About the Book


A Description of students projects that can be used in conjunction with the book can be found here.

To facilitate the homework problems with given ciphertexts, all ciphertexts can be found in this textfile.


Contemporary resources on the different topics of the book and beyond are provided below. The link collection provides ample opportunity for learning more about modern applied cryptography.

Of course, the given links below should be considered as a snapshot of a vast amount of available online documentation and is not exhaustive.

Chapter 1

Introduction to Cryptography and Data Security

Chapter 2

Stream Ciphers

Chapter 3

The Data Encryption Standard (DES) and Alternatives

Chapter 4

The Advanced Encryption Standard (AES)

  • The official specification of AES can be found at the NIST website.
  • A flash animation of the AES encryption was made for the CrypTool project.
  • Jeff Moser created a stick figure guide to AES for his Blog.
  • Brian Gladman provides his his implementations on his web page, which have been used, e.g., in software like WinZip or TrueCrypt.
  • The AES Lounge is a collection of recent research results in context to AES.

Chapter 5

More about Block Ciphers

Chapter 6

Introduction to Public-Key Cryptography

  • A compact description of the history of public-key cryptography with pictures of the core people.
  • A long and fascinating interview with Martin Hellman about the history of public-key cryptography.
  • www.keylength.com gives recommendations for the minimum required key-lengths for asymmetric and symmetric cryptography, for current and future implementations. Eight different methods can be compared to evaluate the minimum security requirements for your crypto system.
  • To get an impression of the size of big numbers as used for public-key cryptography, this web site gives 'real-world' examples.
  • GnuPG for Windows is an open-source collection of tools for Microsoft Windows that allow for comfortable email and file encryption using public-key cryptography. The OpenPGP-based project includes a key manager, supports various email clients and is very well documented. The similar project for Linux users can be found at www.gnupg.org.
  • Wolfram MathWorld explains the properties of Euler's Phi function (also called Totient function) in detail, some graphical plots included..
  • The GMP (GNU Multi Precision) library is an open-source project that allows for arbitrary precision arithmetic with big numbers, e.g., 2048 bit, in your own C programs. The GMP functions for large integers can be tested online.
  • The article 'On the Security of 1024-bit RSA and 160-bit Elliptic Curve Cryptography' by Bos et al. gives a state-of-the-art comparison of the two most widespread public-key algorithms.

Chapter 7

The RSA Cryptosystem

Chapter 8

Public-Key Cryptosystems Based on the Discrete Logarithm Problem

  • The ground breaking paper New Directions in Cryptography by Whitfield Diffie and Martin E. Hellman, published in the IEEE Transactions on Information Theory.
  • A nice alternative explanation of the Diffie-Hellman Key Exchange can be found here.
  • A discrete logarithm calculator using the Pohlig-Hellman algorithm.
  • The Diffie-Hellman Key Agreement Method is described in the Request for Comment (RFC) 2631.
  • Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography, see ANSI X9.42:2003.

Chapter 9

Elliptic Curve Cryptosystems

  • A detailed introduction and history to cryptography with elliptic curves can be found at http://eprint.iacr.org/2008/390.pdf.
  • An interactive introduction to Elliptic Curve Cryptography can be found at the ECC Notebook.
  • The use of elliptic curves is approved by major standardization institiutions. The Standards for Efficient Cryptography Group (SECG) specifies SEC 1, a Standard for Elliptic Curve Cryptography in particular for small and embedded systems.
  • The National Institute of Standards and Technology (NIST) defines a standard for signatures with elliptic curves in NIST FIPS 186 - 3: Digital Signature Standard (DSS).
  • The IEEE P1363 is the standard for public-key cryptography approved by the IEEE.
  • Recent reasearch topics on elliptic curve cryptography are annually reported and presented on the international workshop on Elliptic Curve Cryptography: http://www.eccworkshop.org/.
  • There is a wealth of ready-to-use libraries for elliptic curves with programming languages such a C/C++ and Java. Examples are the Open source ECC library libecc or the Bouncy Castle project.
  • Elliptic curves can have different representations which allow for more efficient computations in special cases. The Explicit-Formulas database, providing a large variety of elliptic curves for use in cryptography, is maintained by Daniel J. Bernstein and Tanja Lange.

Chapter 10

Digital Signatures

  • The National Institute of Standards and Technology (NIST) defines a standard for digital signatures in NIST FIPS: Digital Signature Standard (DSS) and provides a fact sheet on the Digital Signature Standard.
  • There is an online-tutorial available how to program a signature generation and verification tool in java.
  • There are several frontends of the open source project GNU Privacy Guard (GPG) available to easily generate and verify digital signatures, such as the enigmail plugin for thunderbird.
  • The Digital Signature Law Survey homepage provides a good overview of the laws regarding digital signatures for various countries. (Last update August 2005.)
  • The current Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) standard is defined in RFC 5280.

Chapter 11

Hash Functions

  • Overview of many hash functions with specifications.
  • Birthday Paradox: Wikipedia has a nice explanation.
  • Standard for SHA1 and SHA2.
  • Overview on SHA-3.
  • A funny song by (famous) cryptographers about the 50+ submissions to the SHA-3 competition.
  • CrypTool is a learning program which also demonstrates the sensibility of hash functions.

Chapter 12

Message Authentication Codes (MACs)

Chapter 13

Key Establishment