behavior) ## Falcon * [Main website](https://falcon-sign.info/) * [proposal: spec: add decimal float types](https://github.com/golang/go/issues/19787) * [Decimal Floating-Point: Algorism for Computers](http://speleotrove.com/decimal/IEEE-cowlishaw-arith16.pdf) * [Proposal to Add Decimal Floating Point Support to C++](http://open-std.org/JTC1/SC22/WG21/docs/papers/2014/n3871.html) * [IEEE 754](https://en.wikipedia.org/wiki/IEEE_754) * [Double-precision floating-point format](https://en.wikipedia.org/wiki/Double-precision_floating-point_format) * [decimal64 floating-point format](https://en.wikipedia.org/wiki/Decimal64_floating-point_format) ================================================ FILE: install.md ================================================ # Install ## XCode * [Update](https://stackoverflow.com/questions/15417619/how-do-you-update-xcode-on-osx-to-the-latest-version) * [Uninstall](https://stackoverflow.com/questions/31011062/how-to-completely-uninstall-xcode-and-clear-all-settings) ## Command line tools * [Issues](https://github.com/Homebrew/homebrew-core/issues/2502) * [Issues](https://stackoverflow.com/questions/32893412/command-line-tools-not-working-os-x-el-capitan-macos-sierra-macos-high-sierra) * [Issues](https://github.com/nodejs/node-gyp/issues/569) ## Vim Pluggins * [GitGutter issue](https://github.com/airblade/vim-gitgutter/issues/191) * [GitGutter issue](https://github.com/airblade/vim-gitgutter/issues/106) * [Nerdtree](https://github.com/scrooloose/nerdtree/issues/690) * [Nerdtree highlight](https://github.com/scrooloose/nerdtree/issues/433#issuecomment-92590696) ## Oh My Zsh * [brew warning](https://apple.stackexchange.com/questions/297739/repeated-oh-my-zsh-brew-plugin-warnings) ## Terminal * [Size](https://apple.stackexchange.com/questions/173753/how-can-i-set-the-default-width-height-and-position-of-my-mac-terminal-app) ## Go * [Getting Started](https://golang.org/doc/install) * [How to Write Go Code](https://golang.org/doc/code.html#Workspaces) ## GPG * [Backup or transfer your keys](https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/backup-or-transfer-your-keys) * [How To Use GPG on the Command Line](http://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line/) ## OFTC * [SSL](https://www.oftc.net/NickServ/CertFP/#weechat) ## IRC * [Instructions](https://meta.wikimedia.org/wiki/IRC/Instructions) * [Commands](https://github.com/atheme/atheme/wiki/NickServ) ## Weechar * [WeeChat Quick Start Guide](https://weechat.org/files/doc/devel/weechat_quickstart.es.html) ## IRSSI * [Scripts](https://scripts.irssi.org/) * [Themes](https://irssi-import.github.io/themes/) * [Windows](https://superuser.com/questions/657570/irssi-is-simply-ignoring-any-attempt-to-register-of-identify) * [Start-up](https://irssi.org/documentation/startup/) * [Set-up](http://www.antonfagerberg.com/blog/my-perfect-irssi-setup/) ## SSH * [Remember](https://apple.stackexchange.com/questions/254468/macos-sierra-doesn-t-seem-to-remember-ssh-keys-between-reboots) * [Remove](https://stackoverflow.com/questions/25464930/how-to-remove-a-ssh-key) // TODO: move ## Git * [Tutorial](https://www.atlassian.com/git/tutorials/git-log) ## Mutt * [Tutorial](https://wiki.archlinux.org/index.php/Mutt) * [Tutorial on OSX](https://www.cryptomonkeys.com/2015/09/mutt-and-msmtp-on-osx/) * [Tutorial msmtp](https://wiki.archlinux.org/index.php/Msmtp) * [Setting Up Mutt With S/MIME And PGP/MIME](https://pthree.org/2011/09/15/setting-up-mutt-with-smime-and-pgpmime/) by Aaron Toponce * [Setting up encrypted mails using s/mime with mutt](http://whirlpool.blinkenshell.org/pages/using-mutt-and-smime-for-encrypted-mails.html) by whirlpool * [Thawte and Mutt - playing nicely?](http://equiraptor.com/smime_mutt_how-to.html) by equiraptor * [S/MIME and mutt](http://jpvanoosten.nl/blog/2013/12/31/smime-and-mutt/) by JP van Oosten ## ASFD * [Main page](https://asdf-vm.com/#/) ================================================ FILE: invest.md ================================================ # Permissive Action Link * [Permissive Action Link](https://en.wikipedia.org/wiki/Permissive_Action_Link#cite_note-19) * [Supporting Information Physical Cryptographic Verification of Nuclear Warheads](http://www.pnas.org/content/suppl/2016/07/13/1603916113.DCSupplemental/pnas.1603916113.sapp.pdf) by R. Scott Kemp, Areg Danagoulian, Ruaridh R. Macdonald and Jayson R. Vavrek ================================================ FILE: like/communication.md ================================================ # Communication * [Teoría de la comunicación humana](https://catedraepistemologia.files.wordpress.com/2015/09/276081111-teoria-de-la-comunicacion-humana-watzlawick.pdf) por Paul Watzlawick, Janet Beavin Bavelas y Don D. Jackson * [Norbert Wiener](https://www.goinggo.net/) ================================================ FILE: like/things_like.md ================================================ # Things I like To read on daily basic ## Blogs * [Random ASCII](https://randomascii.wordpress.com/) * [Going go programming](https://www.goinggo.net/) * [Geeks for geeks](http://www.geeksforgeeks.org/) * [The Go blog](https://blog.golang.org/) * [Math ∩ Programming](https://jeremykun.com/2014/12/08/a-motivation-for-quantum-computing/) * [All things Seth Mason](http://sethmason.com/) * [Svetlin Ralchev blog](http://blog.ralch.com/tutorial/design-patterns/golang-decorator/) * [nathan leclaire blog](https://nathanleclaire.com/) * [research!rsc](https://research.swtch.com/]) by Russ Cox (really nice) * [Understanding the Montgomery reduction algorithm](https://alicebob.cryptoland.net/understanding-the-montgomery-reduction-algorithm/) by Alice and Bob in Cryptoland * [Use Vim](https://medium.com/usevim/) by Alex R. Young and [more](https://github.com/alexyoung/usevim/tree/master/_posts) * [Dave Cheney Blog](https://dave.cheney.net) by Dave Cheney * [Steve Friedl's Tech Tips] by Steve Friedl ## Explanations * [Numerical Computation Guide](http://docs.oracle.com/cd/E19957-01/806-3568/) * [Bit Twiddling Hacks](http://graphics.stanford.edu/~seander/bithacks.html) by By Sean Eron Anderson * [The Yacas Book of Algorithms](http://yacas.sourceforge.net/Algo.book.pdf) by the Yacas team ## Tutorials * [A vim Tutorial and Primer](https://danielmiessler.com/study/vim) * [Tutorials on Selected C/C++/Linux/UNIX Topics](http://www.augustcouncil.com/~tgibson/tutorial/) ## Maths * [Ken Ward's Mathematics Pages](https://trans4mind.com/personal_development/mathematics/series/sumNaturalNumbers.htm) * [Computers' Math](http://kias.dyndns.org/comath) ## Quatum Physics * [Quantum Frontiers](https://quantumfrontiers.com/) by the Institute for Quantum Information and Matter @ Caltech * [Bubbles bad; Ripples good](https://williewong.wordpress.com/) * [Not Even Wrong](http://www.math.columbia.edu/~woit/wordpress/) * [backreaction](http://backreaction.blogspot.com/) * [Of Particular Significance](https://profmattstrassler.com/) * [Quanta Magazine](https://www.quantamagazine.org/) ## Contests * [The Underhanded C Contest](http://underhanded-c.org/_page_id_5.html) ## To investigate * [Ted Nelson](https://en.wikipedia.org/wiki/Ted_Nelson) * [Programming in Martin-Löf ’s Type Theory](http://www.cse.chalmers.se/research/group/logic/book/book.pdf) by Bengt Nordström, Kent Petersson and Jan M. Smith ## Summer school * [Summer School on real-world crypto and privacy](https://summerschool-croatia.cs.ru.nl/2017/) in Šibenik, Croatia * [Summer School on Post-Quantum Cryptography 2017](https://2017.pqcrypto.org/school/index.html) in Eindhoven, the Netherlands * [Spring School on Lattice-Based Cryptography](https://www.maths.ox.ac.uk/groups/cryptography/spring-school-lattice-based-cryptography) at University of Oxford ## To attend * [Philosophy CMU](http://www.cmu.edu/graduate/academics/guide-to-graduate-degrees-and-programs/college-of-humanities-and-social-sciences-handss.html#Philosophy) * [Maths CMU](http://www.cmu.edu/graduate/academics/guide-to-graduate-degrees-and-programs/mellon-college-of-science-mcs.html#Mathematical Sciences) * [Mathematical and Computational Science Standford](http://exploredegrees.stanford.edu/schoolofhumanitiesandsciences/mathematicalandcomputationalscience/#courseinventory) * [Math Standford](http://exploredegrees.stanford.edu/schoolofhumanitiesandsciences/mathematics/#masterstext) * [Philosophy, minor Standford](http://exploredegrees.stanford.edu/schoolofhumanitiesandsciences/philosophy/#text) * [Sorbonne check](http://vof.paris-sorbonne.fr/fr/index.html) * [MASTER PHILOSOPHIE : HISTOIRE DE LA PHILOSOPHIE, MÉTAPHYSIQUES, PHÉNOMÉNOLOGIE, Sorbonne](http://vof.paris-sorbonne.fr/fr/index/master-XB/sciences-humaines-et-sociales-SHS/master-philosophie-histoire-de-la-philosophie-metaphysiques-phenomenologie-program-mphs1-210.html) * [MASTER PHILOSOPHIE : LOGIQUE, PHILOSOPHIE DES SCIENCES, PHILOSOPHIE DE LA CONNAISSANCE (LOPHISC), Sorbonne](http://vof.paris-sorbonne.fr/fr/index/master-XB/sciences-humaines-et-sociales-SHS/master-philosophie-logique-philosophie-des-sciences-philosophie-de-la-connaissance-lophisc-program-mphs1-213.html) * [MASTER MUSIQUE ET MUSICOLOGIE, Sorbonne](http://vof.paris-sorbonne.fr/fr/index/master-XB/arts-lettres-langues-ALL/master-musique-et-musicologie-program-mmus1-210.html) * [Theoretical and mathematical physics, LMU](http://www.theorie.physik.uni-muenchen.de/TMP/) * [MA in Logic and Philosophy of Science, LMU](http://www.mcmp.philosophie.uni-muenchen.de/students/ma/index.html) * [Epistemology, Ethics & Mind (Online Distance Learning), TUE](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=844) * [Philosophy, TUE](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=286) * [Computer Science, TUE](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=110) * [Cognitive Science, TUE](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=108) * [Computational Applied Mathematics](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=935) * [Algebra & Number Theory](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=509) * [Mathematical Physics](http://www.ed.ac.uk/studying/postgraduate/degrees/index.php?r=site/view&id=513) * [String math 2017](https://stringmath2017.desy.de/) * [Pre-StringMath Summer School](http://grk1670.math.uni-hamburg.de/sms2017/) ## To take now * [Cryptography II by Dan Boneh](http://online.stanford.edu/course/cryptography-2-2014) * [Cyber Security and Executive Strategy](http://online.stanford.edu/course/cyber-security-and-executive-strategy) * [XACS302 - Cyber Security and Executive Strategy](http://scpd.stanford.edu/search/publicCourseSearchDetails.do?method=load&courseId=74276853) * [Cyber