Nekaj novej¹ih povezav:

Cryptology pointers


Security and Encryption-related Resources and Links

OPOMBA A.J.: ¾al je tole le verzija, ki sem jo snel lansko leto (osnovna povezava in pa njena ogledala ¾e nekaj èasa ne delujejo), vseeno pa je verjetno bolj¹a kot niè.
The following are some interesting resources I've found while wandering around on the net. If there's anything which needs updating or correcting, please let me know. Because of its large size, I only update the online version of the page every few months, so please be patient when waiting for updates to reported changes to appear.

Thanks to a few overseas readers there are now mirrors of this page available outside New Zealand which should provide faster access for people in Europe and the US. These mirrors are:

UK Mirror (updated automatically)

UK Mirror (updated manually)

US Mirror (self-extracting DOS file, updated manually)

Crypto Link Farms

Anonymity, privacy, security.
Very nicely done collection of links to anonymity, privacy, and security resources.
Bellare - Crypto links
More link farms, conferences, organizations, electronic commerce, IETF, key forfeiture, crypto people.
Cambridge Computer Security Group Links
Huge collections of links to security-related sites - the format is a bit like this list.
Coast Security Archive - Category Index
A large archive of security software, publications, and technical information.
Crypto-Log: Internet Guide to Cryptography
Algorithms and mathematics, FTP archives, bibliographies, key escrow, disk, file, and mail encryption, crypto laws, internet security, newsgroups and mailing lists, protocols and standards, steganography, voice encryption, security problems.
Cryptography
PGP, encryption algorithms, legal issues.
Cryptography: The Study of Encryption
Crypto newsgroups, papers, cypherpunks, crypto policy, digital cash, and other information sources.
Cryptography Technical Report Server (CTRS)
Various crypto-related tech reports.
Cryptography URL
Encryption standards, FAQ's, and FTP sites.
Datacomms Technologies cryptography archive
Encryption software, text files and information, resources and links.
Email security, cryptography and related stuff
PEM, MIME, and MOSS RFCs, links to CA's, implementations, literature, PGP.
European Cryptography Resources
Recommendations, drafts, papers, new items, official bodies, research, and government meddling.
Firewall Security Jump Page
Links and summaries of a wide variety of firewall products.
Gateway to Information Security Home Page
Links to a large number of security-related sites, books, journals, and related information (imagine this page, but not all lumped together on one page).
Home-Page of Markus Hübner
Security, cryptography, hacking, business on the Internet, security software, satellite hacking.
International Cryptographic Software Pages for Encryption, Decryption, Cryptanalysis, Steganography, and Related Methods
Algorithms, software packages, protocols and standards, books, journals, conferences, newsgroups, mailing lists, crypto links.
Links Related to Terrorism, Intelligence, and Crime
A large number of intelligence, security, law enforcement, disaster planning, terrorism, crime, military, and defense agencies and organizations.
Luca Venuti's Home Page - TPC
Electronic privacy links, organisations, newsgroups.
NCSA Hot Links
Anti-virus software, firewalls, general security vendors, general infosec links, parental control, privacy, law, and ethics.
Neil's Security and Privacy Resources
Encryption, steganography, special events, research, documents, news, security archives, security organizations.
Network/Computer Security Technology
Current events, security web pages, commercial security tools, newsgroups, mailing lists, FAQ's, incident bulletins, conferences/seminars/workshops.
PGP Resources
Resources related to PGP such as mailer add-ons and front-ends, key servers, and related information.
PGP-Users Mailing List Home Page
PGP-related information, remailers, privacy information, security and crypto links.
Richard Pinch: Cryptography page
Links to research groups, associations, publications, companies, government institutions, standards, e-commerce, elliptic curves and factoring, historical, newsgroups and publications.
SAIC Security - Security Documents
Firewalls, WWW security, intrusion detection, Unix security, the internet worm, general network security, and trusted systems.
Security and Privacy Issues
Research, PGP, cypherpunks, SHTTP, crypto software, online banking.
Spanish Crypto Resources
Spanish crypto and security-related companies, magazines, and events.
Steganography
Stego papers, references, research groups, related resources.
The Rotherwick Firewall Resource - Point of Attack
Firewall basics, white papers, products, manufacturers, books, papers, training, mailing lists, links to other firewall-related resources.
Tom Dunigan's Security page
PGP, S/Key, Kerberos, crypto API's, secure applications, commercial providers, government agencies, intrusion detection, vulnerabilities.
TSA (Law Enforcement and Intelligence) Links
More links to law enforcement and intelligence agencies.
Uni-GH Siegen - Security-Server
Encryption algorithms, data protection, steganography, ecash, Internet security, viruses, conferences, security standards, newsgroups and mailing lists, RFC, journals.
Vince Cate's Cryptorebel/Cypherpunk Page
Cypherpunks resources, remailers, digital cash, PGP, and Clipper.
Vinnie's Crypto Links
Crypto overviews and FAQ's, link farms, encrypted comms, e-commerce, crypto libraries.

