User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome Papers

A curated list of cryptography papers, articles, tutorials and howtos.

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Oct. 20, 2021, 9:10 a.m.

Thank you pFarb & contributors
View Topic on GitHub:

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Simple: cryptography for non-engineers

Or why cryptography shouldn't be backdoored, by a all-star committee of crypto researches from around the world.

Brief introductions

General cryptographic interest

Inquiries into formalism and naive intuition behind security proofs, by Neal Koblitz et al.

Introductory paper on NaCl, discussing important aspects of implementing cryptography and using it as a larger building block in security systems, by Daniel J. Bernstein, Tanja Lange, Peter Schwabe.


The Keyed-Hash Message Authentication Code FIPS document.

SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions.

Security analysis of different legacy HMAC schemes by Jongsung Kim et al.

Security of randomized CBC-MACs and a new construction that resists birthday paradox attacks and provably reaches full security, by E. Jaulmes et al.

Secret key cryptography

If stuff above was a bit hard or you're looking for a good laugh.

Example of designing great practical attack on cipher implementation, by Daniel J. Bernstein.

Side channel attacks on AES, another view, by Dag Arne Osvik, Adi Shamir and Eran Tromer.

Broad explanation of Salsa20 security cipher by Daniel J. Bernstein.

Analysis of Salsa20 family of ciphers, by Jean-Philippe Aumasson et al.

Original Rijndael proposal by Joan Daemen and Vincent Rijmen.

Overview of ongoing research in secret key crypto and hashes by ECRYPT Network of Excellence in Cryptology.

Original paper introducing GCM, by by David A. McGrew and John Viega.

Design, analysis and security of GCM, and, more specifically, AES GCM mode, by David A. McGrew and John Viega.

An analysis and algorithm for nonce generation for AES GCM with higher counter-collision probability, by Yuichi Niwa, Keisuke Ohashi, Kazuhiko Minematsu, Tetsu Iwata.

An overview of existing searchable encryption schemes, and analysis of scheme built on AES-GCM, blind index and bloom filter by Eugene Pilyankevich, Dmytro Kornieiev, Artem Storozhuk.


A great example of stream cipher cryptoanalysis, by Yukiyasu Tsunoo et al.

Applying slide attacks (typical cryptoanalysis technique for block ciphers) to hash functions, M. Gorski et al.

Attempt to organize the existing literature of block-cipher cryptanalysis in a way that students can use to learn cryptanalytic techniques and ways to break new algorithms, by Bruce Schneier.

Analysis of number of rounds for symmetric cryptography primitives, and suggestions to do fewer rounds, by Jean-Philippe Aumasson.

A 2005 paper about modular differential collision attack on MD5, MD4 and other hash functions, by Xiaoyun Wang and Hongbo Yu.

A 2012 paper about using the combination of differential and algebraic techniques for collision attacks on SHA-3, by Itai Dinur, Orr Dunkelman, Adi Shamir.

An attack ("Reflection-Meet-inthe-Middle Attack") on GOST block cipher that allows to recover key with 2^225 computations and 2^32 known plaintexts, by Takanori Isobe.

Public key cryptography: General and DLP

Seminal paper by Diffie and Hellman, introducing public key cryptography and key exchange/agreement protocol.

An explanation of the Diffie-Hellman methon in more engineering terms.

Rather education explanation of every bit behind RSA.

Paper by R. Merkle, predated "New directions in cryptography" though it was published after it. The Diffie-Hellman key exchange is an implementation of such a Merkle system.

Dolev-Yao model is a formal model, used to prove properties of interactive cryptographic protocols.

Great inquiry into attacking RSA and it's internals, by Dan Boneh.

An example in attacking practical crypto implementationby D. Boneh, D. Brumley.

Public key cryptography: Elliptic-curve crypto

For many elliptic curve representation forms.

Pracitcal example of implementing elliptic curve crypto, by M. Brown et al.

Seminal paper on EdDSA signatures on ed25519 curve by Daniel J. Bernstein et al.

Zero Knowledge Proofs

A pair of papers which investigate the notions of proof of knowledge and proof of computational ability, M. Bellare and O. Goldreich.

By GoldWasser, Micali and Rackoff. Defining computational complexity of "knowledge" within zero knowledge proofs.

Construction of non-interactive zero-knowledge (NIZK) proofs using lattice-based preprocessing models, by Sam Kim and David J. Wu.

Key Management

Methodologically very relevant document on goals and procedures of key management.

Classic paper from 1999 with guidelines for the determination of key sizes for symmetric cryptosystems, RSA, ECC, by Arjen K. Lenstra and Eric R. Verheul.


Unconditional deterministic polynomial-time algorithm that determines whether an input number is prime or composite.

Post-quantum cryptography

Brief observation of mathematical tasks that can be used to build cryptosystems secure against attacks by post-quantum computers.

Daniel Bernshtein's insight how to save RSA in post-quantum period.


The book covers many constructions for different tasks in cryptography.

Broad overview of design and cryptoanalysis of various ciphers and hash functions, by Bart Van Rompay.

Predominantly mathematically oriented information on learning, using and experimenting cryptographic procedures.

By Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Good classical introduction into cryptography and ciphers.

By Mike Rosulek. A lot of basic stuff covered really well. No ECC.

By Victor Shoup, excellent starters book on math universally used in cryptography.

Lectures and educational courses

Often overlooked, this book is a boon for beginners to the field. It contains plenty of exercises at the end of each chapter, aimed at reinforcing concepts and cementing ideas.

Crypto 101 is an introductory course on cryptography.

Famous set of lectures on cryptography by Shafi Goldwasser (MIT), M. Bellare (University of California).

Video course by Christof Paar (University of Bochum in Germany). In english.

The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems.

Online crypto challenges

A platform with lots of interactive cryptography challenges, similar to Cryptopals.

xipher contest with more than 200 challenges of different levels, a moderated forum, and a hall-of-fame.