Security Graduate Certificate](http://online.stanford.edu/course/cyber-security-graduate-certificate) * [Programming MAX: Structuring Interactive Software for Digital Arts](http://online.stanford.edu/course/programming-max-structuring-interactive-software-digital-arts) * [Using Cryptography Correctly](http://online.stanford.edu/course/using-cryptography-correctly) * [Introduction to Differential Equations and the MATLAB® ODE Suite](https://www.youtube.com/watch?v=ZvL88xqYSak&list=PLUl4u3cNGP63oTpyxCMLKt_JmB0WtSZfG) by MIT * [Mathematics for Computer Science](https://www.youtube.com/watch?v=wfr4XbR5VP8&list=PLUl4u3cNGP60UlabZBeeqOuoLuj_KNphQ&index=3) by MIT * [Computer Systems Security](https://www.youtube.com/watch?v=GqmQg-cszw4&list=PLUl4u3cNGP62K2DjQLRxDNRi0z2IRWnNh) by MIT * [Summer school of PQC](https://videos.2017.pqcrypto.org/school/#lange) * [Introduction to MATLAB Programming](https://www.youtube.com/playlist?list=PLUl4u3cNGP62bMZx9A3DR7V5myByt48CC) by MIT ## Currently * [MIT 18.06 Linear Algebra](https://www.youtube.com/watch?v=ZK3O402wf1c) by MIT * [Mathematics for Computer Science](https://www.youtube.com/watch?v=wIq4CssPoO0&list=PLUl4u3cNGP60UlabZBeeqOuoLuj_KNphQ) by MIT ================================================ FILE: math.md ================================================ ---------------------------------------------------------------------------- # Math ## General * [Earliest Known Uses of Some of the Words of Mathematics (T)](http://jeff560.tripod.com/t.html) * [General](https://trans4mind.com/personal_development/mathematics/) by Ken Ward * [Fundamental theorem of arithmetic](https://en.wikipedia.org/wiki/Fundamental_theorem_of_arithmetic) ## Modular Arithmetic * [Modular addition and subtraction](https://www.khanacademy.org/computing/computer-science/cryptography/modarithmetic/a/modular-addition-and-subtraction) by khanacademy. * [Modular arithmetic](https://en.wikipedia.org/wiki/Modular_arithmetic). Good example of mul. * [Chapter 3. Modular Arithmetic](http://www.doc.ic.ac.uk/~mrh/330tutor/ch03.html) * [Math in Network Security: A Crash Course](http://www.doc.ic.ac.uk/~mrh/330tutor/) * [Modular Arithmetic](http://www.math.cornell.edu/~putnam/modular.pdf) * [Multiplicative order](http://rosettacode.org/wiki/Multiplicative_order) #### Barrett Reduction * [Barret Reduction](https://en.wikipedia.org/wiki/Barrett_reduction) in Wikipedia. * [Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor](http://link.springer.com/chapter/10.1007/3-540-47721-7_24) by Paul Barrett ### Exponentiation * [On the evaluation of powers and related problems](http://diyhpl.us/~bryan/papers2/paperbot/4567910.pdf) by Nicholas Pippenger * [Fast Exponentiation with Precomputation: Algorithms and Lower Bounds](https://www.ccrwest.org/gordon/fast.pdf) by Ernest F. Brickell, Daniel M. Gordon, Kevin S. McCurley, and David B. Wilson * [More Flexible Exponentiation with Precomputation](https://pdfs.semanticscholar.org/8602/62b900a1493688e96a41b4545d8c50a0a86f.pdf) by Chae Hoon Lim and Pil Joong Lee ### Square Root * [Faster Square Roots in Annoying Finite Fields](http://cr.yp.to/papers/sqroot.pdf) by Daniel Bernstein * [Inverse square root](https://en.wikipedia.org/wiki/Fast_inverse_square_root#cite_note-21) ### Inverse Square Root * [Algorithm](http://martin-weusten.de/wp-content/uploads/2011/03/carmack.c) * [Fast inverse square root](https://en.wikipedia.org/wiki/Fast_inverse_square_root) ### Multiplication * [Analyzing and Comparing Montgomery Multiplication Algorithms](http://dl.acm.org/citation.cfm?id=624011) by Çetin Kaya Koç, Tolga Acar and Burton S. Kaliski, Jr. ### Sieve * [The Genuine Sieve of Eratosthenes](https://www.cs.hmc.edu/~oneill/papers/Sieve-JFP.pdf) by Melissa E. O’Neill ### Elementary Computer Mathematics * [Computer Maths](http://kias.dyndns.org/comath/text.html) by Kenneth R. Koehler. ### Montgomery Ladder * [The Montgomery Powering Ladder](https://cr.yp.to/bib/2003/joye-ladder.pdf) by Marc Joye and Sung-Ming Yen * [Explanation by D.J.B](https://www.ietf.org/mail-archive/web/cfrg/current/msg05004.html) ## Group Theory * [Introduction to Group Theory](http://dogschool.tripod.com/) by Dog School of Mathematics ## Interesting * [Möbius strip](https://en.wikipedia.org/wiki/M%C3%B6bius_strip) ### Sequences * [Sequences and Their Applications](https://books.google.com.ec/books?id=wDZqCQAAQBAJ&printsec=frontcover#v=onepage&q&f=false) by SETA 2010 * [Codes and designs](https://books.google.com.ec/books?id=E62qwfwLJpsC&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false) by De Gruyter ## Implementation * [Jacobi and sqrt](https://github.com/dedis/crypto/tree/master/math) ### Reduction * [Fast reduction](http://www.acsel-lab.com/arithmetic/arith18/papers/ARITH18_Hasenplaugh.pdf) * [Reduction (mathematics)](https://en.wikipedia.org/wiki/Reduction_(mathematics)) * [Understanding the Montgomery reduction algorithm](https://alicebob.cryptoland.net/understanding-the-montgomery-reduction-algorithm/) by Alice and Bob in Cryptoland ## Information Theory * [Communication Theory of Secrecy Systems](http://netlab.cs.ucla.edu/wiki/files/shannon1949.pdf) by Shannon. * [Unicity points in cryptanalysis](http://www.tandfonline.com/doi/abs/10.1080/0161-117791832797?journalCode=ucry20) by C.A Devavours. ## Algebra * [College Algebra](http://www.mathsisfun.com/algebra/index-college.html) ## Courses * [Several from Hausdorff Center for Mathematics](https://www.youtube.com/channel/UC2F-j2KMho0zVWIPFKWoXoA) ================================================ FILE: messaging.md ================================================ # Messaging-Communtication protocols ## XMPP * [XEP-0205: Best Practices to Discourage Denial of Service Attacks](https://xmpp.org/extensions/xep-0205.html) by Peter Saint-Andre * [Extensible Messaging and Presence Protocol (XMPP): Core](https://tools.ietf.org/html/rfc6120) by P. Saint-Andre * [Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence](https://tools.ietf.org/html/rfc6121) by P. Saint-Andre * [Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence](https://www.rfc-editor.org/rfc/rfc6121.txt) by P. Saint-Andre * [XEP-0148: Instant Messaging Intelligence Quotient (IM IQ)](https://xmpp.org/extensions/xep-0148.html) by P. Saint-Andre ## GTK * [GTK+](https://wiki.archlinux.org/index.php/GTK%2B) * [gnome-icon-theme](https://github.com/GNOME/gnome-icon-theme) * [bundle for gtk](https://github.com/jralls/gtk-mac-bundler) * [bundle for gtk 2](https://github.com/jessevdk/gtk-mac-bundler) ================================================ FILE: pets/2017.md ================================================ # PETS 2017 papers * [To Permit or Not to Permit, That is the Usability Question: Crowdsourcing Mobile Apps’ Privacy Permission Settings](https://petsymposium.org/2017/papers/issue4/paper31-2017-4-source.pdf) by Qatrunnada Ismail, Tousif Ahmed, Kelly Caine, Apu Kapadia, and Michael Reiter. [*] Presented by [Qatrunnada Ismail](http://private.soic.indiana.edu/people_old/qatrunnada-ismail/) Interesting references: * [Usability tool](http://www.privacygrade.org/) * Crowdsourced exploration of security configurations. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems. ACM, 467– 476 by Qatrunnada Ismail, Tousif Ahmed, Apu Kapadia, and Michael K Reiter. 2015. * Single Ease Question [SEQ] and System Usability Scale [SUS] * [Measuring Usability With The System Usability Scale (SUS)]( https:/www.measuringu.com/sus.php) by Jeff Sauro. * [10 Things To Know About The Single Ease Question (SEQ)] (http://www.measuringu.com/blog/) by Jeff Sauro. * Privacy as part of the app decision-making process In 2013 ACM Conference on Human Factors in Computing Systems. 3393–3402, by Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. * [A tool for reverse engineering Android apk files] (https://ibotpeaches.github.io/Apktool/) by Ryszard Wi´sniewski Connor Tumbleson. 2015. * [Requesting Permissions on Android] (https://developer.android.com/guide/topics/permissions/requesting.html) * [Look Before You Authorize: Using Eye-Tracking To Enforce User Attention Towards Application Permissions](https://petsymposium.org/2017/papers/issue2/paper08-2017-2-source.pdf) by Yousra Javed and Mohamed Shehab [*] Presented by [Yousra Javed](https://scholar.google.com/citations?user=hoxGszUAAAAJ&hl=en) Interesting references: * [Facebook login flow](http://www.cmcm.com/blog/2014-08-07/348.html) * M. S. Rahman, T.-K. Huang, H. V. Madhyastha, and M. Faloutsos. Frappe: detecting malicious facebook applications. In Proceedings of the 8th international conference on Emerging networking experiments and technologies. ACM, 2012. * M. J. Kalsher and K. J. Williams. Behavioral compliance: Theory, methodology, and results. Handbook of warnings, 2006. * B. B. Anderson, C. B. Kirwan, J. L. Jenkins, D. Eargle, S. Howard, and A. Vance. How polymorphic warnings reduce habituation in the brain–insights from an fmri study. In CHI. ACM, 2015. * C. Bravo-Lillo, L. Cranor, S. Komanduri, S. Schechter, and M. Sleeper. Harder to ignore? revisiting pop-up fatigue and approaches to prevent it. In 10th Symposium On Usable Privacy and Security (SOUPS 2014), Menlo Park, CA, July 2014. USENIX Association. * C. Bravo-Lillo, S. Komanduri, L. F. Cranor, R. W. Reeder, M. Sleeper, J. Downs, and S. Schechter. Your attention please: Designing security- decision uis to make genuine risks harder to ignore. In Proceedings of the Ninth Symposium on Usable Privacy and Security, SOUPS ’13, New York, NY, USA, 2013. ACM. * S. Egelman. My profile is my password, verify me!: the privacy/convenience tradeoff of facebook connect. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ACM, 2013 * M. Harbach, M. Hettig, S. Weber, and M. Smith. Using personal examples to improve risk communication for security privacy decisions. In Proceedings of the 32Nd Annual ACM Conference on Human Factors in Computing Systems, CHI ’14, New York, NY, USA, 2014. ACM. * [Why Privacy Is All But Forgotten](https://petsymposium.org/2017/papers/issue4/paper21-2017-4-source.pdf) by Kovila P.L. Coopamootoo* and Thomas Groß Presented by [Kovila P.L. Coopamootoo](https://scholar.google.com/citations?user=yg0HAJoAAAAJ&hl=en) Interesting references: * I. Altman, A. Vinsel, and B. B. Brown. Dialectic conceptions in social psychology: An application to social penetration and privacy regulation. Advances in experimental social psychology, 1981. * V. Derlega, S. Metts, S. Petronio, and S. Margulis. Sage series on close relationships. self-disclosure, 1993. * S. M. Jourard. The transparent self. Van Nostrand Reinhold (Trade), 1971. * A. Acquisti and J. Grossklags. Privacy and rationality in individual decision making. IEEE Security & Privacy, 2005. * [Cross-Cultural Privacy Prediction](https://petsymposium.org/2017/papers/issue2/paper28-2017-2-source.pdf) by Yao Li, Alfred Kobsa, Bart P. Knijnenburg, and M-H. Carolyn Nguyen Presented by [Yao Li](https://www.researchgate.net/profile/Yao_Li12) Interesting references: * A. Acquisti and J. Grossklags. Privacy Attitudes and Privacy Behavior. In L. Camp and S. Lewis, editors, Economics of Information Security, volume 12 of Advances in Information Security. Springer US, 2004. * G. Hofstede and M. H. Bond. Hofstede’s Culture Dimensions An Independent Validation Using Rokeach’s Value Survey. Journal of Cross-Cultural Psychology, Dec. 1984. * [Social Engineering Attacks on Government Opponents: Target Perspectives](https://petsymposium.org/2017/papers/issue2/paper51-2017-2-source.pdf) by William R. Marczak and Vern Paxson [*] Presented by [William R. Marczak](https://people.eecs.berkeley.edu/~wrm/) [*] Interesting references: * Tibet Action Institute, “Detach From Attachments!” Dec. 2011, accessed: 23-May-2016. [Online]. Available: https://vimeo.com/32992617 * H. Choi, B. B. Zhu, and H. Lee, “Detecting malicious web links and identifying their attack types.” USENIX Conference on Web Application Development 2011, 2011. [Online]. Available: http://research.microsoft.com/apps/pubs/default.aspx?id=193308 * S. Afroz and R. Greenstadt, “Phishzoo: Detecting phishing websites by looking at them,” in Fifth IEEE International Conference on Semantic Computing (ICSC). IEEE, 2011. * “Reflecting on Ten Years of Practice: The Challenges of Digital Security Training for Human Rights Defenders.” Tactical Technology Collective, accessed: 30-August-2016. [Online]. Available: https://secresearch.tacticaltech.org/reflecting-onten- years-of-work-the-challenges-of-digital-security-trainingfor- human-rights-defenders * A. J. Aviv, K. Gibson, E. Mossop, M. Blaze, and J. M. Smith, “Smudge Attacks on Smartphone Touch Screens,” in ACM CCS, 2009. * [A Usability Evaluation of Tor Launcher](https://petsymposium.org/2017/papers/issue3/paper2-2017-3-source.pdf) by Linda Lee, David Fifield, Nathan Malkin, Ganesh Iyer, Serge Egelman, and David Wagner [*] Presented by [Linda Lee](https://www.linkedin.com/in/lindanaeunlee/) Interesting references: * C. Wharton, J. Rieman, C. Lewis, and P. Polson. The cognitive walkthrough method: A practitioner’s guide. In Usability inspection methods. John Wiley & Sons, Inc., 1994. * [The Onion Name System](https://petsymposium.org/2017/papers/issue1/paper05-2017-1-source.pdf) by Jesse Victors, Ming Li, and Xinwen Fu Presented by [Jesse Victors](https://www.jessevictors.com/) [*] Interesting references: * John Brooks, Anonymous peer-to-peer instant messaging, https://github.com/ricochet-im/ricochet, 2016. * katmagic, Shallot, https://github.com/katmagic/Shallot, 2012. * Simon Nicolussi, Human-readable names for tor hidden services, Bachelor thesis, Leopold–Franzens–Universitat Innsbruck, Institute for Computer Science, 2011, http://www.sinic.name/docs/bachelor.pdf. * Daniel J Bernstein, Dnscurve: Usable security for dns, http://dnscurve.org/, 2009. * Matthias Wachs, Martin Schanzenbach, and Christian Grothoff, A censorship-resistant, privacy-enhancing and fully decentralized name system, Cryptology and Network Security, Springer, 2014. * Colin Percival and Simon Josefsson, The scrypt passwordbased key derivation function, Tech. report, September 2012, https://tools.ietf.org/html/draft-josefsson-scryptkdf-00. * [Waterfilling: Balancing the Tor network with maximum diversity](https://petsymposium.org/2017/papers/issue1/paper05-2017-1-source.pdf) by Florentin Rochet and Olivier Pereira Presented by [Florentin Rochet](https://www.jessevictors.com/) [*] Interesting references: * G. O’Gorman and S. Blott. Improving stream correlation attacks on anonymous networks. In Proceedings of the 2009 ACM symposium on Applied Computing. ACM, 2009. * R. Dingledine, N. Mathewson, S. Murdock, and P. Syverson. Tor: The second generation onion router (2014 draft v1), 2014. * A. Johnson, C. Wacek, R. Jansen, M. Sherr, and P. Syverson. Users get routed: Traffic correlation on tor by realistic adversaries. In Proceedings of the 20th ACM conference on Computer and Communications Security (CCS 2013), November 2013. * B. N. Levine, M. K. Reiter, C. Wang, and M. K. Wright. Timing attacks in low-latency mix-based systems. In A. Juels, editor, Proceedings of Financial Cryptography (FC’04). Springer-Verlag, LNCS 3110, February 2004. * V. Shmatikov and M.-H. Wang. Timing analysis in lowlatency mix networks: Attacks and defenses. In Proceedings of ESORICS 2006, September 2006. * P. Mittal, A. Khurshid, J. Juen, M. Caesar, and N. Borisov. Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In Proceedings of the 18th ACM conference on Computer and Communications Security (CCS 2011), October 2011. * J. L. Massey. Guessing and entropy. In In Proceedings of the 1994 IEEE International Symposium on Information Theory, 1994. * P. Syverson, G. Tsudik, M. Reed, and C. Landwehr. Towards an Analysis of Onion Routing Security. In H. Federrath, editor, Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability. Springer-Verlag, LNCS 2009. * M. Akhoondi, C. Yu, and H. V. Madhyastha. LASTor: A Low-Latency AS-Aware Tor Client. In Proceedings of the 2012 IEEE Symposium on Security and Privacy, May 2012. * A. Pfitzmann and M. Hansen. Anonymity, unobservability, and pseudonymity: A consolidated proposal for terminology. Draft, July 2000. * C. E. Shannon. A mathematical theory of communication. ACM SIGMOBILE Mobile Computing and Communications Review, 2001. * [PeerFlow: Secure Load Balancing in Tor](https://petsymposium.org/2017/papers/issue2/paper12-2017-2-source.pdf) by Aaron Johnson, Rob Jansen, Nicholas Hopper, Aaron Segal and Paul Syverson Presented by [Aaron Johnson](https://scholar.google.com/citations?user=5IC7dwMAAAAJ&hl=en) Interesting references: * Bandwidth scanner spec. https://gitweb.torproject. org/torflow.git/blob_plain/HEAD:/NetworkScanners/BwAuthority/README.spec.txt * Mike Perry. TorFlow: Tor network analysis. In HotPETs, 2009. * [TagIt:Tagging Network Flows using Blind Fingerprints](https://petsymposium.org/2017/papers/issue4/paper66-2017-4-source.pdf) by Fatemeh Rezaei and Amir Houmansadr Presented by [Fatemeh Rezaei](https://www.linkedin.com/in/fatemeh-rezaei-8a745940) [*] Interesting references: * A. Houmansadr and N. Borisov. The need for flow fingerprints to link correlated network flows. In Privacy Enhancing Technologies - 13th International Symposium, PETS 2013, Bloomington, IN, USA, July 10-12, 2013. * Y. Zhang and V. Paxson. Detecting stepping stones. In 9th USENIX Security Symposium, Denver, Colorado, USA, August 14-17, 2000, 2000. * G. Danezis. The traffic analysis of continuous-time mixes. In Privacy Enhancing Technologies, 4th International Workshop, PET 2004, Toronto, Canada, May 26-28, 2004, Revised Selected Papers, 2004. * A. Houmansadr and N. Borisov. SWIRL: A scalable watermark to detect correlated network flows. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February - 9th February 2011, 2011. * A. Houmansadr and N. Borisov. The need for flow fingerprints to link correlated network flows. In Privacy Enhancing Technologies - 13th International Symposium, PETS 2013, Bloomington, IN, USA, July 10-12, 2013.Proceedings, 2013. * Y. Zhang and V. Paxson. Detecting stepping stones. In 9th USENIX Security Symposium, Denver, Colorado, USA, August 14-17, 2000, 2000. * A. Blum, D. X. Song, and S. Venkataraman. Detection of interactive stepping stones: Algorithms and confidence bounds. In Recent Advances in Intrusion Detection: 7th International Symposium, RAID 2004, Sophia Antipolis. France, September 15-17, 2004. Proceedings, 2004. * [Wiretapping End-to-End Encrypted VoIP Calls: Real-World Attacks on ZRTP](https://petsymposium.org/2017/papers/issue3/paper01-2017-3-source.pdf) by Dominik Schürmann, Fabian Kabus, Gregor Hildermeier, and Lars Wolf Presented by [Dominik Schürmann](https://github.com/dschuermann) [*] Interesting references: * P. Zimmermann, A. Johnston, and J. Callas. ZRTP: Media Path Key Agreement for Unicast Secure RTP. RFC 6189 (Informational), April 2011. * Y. Zhang and V. Paxson. Detecting stepping stones. In 9th USENIX Security Symposium, Denver, Colorado, USA, August 14-17, 2000, 2000. * IETF. SIP Working Group. https://datatracker.ietf.org/wg/sip/, July 2009. * Riccardo Bresciani and Andrew Butterfield. ProVerif analysis of the ZRTP protocol. International Journal for Infonomics (IJI), 3(3), 2010. * Martin Petraschek, Thomas Hoeher, Oliver Jung, Helmut Hlavacs, and Wilfried Gansterer. Security and Usability Aspects of Man-in-the-Middle Attacks on ZRTP. Journal of Universal Computer Science, 2008. * [PathShuffle: Credit Mixing and Anonymous Payments for Ripple](https://petsymposium.org/2017/papers/issue3/paper21-2017-3-source.pdf) by Pedro Moreno-Sanchez, Tim Ruffing, and Aniket Kate Presented by [Pedro Moreno-Sanchez](https://www.cs.purdue.edu/homes/pmorenos/) Interesting references: * Red. Introducing Goodwill. Post in Ripple Forum. https: //forum.ripple.com/viewtopic.php?t=2895. * Das, S. Ripple blockchain payment from Canada to Germany takes 20 seconds. https://www.cryptocoinsnews.com/rippleblockchain- payment-transfer. * Moreno-Sanchez, P., Kate, A., Maffei, M., and Pecina, K. Privacy preserving payments in credit networks. In NDSS’15. * [Hardening Stratum, the Bitcoin Pool Mining Protocol](https://petsymposium.org/2017/papers/issue3/paper14-2017-3-source.pdf) by Ruben Recabarren and Bogdan Carbunar Presented by [Ruben Recabarren](https://users.cs.fiu.edu/~carbunar/) Interesting references: * Philip Koshy, Diana Koshy, and Patrick McDaniel. An analysis of anonymity in bitcoin using p2p network traffic. In International Conference on Financial Cryptography and Data Security. Springer, 2014. * Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. A fistful of bitcoins: Characterizing payments among men with no names. In Proceedings of the 2013 Conference on Internet Measurement Conference, 2013. * Elli Androulaki, Ghassan Karame, Marc Roeschlin, Tobias Scherer, and Srdjan Capkun. Evaluating user privacy in bitcoin. In Proceedings of the Financial Cryptography and Data Security, 2013. * Ian Miers, Christina Garman, Matthew Green, and Aviel D. Rubin. Zerocoin: Anonymous distributed e-cash from bitcoin. In Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013. * Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. Zerocash: Decentralized anonymous payments from bitcoin. In Proceedings of the Symposium on Security and Privacy, 2014. * Joseph Bonneau, Arvind Narayanan, Andrew Miller, Jeremy Clark, Joshua A Kroll, and Edward W Felten. Mixcoin: Anonymity for bitcoin with accountable mixes. In Proceedings of the International Conference on Financial Cryptography and Data Security, 2014. * [DeltaShaper: Enabling Unobservable Censorship-resistant TCP Tunneling over Videoconferencing Streams](https://petsymposium.org/2017/papers/issue4/paper15-2017-4-source.pdf) by Diogo Barradas, Nuno Santos, and Luís Rodrigues. [*] Presented by [Diogo Barradas](http://web.tecnico.ulisboa.pt/diogo.barradas/) [*] Interesting references: * A. Houmansadr, T. J. Riedl, N. Borisov, and A. C. Singer, “I want my voice to be heard: IP over Voice-over-IP for unobservable censorship circumvention.” in Proceedings of the 20th Annual Network & Distributed System Security Symposium, San Diego, CA, USA, 2013. * K. Kohls, T. Holz, D. Kolossa, and C. Pöpper, “SkypeLine: Robust hidden data transmission for VoIP,” in Proceedings of the 2016 ASIA Computer and Communications Security, Xi’an, China, 2016. * Crowdsourced exploration of security configurations. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems. ACM, 467– 476 by Qatrunnada Ismail, Tousif Ahmed, Apu Kapadia, and Michael K Reiter. 2015. * H. Moghaddam, B. Li, M. Derakhshani, and I. Goldberg, “Skypemorph: Protocol obfuscation for Tor bridges,” in Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, NC, USA, 2012. * J. Geddes, M. Schuchard, and N. Hopper, “Cover your acks: Pitfalls of covert channel censorship circumvention,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, Berlin, Germany, 2013. * S. Li, M. Schliep, and N. Hopper, “Facet: Streaming over videoconferencing for censorship circumvention,” in Proceedings of the 13th Workshop on Privacy in the Electronic Society, Scottsdale, AZ, USA, 2014. * R. McPherson, A. Houmansadr, and V. Shmatikov, “Covertcast: Using live streaming to evade internet censorship,” in Proceedings on Privacy Enhancing Technologies, vol. 2016, no. 3, Darmstadt, Germany, 2016. * S. Li, M. Schliep, and N. Hopper, “Facet: Streaming over videoconferencing for censorship circumvention,” in Proceedings of the 13th Workshop on Privacy in the Electronic Society, Scottsdale, AZ, USA, 2014. * [Topics of Controversy: An Empirical Analysis of Web Censorship Lists](https://petsymposium.org/2017/papers/issue1/paper06-2017-1-source.pdf) by Zachary Weinberg, Mahmood Sharif, Janos Szurdi, and Nicolas Christin Presented by [Zachary Weinberg](https://github.com/zackw) [*] Interesting references: * The OpenNet Initiative. URL testing lists. Git repository. * Berkman Center for Internet and Society. Herdict: help spot web blockages. Web site. * Abdelberi Chaabane, Terence Chen, Mathieu Cunche, Emiliano De Cristofaro, Arik Friedman, and Mohamed Ali Kaafar. “Censorship in the Wild: Analyzing Internet Filtering in Syria.” Internet Measurement Conference. ACM. 2014. * Jeffrey Knockel, Jedidiah R Crandall, and Jared Saia. “Three Researchers, Five Conjectures: An Empirical Analysis of TOM-Skype Censorship and Surveillance.” Free and Open Communications on the Internet. USENIX. 2011. * Nicholas Aase, Jedidiah R. Crandall, Álvaro Díaz, Jeffrey Knockel, Jorge Ocaña Molinero, Jared Saia, Dan Wallach, and Tao Zhu. “Whiskey, Weed, and Wukan on the World Wide Web: On Measuring Censors’ Resources and Motivations.” Free and Open Communications on the Internet. USENIX. 2012. * Zubair Nabi. “The Anatomy of Web Censorship in Pakistan.” Free and Open Communications on the Internet. USENIX. 2013. * Jedidiah R. Crandall, Daniel Zinn, Michael Byrd, Earl Barr, and Rich East. “ConceptDoppler: A Weather Tracker for Internet Censorship.” Computer and Communications Security. ACM. 2007. * Tao Zhu, David Phipps, Adam Pridgen, Jedidiah R. Crandall, and Dan S. Wallach. “The Velocity of Censorship: High-Fidelity Detection of Microblog Post Deletions.” USENIX Security Symposium. USENIX. 2013. * Simurgh Aryan, Homa Aryan, and J. Alex Halderman. “Internet Censorship in Iran: A First Look.” Free and Open Communications on the Internet. USENIX. 2013. * Sheharbano Khattak, Mobin Javed, Syed Ali Khayam, Zartash Afzal Uzmi, and Vern Paxson. “A Look at the Consequences of Internet Censorship Through an ISP Lens.” Internet Measurement Conference. ACM. 2014. * Jeffrey Knockel, Jedidiah R Crandall, and Jared Saia. “Three Researchers, Five Conjectures: An Empirical Analysis of TOM-Skype Censorship and Surveillance.” Free and Open Communications on the Internet. USENIX. 2011. * Taha Yasseri, Anselm Spoerri, Mark Graham, and János Kertész. “The Most Controversial Topics in Wikipedia: A multilingual and geographical analysis.” Global Wikipedia: International and cross-cultural issues in online collaboration. Ed. by Pnina Fichman and Noriko Hara. Rowman & Littlefield, 2014. * Joseph Henrich, Steven J. Heine, and Ara Norenzayan. “The weirdest people in the world?” Behavioral and Brain Sciences 33.2–3 (June 2010). * [Certificate Transparency with Privacy](https://petsymposium.org/2017/papers/issue4/paper69-2017-4-source.pdf) by Saba Eskandarian, Eran Messeri, Joseph Bonneau, and Dan Boneh [*] Presented by [Saba Eskandarian](https://github.com/SabaEskandarian) [*] Interesting references: * Andrew Whalley. Distrusting wosign and startcom certificates, 2016. security.googleblog.com/2016/10/distrustingwosign-and-startcom.html. * B. Laurie, A. Langley, and E. Kasper. Certificate transparency. RFC 6962, June 2013. * Emin Topalovic, Brennan Saeta, Lin shung Huang, Collin Jackson, and Dan Boneh. Towards short-lived certificates. In W2SP, 2012. * Jan Camenisch and Anna Lysyanskaya. A signature scheme with efficient protocols. In Security in Communication Networks, Third International Conference, SCN 2002, Amalfi, Italy, September 11-13, 2002. Revised Papers, 2002. * Dan Boneh, Xavier Boyen, and Hovav Shacham. Short group signatures. In Advances in Cryptology - CRYPTO 2004, 24th Annual International CryptologyConference, Santa Barbara, California, USA, August 15-19, 2004, Proceedings, 2004. * Jan Camenisch and Anna Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In Advances in Cryptology - CRYPTO 2004, 24th Annual International CryptologyConference, Santa Barbara, California, USA, August 15-19, 2004, Proceedings, 2004. * Emin Topalovic, Brennan Saeta, Lin shung Huang, Collin Jackson, and Dan Boneh. Towards short-lived certificates. In W2SP, 2012. * Sarah Meiklejohn, C. Christopher Erway, Alptekin Küpçü, Theodora Hinkle, and Anna Lysyanskaya. ZKPDL: A language-based system for efficient zero- knowledge proofs and electronic cash. In 19th USENIX Security Symposium, Washington, DC, USA, August 11-13, 2010, Proceedings, 2010. ================================================ FILE: problems-libs.md ================================================ # Problems in some libs ## Pidgin-otr * [nls.m4](https://github.com/hbons/sparkleshare/issues/176) * [perl module](http://mynixworld.info/2014/02/17/xmlparser-perl-module-required-intltool/) ================================================ FILE: programming.md ================================================ ---------------------------------------------------------------------------- # Programming ## General ### Turing * [Computer Machinery and Intelligece](https://www.csee.umbc.edu/courses/471/papers/turing.pdf) by Alan Turing ### Words * [Word](https://en.wikipedia.org/wiki/Word_(computer_architecture)) ### ExpMod * [David Neto's code page](http://www.cs.utoronto.ca/~neto/code/fastexp.scm): Scheme and Ideal Turing * [Bitwise operators (Python)](https://wiki.python.org/moin/BitwiseOperators) ### Floating point * [Gustavo's IEEE-754 Brain Teaser](https://www.goinggo.net/2013/08/gustavos-ieee-754-brain-teaser.html) by William Kennedy * [IEEE Standard 754 Floating Point Numbers](http://steve.hollasch.net/cgindex/coding/ieeefloat.html) by Steve Hollasch * [Comparing Floating Point Numbers, 2012 Edition](https://randomascii.wordpress.com/2012/02/25/comparing-floating-point-numbers-2012-edition/) by randomASCII * [Example: Converting to Float](http://class.ece.iastate.edu/arun/CprE281_F05/ieee754/ie5.html) * [What Every Programmer Should Know About Floating-Point Arithmetic or Why don’t my numbers add up?](http://floating-point-gui.de/) * [What Every Computer Scientist Should Know About Floating-Point Arithmetic](http://docs.oracle.com/cd/E19957-01/806-3568/ncg_goldberg.html) ### Duck Typing * [General](https://en.wikipedia.org/wiki/Duck_typing) ### Multiplication * [Efficient Arithmetic on Koblitz Curves](http://computacion.cs.cinvestav.mx/~armfaz/res/soli2000.pdf) by Solinas ### Functions * [Variadic function](https://en.wikipedia.org/wiki/Variadic_function) ### Algorithms * [The Yacas Book of Algorithms](http://yacas.sourceforge.net/Algo.book.pdf) by the Yacas team ### Data representation * [Hexadecimal Floating-Point Constants](http://www.exploringbinary.com/hexadecimal-floating-point-constants/) by Rick Regan  * [A Tutorial on Data Representation: Integers, Floating-point Numbers, and Characters](https://www3.ntu.edu.sg/home/ehchua/programming/java/datarepresentation.html) ## Padding * [Structure Member Alignment, Padding and Data Packing](http://www.geeksforgeeks.org/structure-member-alignment-padding-and-data-packing/) ## Bits * [Multiplication of Binary Integers](http://www4.wittenberg.edu/academics/mathcomp/shelburne/comp255/notes/binarymultiplication) * [Binary Arithmetic](https://www.swarthmore.edu/NatSci/echeeve1/Ref/BinaryMath/BinaryMath.html) * [Multiplication in binary](http://www.xilinx.com/univ/teaching_materials/dsp_primer/sample/lecture_notes/FPGAArithmetic_mult.pdf) * [Binary Multiply - Repeated Shift and Add](https://courses.cs.vt.edu/~cs1104/BuildingBlocks/multiply.040.html) * [Lecture 8: Binary Multiplication & Division](https://www.cs.utah.edu/~rajeev/cs3810/slides/3810-08.pdf) * [Bit field](https://en.wikipedia.org/wiki/Bit_field) * [Masking](https://en.wikipedia.org/wiki/Mask_(computing)) * [Least significant bit](https://en.wikipedia.org/wiki/Least_significant_bit) * [Ancient Egyptian multiplication](https://en.wikipedia.org/wiki/Ancient_Egyptian_multiplication) * [Binary Arithmetic](http://courseweb.stthomas.edu/tpsturm/private/notes/qm300/ARITH.html) * [Biased Notation](http://www.cs.uwm.edu/classes/cs315/Bacon/Lecture/HTML/ch04s14.html) * [Computer Science 315 Lecture Notes](http://www.cs.uwm.edu/classes/cs315/Bacon/Lecture/HTML/) * [Bit