Crypto FTP Archives

FUNET crypto archive
PGP, symmetric and asymmetric encryption, crypto libraries, papers.
Oxford Uni crypto archives
DES, SSL, cryptanalysis, documentation, PGP, miscellaneous.
Replay crypto/security archives
Apache, Applied Crypto files, encryption, Java, PGP, remailers, security, voice encryption files.
University of Hamburg crypto archive
Disk and file encryption, PGP, stego, voice encryption.
University of Oslo PGP archive
PGP and PGP-related software.
UREC archive
French archive of CERT bulletins, dictionaries, PC, Unix, VMS security software (mostly anti-virus and access control rather than crypto).

Crypto Social Issues

[1997] 1 Web JCLI
Analysis of the UK governments policy on encryption.
Additional Comments of Philip R. Karn, Jr.
Phil Karn rebuts inaccurate and bizarre government claims in congressional testimony (this is an example of the kind of misinformation which government advisors often provide to their governments).
Big Brother Incorporated
Companies which supply surveillance technology to non-democratic regimes.
Canada's export controls
Summary of the Canadian crypto export situation.
Centre for Democracy and Technology Crypto Page
CDT information on current US crypto policy
Clipper Roadshow
US government policy laundering on key escrow.
CNET features - digital life - privacy in the digital age
Digital privacy (or more specifically, the lack thereof).
Codex Surveillance & Privacy Page
Surveillance, stalking, privacy invasion, eavesdropping, and anything else related to these categories.
Comments on Encryption Transfers
Comments on new US export regulations.
Comments on Encryption Transfers - HTML
Easier-to-handle HTML versions of the above.
Crypto AG - Der Spiegel (German)
Allegations of intelligence agencies subverting Crypto AG product security.
Crypto Law Survey
A survey of crypto laws in various countries.
Crypto regulation in Europe
The state of crypto regulation plans in Europe as of May 1997.
Cryptography's Role in Securing the Information Society
National Academy of Sciences report on cryptography policy.
Cyberspace Law for Non-Lawyers
Privacy laws and the Internet.
DTI/UK Encryption Policy
Reply to the DTI Consultation Paper on Licensing of Trusted Third Parties for the Provision of Encryption Services.
EE Times - White Paper
White paper on hackers.
Emerging Japanese Encryption Policy
How Japan, Inc, handles encryption policy (a real contrast to the US governments attitude).
Encryption Policy and Market Trends
Dorothy Dennings 1997 GAK forecast.
EPIC Cryptography Policy
EPIC information on current US crypto policy.
EPIC Privacy Links
EPIC privacy resources.
export-a-crypto-system sig
Diminuitive crypto hacks (well-known algorithms in a few lines of Perl, Python, or C) and how to use them to poke fun at export laws.
Exposing the Global Surveillance System
Extracts from Nicky Hager's book "Secret Power".
FinCen
Big Brother for financial information.
Former Secrets
Declassified US government machinations to ban/restrict crypto.
FUD! Home Page - Crypto legislation
Contents of and discussion over various US crypto bills.
GNN on Crypto
Global Network Navigator web review: The NSA vs The Net.
GR Design Principles
GAK-resistant crypto protocol design guidelines.
Gray Areas Magazine
Essays and articles on the computer underground (and all sorts of other things).
Internet Privacy Coalition
Attempts to ensure privacy on the internet.
Interview with David Herson - SOGIS
Interview on European crypto policy.
ITAR Civil Disobedience
Click on this form to become an international arms trafficker.
Key Recovery Study
The risks of key recovery, key escrow, and trusted third party encryption.
KRISIS Home Page
GAK/EuroClipper home page.
The NSA's Influence on New Zealand Crypto Policy
NSA influence on New Zealand export policy.
Phone Tapping
Information and resources on government phone tapping plans.
Privacy, Inc.
Various resources related to the (lack of) privacy, including access to databases and online information search facilities.
Privacy International Home Page
Privacy reports, interntional agreements on privacy and human rights, surveillance technologies, ID cards, privacy-related conferences.
Remailer list
List of anonymous remailers.
Roger Clarke's Privacy Page
Data surveillance and information privacy information publications, and legislation.
Roger Clarke's Public Interests on the Electronic Frontier
Paper discussing various freedoms and rights such as the right to privacy.
RSA as a MIDI file
RSA encoded as a MIDI file. Technically this is a program and therefore unexportable from the US.
Self Incrimination and Cryptographic Keys
Richmond Journal of Law and Technology article on forced disclosure of crypto keys.
Services Available from Offshore Information Services Ltd.
Offshore internet services and accounts in Anguilla.
SOFTWAR Information Security
Declassified papers and resources on Clipper and key escrow, voice and mail encryption software.
Telekommunikationsgesetz
East German surveillance state-style laws being applied in the unified Germany.
The Age - Computers
DSD meddling in Australian crypto exports.
Tools For Privacy: Version 1
An online book covering threats to privacy, cryptography, PGP, and related issues.
Updated UK Proposals for Licensing Encryption Services
Critique of UK crypto licensing/GAK proposal.
Walsh Report
Report on Australian crypto policy, originally suppressed by the government, then released after a judicial review.
What your Browser is Sending
See what information your web browser is sending to remote servers.