Manipulation](https://www.hackerearth.com/practice/notes/bit-manipulation/) * [Advanced bit manipulation-fu](http://realtimecollisiondetection.net/blog/?p=78) * [The bit twiddler](http://bits.stephan-brumme.com/) * [The Aggregate Magic Algorithms](http://aggregate.org/MAGIC/) * [How to "Build" a Computer](http://www.cs.umd.edu/class/sum2003/cmsc311/Notes/) * [Binary Subtraction](https://courses.cs.vt.edu/~cs1104/BuildingBlocks/arithmetic.040.html) * [Bit Twiddling Hacks](http://graphics.stanford.edu/~seander/bithacks.html) by By Sean Eron Anderson * [Binary Arithmetic](http://www.sciencedirect.com/science/article/pii/S0065245808606105?np=y&npKey=6d6b4e76e7539ace948e93c0cdce662ad3cb10a25a870feadfddd0ce6cd5624e) by George W. Reitwiesner * [Encoding](https://developers.google.com/protocol-buffers/docs/encoding) * [The Base16, Base32, and Base64 Data Encodings](https://tools.ietf.org/html/rfc3548) by S. Josefsson ### Constant Time * [Golang](https://golang.org/src/crypto/subtle/constant_time.go) * [Selection algorithm](https://en.wikipedia.org/wiki/Selection_algorithm) * [Time Bounds for Selection](http://people.csail.mit.edu/rivest/pubs/BFPRT73.pdf) by Manuel Blum, Robert W. Floyd, Vaughan Pratt, Ronald L. Rivest, and Robert E. Tarjan. ## ANSI * [ANSI C](https://en.wikipedia.org/wiki/ANSI_C) ## Golang ### General * [The Go Blog](https://blog.golang.org/) * [Open My Mind](http://openmymind.net/) by Karl Seguin. * [Go Playground](https://play.golang.org/) * [Useful resources](https://github.com/golang/go/wiki#getting-started-with-go) * [Go Cheat Sheet](https://github.com/a8m/go-lang-cheat-sheet) ### Naming * [What's in a name?](https://talks.golang.org/2014/names.slide#1) by Andrew Gerrand * [Name](https://golang.org/doc/effective_go.html#names) by Effective Go * [Package names](https://blog.golang.org/package-names) * [Some questions](http://stackoverflow.com/questions/38616687/which-way-to-name-a-function-in-go-camelcase-or-semi-camelcase) ### Books * [An Introduction to Go Programming](https://www.golang-book.com/books/intro) ### Init * [Init functions in Go](https://medium.com/golangspec/init-functions-in-go-eac191b3860a#.otult17d4) by Michał Łowicki ### Data Structures * [Go Data Structures](http://research.swtch.com/godata) * [Collection Functions](https://gobyexample.com/collection-functions) ### Strings * [Access to the unicode and convert to string](http://stackoverflow.com/questions/19231506/go-golang-access-string-as-character-value) * [Count](https://golang.org/src/strings/strings.go?s=1960:1989#L67) ### Types * [Understanding Type in Go](https://www.goinggo.net/2013/07/understanding-type-in-go.html) * [Understanding Golang Type System](https://thenewstack.io/understanding-golang-type-system/) by shiju varghese * [Type identity](https://golang.org/ref/spec#Type_identity) ### Params * [Optional Parameters?](http://stackoverflow.com/questions/2032149/optional-parameters) * [Trigger error with number of params](http://stackoverflow.com/questions/37270743/is-it-possible-to-trigger-compile-time-error-with-custom-library-in-golang) * [Self-referential functions and the design of options](https://commandcenter.blogspot.com.au/2014/01/self-referential-functions-and-design.html) by Rob Pike ### Convert * [Rune to Int](http://stackoverflow.com/questions/21322173/convert-rune-to-int) * [strconv](https://golang.org/pkg/strconv/) * [Don't abuse math.Max / math.Min](http://mrekucci.blogspot.com/2015/07/dont-abuse-mathmax-mathmin.html) ### Arrays and slices * [Controlling Array Growth in Golang](http://openmymind.net/Controlling-Array-Growth-In-Golang/) by Karl Seguin * [Arrays, Slices and Maps](https://www.golang-book.com/books/intro/6) * [Arrays, slices (and strings): The mechanics of 'append'](https://blog.golang.org/slices) * [Go Slices: usage and internals](https://blog.golang.org/go-slices-usage-and-internals) * [SliceTricks](https://github.com/golang/go/wiki/SliceTricks) * [Multi-dimesional arrays](https://www.tutorialspoint.com/go/go_multi_dimensional_arrays.htm) ### ForLoop * [Control structures - Go for loop, break, continue, range](http://golangtutorials.blogspot.com/2011/06/control-structures-go-for-loop-break.html) ### Go Check * [GoCheck](https://github.com/go-check/check) * [Language Specification](https://golang.org/ref/spec#Conversions) * [Checkers](https://github.com/go-check/check/blob/v1/checkers.go) ### Go Vendor * [Govendor CheatSheet](https://github.com/kardianos/govendor/wiki/Govendor-CheatSheet) ### Type Assertions * [Language Specification](https://golang.org/ref/spec#Type_assertions) ### Shift * [Constant literal](http://stackoverflow.com/questions/38806491/why-doesnt-left-bit-shifting-by-64-overflow-in-golang) * [Go << and >> operators](http://stackoverflow.com/questions/5801008/go-and-operators) * [What does the >>= operator do in golang?](http://stackoverflow.com/questions/32933333/what-does-the-operator-do-in-golang) * [What does a >> mean in Go language?](http://stackoverflow.com/questions/9797431/what-does-a-mean-in-go-language) * [Invalid operation: shift of type float64](http://stackoverflow.com/questions/24865339/invalid-operation-shift-of-type-float64) ### Conversions * [A Guide to Types and Casting in Golang](http://blog.stoneriverelearning.com/a-guide-to-types-and-casting-in-golang/) by Gerard Millares * [GoLang interface{} - 2 type conversions, type assertions, type switches](http://golang-basic.blogspot.com/2014/06/golang-interface-2-type-conversions.html) by Swati Soni * [From reader to string](http://stackoverflow.com/questions/9644139/from-io-reader-to-string-in-go) ### Constants * [iota: Elegant Constants in Golang](https://splice.com/blog/iota-elegant-constants-golang/) * [constants](https://blog.golang.org/constants) * [why arrays are not constants](https://groups.google.com/forum/#!topic/golang-nuts/5aynucvg96I) ### Errors * [Illegal octal digit error](http://www.perlmonks.org/?node_id=768999) * [Error handling and Go](https://blog.golang.org/error-handling-and-go) by Andrew Gerrand * [Errors are values](https://blog.golang.org/errors-are-values) by Rob Pike * [Working with Errors in Go 1.13](https://blog.golang.org/go1.13-errors) by Damien Neil and Jonathan Amsterdam ### Reflection * [The Laws of Reflection](https://blog.golang.org/laws-of-reflection) ### Types * [How to find a type of a object in Golang?](http://stackoverflow.com/questions/20170275/how-to-find-a-type-of-a-object-in-golang) ### Interfaces * [Go Data Structures: Interfaces](http://research.swtch.com/interfaces) * [Demystifying Golang's io.Reader and io.Writer Interfaces](https://nathanleclaire.com/blog/2014/07/19/demystifying-golangs-io-dot-reader-and-io-dot-writer-interfaces/) by Nathan LeClaire. * [Go Data Structures: Interfaces](https://research.swtch.com/interfaces) by Russ Cox ### Struct * [struct Type is not an expression](http://stackoverflow.com/questions/27455170/error-struct-type-is-not-an-expression) ### Useful commands * [Command vet](https://golang.org/cmd/vet/) * [errcheck](https://github.com/kisielk/errcheck) ### Operations * [Difference](http://stackoverflow.com/questions/28432398/difference-between-some-operators-golang) ### Compiling * [Conditional compilation in Golang](http://blog.ralch.com/tutorial/golang-conditional-compilation/) by Svetlin Ralchev ### Structs * [How to initialize members in Go struct](http://stackoverflow.com/questions/4498998/how-to-initialize-members-in-go-struct) * [Struct's Zero value in golang](http://stackoverflow.com/questions/28625794/structs-zero-value-in-golang) ### Runtime * [package](https://golang.org/pkg/runtime/#hdr-Environment_Variables) ### Routines * [Debugging Go Routine leaks](https://blog.minio.io/debugging-go-routine-leaks-a1220142d32c) by Karthic Rao ### Debugging * [Debuggin code](https://golang.org/doc/gdb) * [Debugging Go programs with Delve](https://blog.gopheracademy.com/advent-2015/debugging-with-delve/) by Derek Parker * [A brief intro of delve](http://nanxiao.me/en/a-brief-intro-of-delve/) by Nan Xiao ### Assembly * [Advanced Vector Extensions](https://en.wikipedia.org/wiki/Advanced_Vector_Extensions) * [Generating code](https://blog.golang.org/generate) * [A Quick Guide to Go's Assembler](https://golang.org/doc/asm) * [How to Use the Plan 9 C Compiler](http://doc.cat-v.org/plan_9/4th_edition/papers/comp) * [A Manual for the Plan 9 assembler](https://9p.io/sys/doc/asm.html) * [Tutorial](http://win32assembly.programminghorizon.com/tut2.html) * [The MASM32 SDK](http://www.masm32.com/) * [Building a Modern Computer from First Principles](http://www.nand2tetris.org/) #### x86 * [x86 Instruction Set Reference](http://x86.renejeschke.de/) * [Instructions](https://en.wikipedia.org/wiki/X86_instruction_listings) * [INT (x86 instruction)](https://en.wikipedia.org/wiki/INT_(x86_instruction)) * [EQU](http://www.keil.com/support/man/docs/armasm/armasm_dom1361290008953.htm) * [TEST](https://en.wikipedia.org/wiki/TEST_(x86_instruction)) * [x86 memory segmentation](https://en.wikipedia.org/wiki/X86_memory_segmentation) * [Intel x86 JUMP quick reference](http://unixwiz.net/techtips/x86-jumps.html) by Steve Friedl * [X86 Assembly/X86 Architecture](https://en.wikibooks.org/wiki/X86_Assembly/X86_Architecture) * [db, dw, dd](http://stackoverflow.com/questions/10168743/x86-assembly-which-variable-size-to-use-db-dw-dd) * [X86 Assembly/X86 Architecture](https://en.wikibooks.org/wiki/X86_Assembly/X86_Architecture) * [Assembly - Registers](https://www.tutorialspoint.com/assembly_programming/assembly_registers.htm) * [x86 Assembly Guide](http://www.cs.virginia.edu/~evans/cs216/guides/x86.html) * [Yasm User Manual](https://www.tortall.net/projects/yasm/manual/html/index.html) #### Flags * [Zero flag](https://en.wikipedia.org/wiki/Zero_flag) * [FLAGS register](https://en.wikipedia.org/wiki/FLAGS_register) ### Ports * [PORTS Common I/O Port Addresses](http://stanislavs.org/helppc/ports.html) ### Mistakes * [50 Shades of Go: Traps, Gotchas, and Common Mistakes for New Golang Devs](http://devs.cloudimmunity.com/gotchas-and-common-mistakes-in-go-golang/) by Kyle Quest * [When in Go, do as Gophers do](https://talks.golang.org/2014/readability.slide#1) * [CodeReviewComments](https://github.com/golang/go/wiki/CodeReviewComments#Variable_Names) * [Things I Wish Someone Had Told Me About Golang](http://openmymind.net/Things-I-Wish-Someone-Had-Told-Me-About-Go/) * [Everyday hassles in Go](http://crufter.com/@crufter/everyday-hassles-in-go) by crufter ### Talks * [General](https://talks.golang.org/) * [5 things I love (or why you should learn Go)](https://www.youtube.com/watch?v=fsTOOPB1TBY) by Andrew Gerrand * [How go was made (or why