Crypto Software

Advanced Cryptography Tool
Crypto tool using PGP 2.6.3i with triple DES and SHA-1.
Apache HTTP Server Project
Apache secure web server.
Canadian Cryptographic/cryptanalytic software
Canadian encryption software and companies.
CIPE
Crypto IP encapsulation - encrypting IP routers using Linux.
Cisco Systems ISAKMP Distribution
A reference implementation of the IETF's ISAKMP protocol.
CRASHME: Random input testing.
Tests resistance of programs to random input.
cryptiX
X.509 security package written in Java (page requires a Java-enabled browser to view).
cryptlib Information
Encryption library supporting both low-level direct access to a large number of algorithms and high-level access to functions like cryptGetKey() and cryptCreateSignature().
Crypto Kong
PGP-like program using elliptic curve crypto.
Cryptographic Libraries: A comparison
Comparison of various free (and free-world) crypto libraries.
Cryptographic software
Elliptic curve and RSA public-key encryption software.
Cryptographic tools for Visual Basic
Elliptic curve OLE extension for VB.
CTC - PGP-compatible encryption software
PGP-compatible C library and Mac application.
Disk/File Wiping Utilities
Programs to wipe files, free disk space, slack space, the Windows swap file.
Encrypted PDFs
Code to work with encrypted PDF's (intended mainly for use with Ghostscript).
Enigma
PGP-compatible plugin written in Java.
Error Correcting Codes (ECC) Home Page
C source code and information on ECC's (the techniques employed are closely related to encryption techniques).
ESP Reference
Encrypted socket protocol (an open protocol for TCP/IP secure transmissions).
FastCAST's Homepage
P5-optimised code for CAST-128/CAST5.
Fortify for Netscape - Home Page
Free 128-bit SSL browser proxy,
Frank O'Dwyer's Homepage - Security Code
DES in Java, C++ firewall class library.
Fuzzy Logic: Cryptography
The GNU encryption project.
G10 - A Free PGP Replacement
GPL'd PGP clone.
GMD Security Technology - SecuDE
Security toolkit for RSA, DSA, DES, DH, X.509, PKCS, PEM, X.500, and BYOG.
Hassop Cottage PGP Page
PGP sites, key servers, remailers.
Heimdal
Non-US Kerberos 5 implementation.
IAIK - Javasecurity Homepage
Java cryptography extensions from the free world.
International PGP Home Page
How to get PGP, documentation, foreign-language support, PGP-related products and services, and other PGP resources.
Internet Locations for Materials on the Disks for Applied Cryptography
Site #1.
Internet Locations for Materials on the Disks for Applied Cryptography
Site #2.
IRDU PGP Page
PGP information, software, key management, key server interface, PGP links.
Java Cryptography Extension 1.2
The Open JCE Project for Java
JGSS Package Distribution Page
Kerberos in Java.
Keytrap Home Page
Dcyphers keyboard sniffer.
libch's Homepage
P5-optimised code for various hash algorithms.
LInteger
C++ bignum library.
Linux Packet Sniffer
IP packet sniffer for Linux.
Microsoft CryptoAPI
Microsoft's (rather nice) cryptograhpy API.
Ming-Ching Tiew Home Page
PGP key manager, PGP netscape plugin, Motif and Win32 file encrypter using cryptlib, cryptlib Java wrappers.
Nautilus Homepage
Speech encryption (with a neat anti-Clipper graphic).
Package Acme.Crypto
Various Java crypto classes.
PC Security Software & Sources
Brief descriptions of various security programs.
PGP Tools
PGP function library.
PGPLIB
DLL which implements various PGP functions.
PGPNet Server
A dummy home page for the www.pgp.net domain (incomplete).
Private Idaho User's Manual
Documentation for Private Idaho.
RIPEM
RIPEM source code and information.
RSA Free Utilities
RSA key generation and encryption for Linux.
RSAEURO - Cryptography For The World
The free-world version of RSAREF.
Secure FileSystem Information
The world's best transparent disk encryption software for DOS and Windows (this has nothing to do with the fact the I'm the author :-).
Sir Winston Rayburn - Crypto/Politico
Various encryption reoutines.
SNOW Home Page
Whitespace steganography software.
spDES Encryption Control
ActiveX DES control.
Ssh (Secure Shell) Home Page
Very good encrypted, digital-signature-authentication remote access software (replaces the r* utilities, allows X11 and TCP port redirection over the encrypted connection).
SSLeay and SSLapps FAQ
Very nice, free SSL implementation (like Netscape's SSL, but without the bugs and crippled encryption).
Speak Freely for Windows
Encrypted voice communications over the internet.
Systemics Software Archive
Crypto extensions for perl and Java.
The Cryptography and PGP Page
Classic ciphers, links to crypto sites, explanations of the maths behind PGP and RSA, privacy issues.
Tiny Encryption Algorithm
Description and C source code.
Transparent Cryptographic File System
TSS PGPWord... Real Security, Real Easy
PGP encryption integrated into Word for Windows.
Uni-GH Siegen - Security-Server - Kryptographie
Pointers to information on and implementations of a number of conventional, public-key, and hash algorithms.
Wei Dai's Crypto++
C++ class library of cryptographic primitives.
WinPGP(tm) Home Page
Windows front-end for PGP.
Wipe 0.02
Heavy-duty file wiper for Linux.