you should learn Go)](https://www.youtube.com/watch?v=0ht89TxZZnk) by Andrew Gerrand * [Closing day keynote](https://www.youtube.com/watch?v=dKGmK_Z1Zl0) by Andrew Gerrand * [Stupid Gopher Tricks](https://www.youtube.com/watch?v=UECh7X07m6E) by Andrew Gerrand * [The path to Go 1](https://www.youtube.com/watch?v=bj9T2c2Xk_s) by Rob Pike and Andrew Gerrand * [Go Concurrency Patterns](https://www.youtube.com/watch?v=f6kdp27TYZs) by Rob Pike. [Slides](https://talks.golang.org/2012/concurrency.slide#2) * [Advanced Go Concurrency Patterns](https://www.youtube.com/watch?v=QDDwwePbDtw) by Sameer Ajmani * [Organizing Go Code](https://talks.golang.org/2014/organizeio.slide#1) Slides, by David Crawshaw * [10 things you (probably) don't know about Go](https://talks.golang.org/2012/10things.slide#1) ### Tools * [The cover story](https://blog.golang.org/cover) by Rob Pike ### Modules * [Migrating to Go Modules](https://blog.golang.org/migrating-to-go-modules) by Jean de Klerk * [Go Modules: v2 and Beyond](https://blog.golang.org/v2-go-modules) * [Module queries](https://golang.org/cmd/go/#hdr-Module_queries) * [Go Module Mirror, Index, and Checksum Database](https://sum.golang.org/) ### Testing * [Writing table driven tests in Go](https://dave.cheney.net/2013/06/09/writing-table-driven-tests-in-go) by Dave Cheney * [Test fixtures in Go](https://dave.cheney.net/2016/05/10/test-fixtures-in-go) by Dave Cheney * [How to write benchmarks in Go](https://dave.cheney.net/2013/06/30/how-to-write-benchmarks-in-go) by Dave Cheney * [Stress test your Go packages](https://dave.cheney.net/2013/06/19/stress-test-your-go-packages) by Dave Cheney ### Packages * [Special Packages and Directories in Go](https://blog.learngoprogramming.com/special-packages-and-directories-in-go-1d6295690a6b) by Inanc Gumus # Rust * [Configuring Rustfmt](https://rust-lang.github.io/rustfmt/) * [rustlings](https://github.com/rust-lang/rustlings/) #C ### General * [C Libraries](https://www.cs.swarthmore.edu/~newhall/unixhelp/howto_C_libraries.html) * [GDB](https://sourceware.org/gdb/wiki/BuildingOnDarwin) * [make](https://ftp.gnu.org/old-gnu/Manuals/make-3.79.1/html_chapter/make_11.html) * [shell](http://tldp.org/LDP/Bash-Beginners-Guide/html/sect_03_02.html) * [constant time](https://cryptocoding.net/index.php/Coding_rules) * [size_t](https://www.embedded.com/electronics-blogs/programming-pointers/4026076/Why-size-t-matters) * [Bitwise Operators in C Programming](https://www.programiz.com/c-programming/bitwise-operators) ### Inline * [An Inline Function is As Fast As a Macro](https://gcc.gnu.org/onlinedocs/gcc/Inline.html) * [Inline Functions In C](https://www.greenend.org.uk/rjk/tech/inline.html) ### ForLoops * [Skip](http://stackoverflow.com/questions/22211209/are-there-reasons-to-skip-the-initialization-of-the-for-loop) * [Syntax](http://stackoverflow.com/questions/276512/what-is-the-full-for-loop-syntax-in-c-and-others-in-case-they-are-compatible) ### Print in formats * [printf](http://www.cplusplus.com/reference/cstdio/printf/) * [unsigned long hex representation](http://stackoverflow.com/questions/19478509/unsigned-long-hex-representation) * [unsigned int](http://stackoverflow.com/questions/15736497/how-to-print-an-unsigned-char-in-c) ### Pointers * [Pointers](http://augustcouncil.com/~tgibson/tutorial/ptr.html) * [Don't Get Bitten by Pointer vs Non-Pointer Method Receivers in Golang](https://nathanleclaire.com/blog/2014/08/09/dont-get-bitten-by-pointer-vs-non-pointer-method-receivers-in-golang/) by Nathan Leclaire * [C Programming/Pointers and arrays](https://en.wikibooks.org/wiki/C_Programming/Pointers_and_arrays) ### Constants * [References and Constants](http://www.augustcouncil.com/~tgibson/tutorial/constref.html) ### Conversion * [deprecated conversion from string constant to 'char\*'](https://en.wikibooks.org/wiki/GCC_Debugging/g%2B%2B/Warnings/deprecated_conversion_from_string_constant) ### Macros * [How to Use C Macros and C Inline Functions with C Code Examples](http://www.thegeekstuff.com/2013/04/c-macros-inline-functions/) ### Variable arguments * [How Variable Argument Lists Work in C](http://blog.aaronballman.com/2012/06/how-variable-argument-lists-work-in-c/) ### GCC * [6.30 Declaring Attributes of Functions](https://gcc.gnu.org/onlinedocs/gcc-4.7.1/gcc/Function-Attributes.html) * [3.8 Options to Request or Suppress Warnings](https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#Warning-Options) * [Options to Request or Suppress Warnings](https://gcc.gnu.org/onlinedocs/gcc-4.8.4/gcc/Warning-Options.html) ### Clang * [Clang format vim](https://gist.github.com/fasiha/8af2a4f719812319934947124bb63afd) * [Clang format](https://clang.llvm.org/docs/ClangFormat.html) ### LLVM * [Friday Hacks #112 - Make your own LLVM compiler - NUS Hackers](https://www.youtube.com/watch?v=OhkwPSvyBu0) by Omer Iqbal ### Macro * [M4](https://www3.physnet.uni-hamburg.de/physnet/Tru64-Unix/HTML/APS32DTE/M4XXXXXX.HTM) ### Differences * [strcpy and stpcpy](https://stackoverflow.com/questions/5826773/whats-the-difference-between-strcpy-and-stpcpy) ### Undefined behavior * [Undefined Behavior: What Happened to My Code?](https://people.csail.mit.edu/nickolai/papers/wang-undef-2012-08-21.pdf) by Xi Wang, Haogang Chen, Alvin Cheung, Zhihao Jia, Nickolai Zeldovich M. and Frans Kaashoek ### Security * [Uncontrolled format string](https://en.wikipedia.org/wiki/Uncontrolled_format_string) ### Memset * [Beware of compiler optimizations](https://wiki.sei.cmu.edu/confluence/display/c/MSC06-C.+Beware+of+compiler+optimizations) * [The compiler could delete the 'memset' function call, which is used to flush 'Foo' buffer. The RtlSecureZeroMemory() function should be used to erase the private data](https://www.viva64.com/en/w/v597/) * [Overwriting memory](https://www.viva64.com/en/k/0041/) * [Safe Clearing of Private Data](https://www.viva64.com/en/b/0388/) * [Security, security! But do you test it?](https://www.viva64.com/en/b/0178/) * [Zero and forget -- caveats of zeroing memory in C](http://web.archive.org/web/20160304012102/http:/www.eliteraspberries.com/blog/2012/10/zero-and-forget--caveats-of-zeroing-memory-in-c.html) * [The most dangerous function in the C/C++ world 03.12.2015](https://www.viva64.com/en/b/0360/) ### Assembly * [Extended Asm - Assembler Instructions with C Expression Operands](https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html) * [6.48 Alternate Keywords](https://gcc.gnu.org/onlinedocs/gcc/Alternate-Keywords.html#Alternate-Keywords) ### Libraries #### Tools for C libraries * [Tooling](https://developer.gnome.org/programming-guidelines/stable/tooling.html.en) * [gprof](http://web.eecs.umich.edu/~sugih/pointers/gprof_quick.html) #### Libgcrypt * [Libgcrypt Library](https://www.gnupg.org/documentation/manuals/gcrypt/index.html#SEC_Contents) * [gcry_mpi](https://www.gnupg.org/documentation/manuals/gcrypt/Basic-functions.html) * [AM_DEFAULT_VERBOSITY](https://lists.gnu.org/archive/html/bug-autoconf/2012-01/msg00007.html) #### Autotools * [automake](https://www.gnu.org/software/automake/manual/html_node/index.html#SEC_Contents) * [automake: tutorial](https://www.gnu.org/software/automake/manual/html_node/Examples.html#Examples) * [Automake silence](https://www.gnu.org/software/automake/manual/html_node/Automake-Silent-Rules.html#index-AM_005fDEFAULT_005fVERBOSITY) * [Creating an Open-source Program in C With Autotools](http://blog.fourthbit.com/2013/06/18/creating-an-open-source-program-in-c-with-autotools-part-1-of-2) * [AM_CONDITIONAL](https://www.gnu.org/software/automake/manual/html_node/Usage-of-Conditionals.html) * [Test coverage](https://qualityhour.wordpress.com/2012/01/29/test-coverage-tutorial-for-cc-autotools-projects/) * [Gnome Autotools](https://wiki.gnome.org/Projects/GnomeCommon/Migration) * [autoconf](https://www.gnu.org/software/autoconf/manual/autoconf.html) * [Autotools Mythbuster](https://autotools.io/index.html) * [The Basics of Autotools](https://devmanual.gentoo.org/general-concepts/autotools/index.html) * [PKG_CHECK_MODULES Macro](https://autotools.io/pkgconfig/pkg_check_modules.html) * [Common Shell Constructs](https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.69/html_node/Common-Shell-Constructs.html) * [Working With External Software](https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.html) * [How to Use Variables](https://www.gnu.org/software/make/manual/html_node/Using-Variables.html) * [x86 built-in funcs](https://gcc.gnu.org/onlinedocs/gcc/x86-Built-in-Functions.html) * [Limitations of Shell Builtins](https://www.gnu.org/software/autoconf/manual/autoconf-2.65/html_node/Limitations-of-Builtins.html#Limitations-of-Builtins) * [Conditional Builds](https://autotools.io/automake/conditional.html) #### Glib * [test](https://developer.gnome.org/glib/stable/glib-Testing.html) * [macros](https://developer.gnome.org/glib/stable/glib-Miscellaneous-Macros.html) #### Valgrind * [on osx](https://stackoverflow.com/questions/35308274/valgrind-errors-on-mac-os-x-for-printf-a-double) * [Checking C code with Valgrind on Yosemite](http://kalapun.com/posts/checking-c-code-with-valgrind-on-yosemite/) * [errors on os](https://stackoverflow.com/questions/34573039/possible-memory-leak-valgrind-in-osx-el-capitan) * [Using Valgrind to Find Memory Leaks and Invalid Memory Use](http://www.cprogramming.com/debugging/valgrind.html) by Alex Allain * [Memcheck: a memory error detector](http://valgrind.org/docs/manual/mc-manual.html#mc-manual.options) * [ctgrind](https://github.com/agl/ctgrind) by Adam Langley * [Valgrind: introduction](https://accu.org/index.php/journals/1930) by Paul Floyd * [Basic Memcheck](https://accu.org/index.php/journals/1913) by Paul Floyd * [Advanced memcheck](https://accu.org/index.php/journals/1905) by Paul Floyd * [Massif](https://accu.org/index.php/journals/1884) by Paul Floyd * [Cachegrind and Callgrind](https://accu.org/index.php/journals/1886) by Paul Floyd * [Helgrind and DRD](https://accu.org/index.php/journals/1867) by Paul Floyd * [DRD: a thread error detector](http://valgrind.org/docs/manual/drd-manual.html) * [Helgrind: a thread error detector](http://valgrind.org/docs/manual/hg-manual.html) * [Cachegrind: a cache and branch-prediction profiler](http://valgrind.org/docs/manual/cg-manual.html) * [SGCheck: an experimental stack and global array overrun detector](http://valgrind.org/docs/manual/sg-manual.html) #### Autoconf * [Manual](https://www.gnu.org/software/autoconf/manual/autoconf-2.60/) * [Archive](http://hackster.ericsbasementoffice.com/gnu-soft/www.gnu.org/software/autoconf-archive/) * [Archive 