Miscellaneous Security Items

Cypherpunks and Cryptorebels

Cypherpunks Archive Index
Cypherpunks Home Page
The cypherpunks archive via HTTP. PGP, remailers, crypto papers, clipper, and pointers to further information.
Cypherpunks Key Cracking Ring
The cypherpunks attack crippled US export-approved encryption.
Cypherpunks SSL challenge broken
The cypherpunks break crippled US export-approved encryption.
Cypherpunks Tonga
Cypherpunks Tonga - various cypherpunks projects and work in progress.
export-a-crypto-system sig
PGP Keyserver Interface
WWW interface to the PGP keyservers.
The Crypt Newsletter Homepage
Various reports from the computer underground on hacking, security, viruses, hackers, and related issues.

Public Key Infrastructure

Analysing State Digital Signature Legislation
Analysis and comparison of various states' digital signature laws.
BelSign
Belgium and Luxemburg CA.
BiNARY SuRGEONS: Certification Services
South African CA.
C=EE, O=ESTONIAN NATIONAL PCA
Estonian CA.
CA-CERT
Spanish CA.
Certification Authority Survey (DGXV Project)
List of CA's worldwide.
Certificates shipped with Netscape
Extracting certs from Netscape's .db files.
CERTISIGN
Brazilian CA.
COST Computer Security Technologies
Swedish CA, also smart cards, secude email, DCE, EDIFACT, X.509 certificates.
Digital Signature Guidelines
American Bar Association digital signature guidelines, available as WordPerfect and Word documents.
Florida Digital Signatures - Final Report
Final report on the Florida digital signature guidelines.
European ICE-TEL Project
PKI for Europe
GTE CyberTrust Home
GTE CA.
IAIK - ICE-TEL Information Service
Austrian CA.
IBM Registry and World Registry
IBM CA and PKI products.
ICAT Home Page
Japanese CA.
ICE-TEL
Portuguese CA.
ICE-TEL Certification Infrastructure
European CA.
IKS Zertifizierungsinstanz
IKS CA.
Individual Network
IN certification authority.
Installing certificates and root keys in Internet Explorer 3.0 & IIS 3.0
Instructions on installing certificates into MSIE.
Internet PCA Registration Authority
IPCA public key.
Keywitness Canada
Canadian CA.
MA.US/ITD/LEGAL
Massachusetts digital siganture and online commerce guidelines and information.
MC Home Page
The meta-certificate group (an alternative to X.509/PKIX-type certificates).
OpenPathCA
Siemans CA toolkit.
PGP Public Key Server
One of several web-based PGP key servers.
Politecnico di Torino: ICE-TEL
Italian CA.
Public Key Authentication Framework: Tutorial
A tutorial on PKI.
Public Key Infrastructure
NIST's PKI information page - interoperability guidelines, PKI panels and overviews, PKI documents.
Public-Key Infrastructure (PKIX) home page
Home page of the PKIX working group.
Public-Key Infrastructure Standards
Slides from a talk on PKI standards and work in progress.
SI-CA
Slovenian CA.
Signet PAA Certification Authority Key Information
Australian CA.
SoftForum Certifying Center
Korean CA.
SPKI Certificate Documentation
Documentation and links for SPKI certs.
SPKI Requirements
Simple public-key infrastructure requirements.
SSLEAY 0.8.1 and MSIE 4.0 X509 certificates
Setting up certificates using SSLeay and MSIE 4.
Summary of Digital Signature and Electronic Signature Legislation
McBride Baker & Coles summary of worldwide digital signature legislation.
TradeAuthority
General CA.
UK Academic PCA
UK CA.
UNI-C PCA
Danish CA.
UNINETT Certification Authority - UNISA
Norwegian CA.
VeriSign, Inc.
Major worldwide CA.
Verisign Repository
Information on digital ID's and certificates, certificate practices, and FAQ's.
Weaving a Web of Trust
Trust management on the WWW.
WebVision Developers Corner
CA toolkit and guide ("low-budget CA").
X.509 Sample Certificates
Various sample certificates including oddball fields and types.

Random Numbers

Aware Electronics Corp.
PC Geiger counters (great random data sources).
CME's Random Number Conditioning Page
Information on sources of strong random numbers.
Computer Generated Random Numbers
Techniques for analyzing PRNG's.
DIEHARD
George Marsaglia's RNG test suite.
HotBits: Genuine Random Numbers
Build-it-yourself radioactive-decay based random number generator (perfect for Chernobyl residents).
Ideas for an RNG_DEVICE standard
Proposed standard for random-number generation devices.
Lavarand!
Random number generation using lava lamps.
Noisemaker schematic
Hardware RNG.
Numerical Recipes Home Page
CDROM contains ~1/4GB of random numbers.
ORION RNG
Serial-port hardware RNG.
Protegrity Incorporated
Cryptographically strong random number generator.
Random Number Generation, Taygeta Scientific Inc.
Papers and software for PRNG's.
Random number generators -- The pLab Project Home Page
Theory and practice of random number generation.
Random number generators
Analyses of hardware and software randomg number generators.
Random Number Generators (RNGs)
Web sites and references for RNG information, information on various PRNG's.
Randomness Resources
Resources on secure random-number generation and the problems of insecure random number generation.
RBG1210
Cryptographically strong random number generator.
SG100
Hardware random number generator.
Using and Creating Cryptographic-Quality Random Numbers
Randomness-gathering techniques.

Security Books, Journals, and Bibliographies, and miscellaneous short publications