2](https://www.gnu.org/software/autoconf-archive/) * [Introduction](https://www.gnu.org/software/autoconf/autoconf.html) ## GTK * [glade tutorial](http://blog.borovsak.si/2009/09/glade3-tutorial-1-introduction.html) * [Python GTK+ 3 Tutorial](http://python-gtk-3-tutorial.readthedocs.io/en/latest/install.html) * [Other Advanced and Specific Guides](https://people.gnome.org/~newren/tutorials/developing-with-gnome/html/ch06.html) * [Tutorials](https://wiki.gnome.org/GnomeArt/Tutorials/) * [FAQ](http://www.geany.org/manual/gtk/gtk-faq/x492.html) * [Beautiful Buttons](https://wiki.gnome.org/HowDoI/Buttons) * [GTK parasite github](https://github.com/chipx86/gtkparasite) * [GTK parasite website](http://chipx86.github.io/gtkparasite/) * [Goings on](https://blogs.gnome.org/mclasen/) by Mathias Clasen. * [GTK+ Development Blog](https://blog.gtk.org/) by the GTK people. * [How Do I do gnome wiki](https://wiki.gnome.org/HowDoI/) ## Haskell * [Stephen Diehl](https://github.com/sdiehl) * [Write a compiler](https://github.com/sdiehl/write-you-a-haskell) * [Write a compiler 2](http://dev.stephendiehl.com/fun/000_introduction.html) ## Git * [Rewrite commits](https://stackoverflow.com/questions/2919878/git-rewrite-previous-commit-usernames-and-emails) * [Change author info](https://help.github.com/articles/changing-author-info/) * [Backup](https://stackoverflow.com/questions/6403601/purging-file-from-git-repo-failed-unable-to-create-new-backup) * [Commit history](https://git-scm.com/book/tr/v2/Git-Basics-Viewing-the-Commit-History) * [Rebase and change commits](https://stackoverflow.com/questions/39631983/github-invalid-author-email-commits-no-contribution-activity) * [Get author name of commit](https://stackoverflow.com/questions/29876342/how-to-get-only-author-name-or-email-in-git-given-sha1) * [Git Tools - Submodules](https://git-scm.com/book/en/v2/Git-Tools-Submodules) * [Squashing](https://www.internalpointers.com/post/squash-commits-into-one-git) ## GDB * [Debugging with GDB](https://sourceware.org/gdb/current/onlinedocs/gdb/) * [Install mac](https://stackoverflow.com/questions/18423124/please-check-gdb-is-codesigned-see-taskgated8-how-to-get-gdb-installed-w) * [High Sierra bug](https://stackoverflow.com/questions/39702871/gdb-kind-of-doesnt-work-on-macos-sierra/40437725#40437725) * [Docs](https://sourceware.org/gdb/current/onlinedocs/gdb/) * [Manual](http://kirste.userpage.fu-berlin.de/chemnet/use/info/gdb/gdb_6.html#SEC29) ## Travis * [Customizing the Build](https://docs.travis-ci.com/user/customizing-the-build/) ## Testing * [Interesting table by Cindy Sridharan](https://twitter.com/peter_a_goodman/status/1070337822580793345) * [Hardware Memory Tagging to make C_C++ memory safe(r) - iSecCon 2018.pdf](https://github.com/google/sanitizers/blob/master/hwaddress-sanitizer/Hardware%20Memory%20Tagging%20to%20make%20C_C%2B%2B%20memory%20safe(r)%20-%20iSecCon%202018.pdf) by Kostya Serebryany * [Memory Tagging and how it improvesC/C++ memory safety](https://arxiv.org/pdf/1802.09517.pdf) ## Fuzzing * [ClusterFuzz](https://github.com/google/clusterfuzz) * [OSS-Fuzz - Continuous Fuzzing for Open Source Software](https://github.com/google/oss-fuzz) ## Architecture * [Comparison of instruction set architectures](https://en.wikipedia.org/wiki/Comparison_of_instruction_set_architectures) * [ARM architecture](https://en.wikipedia.org/wiki/ARM_architecture) ---------------------------------------------------------------------------- # Theory * [On computable numbers, with an application to the entscheidungsproblem](https://www.cs.virginia.edu/~robins/Turing_Paper_1936.pdf) by Alan Turing ---------------------------------------------------------------------------- # Design and configs ## Css * [You don't need javascript](https://github.com/you-dont-need/You-Dont-Need-Javascript) * [Create Diagonal Layouts Like It's 2020](https://9elements.com/blog/pure-css-diagonal-layouts/) by Nils Binder * [Change The Spacing Between Lines](https://www.uvm.edu/~bnelson/computer/css/changethespacingbetweenlines.html#:~:text=Use%20the%20line%2Dheight%20property,of%20vertical%20space%20between%20lines.) * [Diagonal Containers in CSS](https://codyhouse.co/blog/post/css-diagonal-containers) by Sebastiano Guerriero ## Beautiful Css websites * [In Pieces](http://species-in-pieces.com/#) * [Quad Notion](http://www.quadnotion.com/) ## Vim * [Xterm256 color names for console Vim](http://vim.wikia.com/wiki/Xterm256_color_names_for_console_Vim) * [Use Vim](https://medium.com/usevim/) by Alex R. Young * [Being sorta useful in vim](https://kivikakk.ee/2014/04/19/being-sorta-useful-in-vim.html#normal) * [Why I use Vim](https://pascalprecht.github.io/2014/03/18/why-i-use-vim/) by Pascal Precht * [How to use spell check with vim](http://go2linux.garron.me/linux/2010/10/how-use-spell-check-vim-795/) ## Tmux and tmate * [A tmux Crash Course](https://robots.thoughtbot.com/a-tmux-crash-course) by Josh Clayton * [config](https://searchcode.com/file/112847624/tmate.conf) * [config 2](https://github.com/gpakosz/.tmux/blob/master/.tmux.conf) * [Remote pairing with tmux and tmate](http://blog.testdouble.com/posts/2017-07-21-remote-pair-tmate-and-tmux) ## Irssi * [storing pass](https://github.com/irssi/irssi/issues/6) ---------------------------------------------------------------------------- # Useful * [ADR tools](https://github.com/npryce/adr-tools) * Topological math: [Topological phase transitions and topological phases of matter](https://www.nobelprize.org/nobel_prizes/physics/laureates/2016/advanced-physicsprize2016.pdf) * [dirEnv](https://github.com/direnv/direnv) * [lint](https://github.com/golang/lint) # Tools * [Principle](http://principleformac.com/) * [Proto.io](https://proto.io/) ---------------------------------------------------------------------------- # Code for Tor Browser High Security Mode In high security mode, Tor only allows PNG images to be available. If your website must support non-PNG images like SVG, you can set up a fallback image like so [(Ref.)](https://css-tricks.com/a-complete-guide-to-svg-fallbacks/): 1. With HTML: ``` ``` 2. With CSS, which naturally throws away rules that the browser doesn't understand: ``` .image-with-fallback { background-image: url(fallback.png); background-image: url(your.svg), none; }{} ``` [Why is SVG a problem? Pg 16 in this iSEC report](https://github.com/iSECPartners/publications/blob/052caf9c9c683ec0bed55782714df4d35c38f107/reports/Tor%20Browser%20Bundle/Tor%20Browser%20Bundle%20-%20iSEC%20Deliverable%201.3.pdf). # Website setup * [Git on the Server](https://git-scm.com/book/en/v2/Git-on-the-Server-Getting-Git-on-a-Server) * [nginx tutorial](https://nginx.org/en/docs/beginners_guide.html) * [hosting static](https://jgefroh.medium.com/a-guide-to-using-nginx-for-static-websites-d96a9d034940) * [GitHub pages to self-hosted](https://belief-driven-design.com/moving-from-github-pages-to-self-hosted-ab1231fb7fa/) * [Self-hosted GitHub pages](https://styxit.com/2017/09/13/self-host-github-pages-on-digital-ocean.html) * [How To Host a Website Using Cloudflare and Nginx on Ubuntu 16.04](https://www.digitalocean.com/community/tutorials/how-to-host-a-website-using-cloudflare-and-nginx-on-ubuntu-16-04#:~:text=The%20Cloudflare%20Origin%20CA%20lets,servers%20and%20your%20Nginx%20server.&text=Then%2C%20on%20your%20server%2C%20open,%2Fssl%2Fcerts%2Fcert.) * [Nginx: Create CSR & Install SSL Certificate (OpenSSL)](https://www.digicert.com/kb/csr-ssl-installation/nginx-openssl.html) * [Cloudflare CDN: How to Setup + Purchase Domain + NGINX Proxy Manager on Unraid](https://www.youtube.com/watch?v=c6Y6M8CdcQ0) * [Configuring NGINX and NGINX Plus as a Web Server](https://docs.nginx.com/nginx/admin-guide/web-server/web-server/#locations) * [Automatic deploy using Git](https://dpursanov.medium.com/automatic-deploy-using-git-72ddbc1785cf) ================================================ FILE: quantum_crypto/crypto.md ================================================ # Postquantum Cryptography ## PQCrypto 2017 * [A new rank metric codes based encryption scheme](https://eprint.iacr.org/2017/236.pdf) by Pierre Loidreau. [*] Presented by [Pierre Loidreau](https://perso.univ-rennes1.fr/pierre.loidreau/) Interesting references: * E. M. Gabidulin, A. V. Paramonov, and O. V. Tretjakov, Ideals over a non-commutative ring and their applications to cryptography, Advances in Cryptology - EUROCRYPT'91 (Brighton), Lecture Notes in Comput. Sci., no. 547, April 1991. * A. Otmani, H. T. Kalashi, and S. Ndjeya, Improved cryptanalysis of rank metric schemes based on Gabidulin codes, http://arxiv.org/abs/1602.08549v1, 2016. * R. J. McEliece, A public-key system based on algebraic coding theory, Jet Propulsion Lab, 1978, DSN Progress Report 44. * R. Misoczki, J.-P. Tillich, N. Sendrier, and P. S. L. M. Barreto, MDPC- McEliece: New McEliece variants from moderate density parity-check codes, IACR Cryptology ePrint Archive, Report2012/409 (2012). * P. Gaborit, G. Murat, O. Ruatta, and G. Zemor, Low rank parity check codes and their application to cryptography, Proceedings of the Workshop on Coding and CryptographyWCC'2013 (Bergen, Norway), 2013, Available on www.selmer.uib.no/WCC2013/pdfs/Gaborit.pdf. * [Ouroboros: A Simple, Secure and Efficient Key Exchange Protocol Based on Coding Theory](https://www.google.com.ec/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjVgNPAnIjWAhUC6yYKHUX0CncQFggkMAA&url=http%3A%2F%2Fwww.springer.com%2Fcda%2Fcontent%2Fdocument%2Fcda_downloaddocument%2F9783319598789-c2.pdf%3FSGWID%3D0-0-45-1608506-p180889202&usg=AFQjCNEB9xAO6zWglzJJ3M9ipXl6mQOewA) by Jean-Christophe Deneuville, Philippe Gaborit, and Gilles Zémor Presented by [Jean-Christophe Deneuville](https://scholar.google.com/citations?user=zwOOX2IAAAAJ&hl=fa) Interesting references: * Gaborit, P.: Shorter keys for code based cryptography. In: Proceedings of the 2005 International Workshop on Coding and Cryptography (WCC 2005) (2005). http://www.unilim.fr/pages_perso/philippe.gaborit/shortIC.ps. * Misoczki, R., Tillich, J.P., Sendrier, N., Barreto, P.S.: MDPC-McEliece: new McEliece variants from moderate density parity-check codes. In: 2013 IEEE International Symposium on Information Theory Proceedings. IEEE (2013). https://eprint.iacr.org/2012/409.pdf. * Alekhnovich, M.: More on average case vs approximation complexity. In: Proceedings of 44th Symposium on Foundations of Computer Science (FOCS 2003), 11–14 October 2003, Cambridge, MA, USA. http://www.cs.toronto.edu/~toni/Courses/PCP/handouts/misha.pdf. * Aguilar Melchor, C., Blazy, O., Deneuville, J.C., Gaborit, P., Zémor, G.: Efficient encryption from random quasi-cyclic codes. CoRR abs/1612.05572 (2016). http://arxiv.org/abs/1612.05572. * Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.: On the inherent intractability of certain coding problems. IEEE Trans. Inf. Theory 24(3), 384–386 (1978). http://authors.library.caltech.edu/5607/1/BERieeetit78.pdf * Hauteville, A., Tillich, J.P.: New algorithms for decoding in the rank metric and an attack on the LRPC cryptosystem. In: 2015 IEEE International Symposium on Information Theory (ISIT). IEEE (2015). https://arxiv.org/pdf/1504.05431.pdf. * Sendrier, N.: Decoding one out of many. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25405-5_4. https://eprint.iacr.org/2011/367.pdf. * Chaulet, J., Sendrier, N.: Worst case QC-MDPC decoder for McEliece cryptosystem. In: 2016 IEEE International Symposium on Information Theory (ISIT). IEEE (2016). https://arxiv.org/pdf/1608.06080.pdf. 24, 30 * [CCA2 Key-Privacy for Code-Based Encryption in the Standard Model](https://link.springer.com/book/10.1007/978-3-319-59879-6) by Yusuke Yoshida, Kirill Morozov and Keisuke Tanaka Presented by Yusuke Yoshida Interesting references: * 1, 9, 14 * [A Reaction Attack on the QC-LDPC McEliece Cryptosystem](https://eprint.iacr.org/2017/494.pdf) by Tomas Fabsic, Viliam Hromada, Paul Stankovski, Pavol Zajac, Qian Guo and Thomas Johansson. Presented by Tomas Fabsic Interesting references: * R.J. McEliece: A Public-Key Cryptosystem Based On Algebraic Coding Theory. Deep Space Network Progress Report, 44:114-116 (1978) * Guo, Q., Johansson, T. and Stankovski, P.: A key recovery attack on MDPC with CCA security using decoding errors. In Advances in CryptologyASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I 22 (pp. 789-815). Springer Berlin Heidelberg (2016) * Otmani, A., Tillich, J.P., Dallot, L.: Cryptanalysis of two McEliece cryptosystems based on quasi-cyclic codes. In: Proc. First International Conference on Symbolic Computation and Cryptography (SCC 2008), Beijing, China (2008) * Baldi, M., Bodrato, M., Chiaraluce, F.: A new analysis of the McEliece cryptosystem based on QCLDPC codes. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) 6th International Conference on Security and Cryptography for Networks (SCN 2008). LNCS, vol. 5229, pp. 246-262. Springer, Berlin (2008) * BitPunch, https://github.com/FrUh/BitPunch * [Quantum Information Set Decoding Algorithms](https://eprint.iacr.org/2017/213.pdf) by Ghazal Kachigar and Jean-Pierre Tillich. Presented by Ghazal Kachigar Interesting references: * Prange, E. The use of information sets in decoding cyclic codes. IRE Transactions on Information Theory 8, 5 (1962). * Bernstein, D. J. Grover vs. McEliece. In Post-Quantum Cryptography 2010 (2010), N. Sendrier, Ed., vol. 6061 of Lecture Notes in Comput. Sci., Springer. * [Loop-abort faults on supersingular isogeny cryptosystems](https://eprint.iacr.org/2017/374.pdf) by Alexandre Gélin and Benjamin Wesolowski. Presented by Alexandre Gélin Interesting references: * Charles, D., Goren, E., Lauter, K.: Cryptographic hash functions from expander graphs. Cryptology ePrint Archive, Report 2006/021 (2006), http://eprint.iacr.org/2006/021 * Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Post-Quantum Cryptography - 4th International Workshop, PQCrypto 2011. Proceedings. (2011) * Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Advances in Cryptology - ASIACRYPT 2016. Proceedings, Part I. (2016) * Kirkwood, D., Lackey, B.C., McVey, J., Motley, M., Solinas, J.A., Tuller, D.: Failure is not an option: Standardization issues for post-quantum key agreement on the security of supersingular isogeny cryptosystems. Workshop on Cybersecurity in a Post-Quantum World (2015), http://csrc.nist.gov/groups/ST/post-quantum-2015/presentations/session7- motley-mark.pdf * Page, D., Vercauteren, F.: A fault attack on pairing-based cryptography. IEEE Transactions on Computers 55(9), (2006) * Tate, J.: Endomorphisms of abelian varieties over finite fields. Inventiones mathematicae 2(2), (1966) * Costello, C., Longa, P., Naehrig, M.: Ecient algorithms for supersingular isogeny Diffie-Hellman. In: Advances in Cryptology - CRYPTO 2016. Proceedings, Part I. (2016) * Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Advances in Cryptology - ASIACRYPT 2016. Proceedings, Part I. (2016) * Espitau, T., Fouque, P.A., Gerard, B., Tibouchi, M.: Loop-abort faults on lattice based Fiat-Shamir and hash-and-sign signatures. Cryptology ePrint Archive, Report 2016/449 (2016), http://eprint.iacr.org/2016/449 * Blomer, J., Gomes da Silva, R., Gunther, P., Kramer, J., Seifert, J.: A practical second-order fault attack against a real-world pairing implementation. In: 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2014. (2014) * [Fault Attack on Supersingular Isogeny Cryptosystems](https://link.springer.com/chapter/10.1007/978-3-319-59879-6_7) by Yan Bo Ti. Presented by Yan Bo Ti * [Fast Lattice-Based Encryption: Stretching Spring](https://link.springer.com/chapter/10.1007/978-3-319-59879-6_8) by Charles Bouillaguet, Claire Delaplace, Pierre-Alain Fouque and Paul Kirchner Presented by Claire Delaplace Interesting references: * BPR12 * [Revisiting TESLA in the quantum random oracle model](https://eprint.iacr.org/2015/755) by Erdem Alkim and Nina Bindel and Johannes Buchmann and Özgür Dagdelen and Edward Eaton and Gus Gutoski and Juliane Krämer and Filip Pawlega [*] Presented by Erdem Alkim Interesting references: * Shi Bai and Steven D. Galbraith. An Improved Compression Technique for Signatures Based on Learning with Errors. In Topics in Cryptology – CT-RSA 2014, volume 8366 of LNCS. Springer, 2014. * Erdem Alkim, Nina Bindel, Johannes Buchmann, Özgür Dagdelen, and Peter Schwabe. TESLA: Tightly-Secure Efficient Signatures from Standard Lattices. Cryptology ePrint Archive, Report 2015/755, version 20161117:055833, 2015. * Dan Boneh, Özgür Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner, and Mark Zhandry. Random Oracles in a Quantum World. In ASIACRYPT 2011, volume 7073 of LNCS. Springer, 2011. * Charles H. Bennett, Ethan Bernstein, Gilles Brassard, and Umesh Vazirani. Strengths and Weaknesses of Quantum Computing. SIAM J. Comput., 26(5), 1997. * Jonathan Katz and Nan Wang. Efficiency Improvements for Signature Schemes with Tight Security Reductions. In CCS 2003. ACM, 2003. * Vadim Lyubashevsky. Lattice Signatures without Trapdoors. In EUROCRYPT 2012, volume 7237 of LNCS. Springer, 2012. * Oded Regev. On Lattices, Learning with Errors, Random Linear Codes, and Cryptography. In STOC 2005. ACM, 2005. * Chris Peikert. A Decade of Lattice Cryptography. Cryptology ePrint Archive, Report 2015/939, 2015. * Phillip Kaye, Raymond Laflamme, and Michele Mosca. An Introduction to Quantum Computing. Oxford University Press, Inc., New York, NY, USA, 2007. * Michael A. Nielsen and Isaac L. Chuang. Quantum Computation and Quantum Information. Cambridge University Press, Cambridge, New York, 2000. * [Cryptanalysis of RLWE-Based One-Pass Authenticated Key Exchange](https://link.springer.com/chapter/10.1007/978-3-319-59879-6_10) by Boru Gong[*], Yunlei Zhao. [*] Presented by [Boru Gong](http://dblp.uni-trier.de/pers/hd/g/Gong:Boru) Interesting references: * [Authenticated Key Exchange from Ideal Lattices](https://eprint.iacr.org/2014/589.pdf) by Jiang Zhang, Zhenfeng Zhang, Jintai Ding, Michael Snook and Ozgur Dagdelen * [HMQV: A High-Performance Secure Diffie-Hellman Protocol](https://eprint.iacr.org/2005/176.pdf) by Hugo Krawczyk ================================================ FILE: quantum_physics/articles.md ================================================ ## Various * [(De)Constructing Dimensions](https://arxiv.org/pdf/hep-th/0104005v1.pdf) by Nima Arkani-Hamed, Andrew G. Cohen and Howard Georgi. * [The Hierarchy Problem and New Dimensions at a Millimeter](https://arxiv.org/pdf/hep-ph/9803315v1.pdf) by Nima Arkani–Hamed, Savas Dimopoulos and Gia Dvali. * [Quantum Theory: concepts and methods] by Asher Peres. ### Videos * [Nima Arkani-Hamed - Physics and Mathematics for the End of Spacetime](https://www.youtube.com/watch?v=z1-QDXReDTU) ================================================ FILE: tools.md ================================================ # Interesting tools * [Cuckoo Sandbox: Malware analysis](https://github.com/cuckoosandbox) * [phishdetect](https://github.com/phishdetect/phishdetect) ### Tor * [Notes on running Tor in the OSX command line to SSH into a server](https://drew3000.net/osx-tor-terminal/) by drew3000 * [Simple Tor setup on macOS](https://kremalicious.com/simple-tor-setup-on-mac-os-x/) by Matthias Kretschmann * [torsocks macos](https://lorenzo.mile.si/torsocks-macos-is-located-directory-protected-apples-system-integrity-protection/201/) by maxxer * [osx-tor](https://github.com/b4rton/osx-tor) ### Encrypted data * [SaltPack](https://saltpack.org/) * [SaltPack repo](https://github.com/keybase/saltpack) ### LaTex * [Tutorial](https://es.overleaf.com/learn/latex/Paragraphs_and_new_lines) * [Springer Lecture Notes in Computer Science](https://www.overleaf.com/project) ### Thunderbird * [Enigmail FAQ](https://enigmail.net/index.php/en/faq?view=topic&id=14) * [Set up PGP](https://riseup.net/en/security/message-security/openpgp/enigmail) ================================================ FILE: vim_stuff.md ================================================ ## Some commands: 1. Select a column : `ctrl-V` 2. jump forwards to the start of a word: `w` 3. jump forwards to the start of a word (words can contain punctuation): `W` 4. jump forwards to the end of a word: `e` 5. jump forwards to the end of a word (words can contain punctuation): `E` 6. jump to the start of the line: `0` 7. jump to next paragraph (or function/block, when editing code): `}` 8. jump to previous paragraph (or function/block, when editing code): `{` 9. move back one full screen: `Ctrl + b` 10. move forward one full screen: `Ctrl + f` 11. move forward 1/2 a screen: `Ctrl + d` 12. move back 1/2 a screen: `Ctrl + u` 13. insert (append) after the cursor: `a` 14. join line below to the current one: `J` 15. change (replace) entire line: `cc` 16. change (replace) to the end of the word: `cw` 17. delete character and substitute text: `s` 18. redo: `Ctrl + r` 19. comment all lines: `Ctrl + v, GI//` or `:%s/^/\///` 20. Go to first line: `gg` 21. Select till word appears: `v/foo` 22. Select current line and subsequent: `Shift+V n j` 23. Add in odd line: `:let i = 1 | g/^$/execute "normal i>item" . i | let i = i + 1` 24. Making a lits of numbers: `:put =range(11,15)` ## Interesting links: * [Vim Cheat Sheet](https://vim.rtorr.com/) ## To see * marks