A Survey of The Electronic Payment Industry
Brief survey of some of the major e-payment industry players as of early 1997.
ACM Transactions on Information and System Security
(Just a call for papers at the moment).
Aegean Park Press
Historical books on cryptography, intelligence, military history, and related topics.
ATDL
US army field manuals, schools, strategies and systems.
Bibliography of Molecular Computation and Splicing Sytems
Bibliography on molecular computing, including attacking encryption systems using molecular computers.
CAST Encryption Algorithm
Publications pertaining to the CAST encryption algorithm.
CEE VAR News
Central and East European Secure Systems Strategies (online security journal).
CHACS Publications
Centre for high-assurance computer systems publications.
Charles Blair's Notes on Cryptography
Number theory, public-key encryption, RNG's.
Computer Services : Administrator's Pages : NT stuff
Installing a student-proof NT setup.
Computer Virus Handbook
Seven Locks' online virus handbook.
Counterpane Homepage
Bruce Schneier's "Applied Cryptography" information.
Credit Card Transactions: Home Page
Overview of CC terms and mechanisms, including discussion of various online CC processing methods.
Crypto Glossary
Terry Ritter's crypto glossary (long).
Cryptography and Number Theory for Digital Cash
Introduction to crypto and number theory for digital cash.
Cryptography: some important points for beginners
Crypto FAQ for beginners.
Cryptologia.
Cryptosystems Journal Home Page
CSL Bulletins
NIST Computer Science Laboratory bulletins
CuD "Computer Underground E-Publications - Top Level" Archive
Cypherpunks Archive Index
Cypherpunks mailing list archive.
Data Security by Design
Designing buildings to thwart electronic eavesdropping.
David Wagner's Crypto Posts
General cryptography, cryptanalysis, computer security.
des-coding List Archive
Archive of the des-coding mailing list.
e$ Home Page
The e$ mailing list, information on digital cash clearing, digital bearer bonds, financial cryptography, and related topics.
ECC FAQ
Elliptic curve cryptography FAQ.
EIT Creations: Secure HTTP
Information on the SHTTP protocol.
Electronic Surveillance
Large archive of documents on electronic surveillance.
Elliptic Curve Tutorials
Tutorial on elliptic-curve crypto.
Encryption News Resource Page
Encryption and security-related news stories.
Enigma and Its Decryption
Details on the Enigma machine and software simulators.
Enigma and the Turing Bombe
Description of the Bombe and bombe simulator.
Enigma bibliography
EPFL - LSE - Project CrySTINA
Papers and information on the Cryptographically Secured Telecommunications Information Networking Architecture.
Firewalls mailing list
Firewalls mailing list archives.
Foundations of Cryptography by Oded Goldreich
Fragments of a book (4 of 10 chapters exist).
Hack-Tic Magazine Archive
1989-1994 Hack-Tic magazine archive (scanned images, in Dutch).
Handbook of Applied Cryptography
Information on the book (well worth getting).
Historical Crypto Links
Links to sites containing information on Enigma, Purple, Magic, and other WWII-era crypto.
HTTP Security group of W3C
W3C security resources.
IBM Patent Server Home Page
Access to over 2 million US patents, including many crypto and security-related ones
IEEE Computer Security and Privacy
IEEE Computer Society press online catalogue, security and privacy section.
ietf-pgp-mime mailing list
PGP/MIME RFC's and mailing list archives.
ietf-smime mailing list
S/MIME RFC's and mailing list archives.
Info Security News
Integrity Sciences, Inc. SPEKE password authentication
Authenticated DH key exchange.
Internet drafts
Current internet drafts, including many security-related ones (but you really need to know what you're looking for).
Internet Infrastructure Protection - DNS Security
DNS security RFC's and sample code.
Internet Legal Practice Newsletter
Internet-related legal issues (relevant to electronic commerce).
Introduction to Crypto Systems
Lecture slides from a seminar by Vinnie Moscaritolo.
Introduction to Cryptography
Ives Gobaus's easy introduction to cryptography.
Java Security: Frequently Asked Questions
Java security questions and issues.
JIBC - Journal of Internet Banking and Commerce
Electronic commerce, legal issues, EDI, etc.
JILT: Home Page
Journal of Information Law and Technology.
JYA Crypto
John Youngs collection of crypto links, mostly covering crypto social issues, laws, espionage, government regulation, and an amazing array of other interesting things.
Keyed MD5
Papers on HMAC's.
Lawries Cryptography Bibliography
Searchable index of over 800 crypto and computer security articles.
Linux Security Home Page.
Linux security information.
Mac Crypto - Info
Mac-Crypto conferences and digests.
Mach5 Software Cryptography Archives
Overview of crypto, catalogue of crypto algorithms.
Micropayments on the Internet
Overview of various micropayment schemes.
Microsoft CryptoAPI mailing list archives.
NameBase Book Index
Reviews of books on intelligence agencies, high-tech, military, and a potpourri of government agencies, drugs, elites, big business, organized crime, terrorism, US foreign policy, and so on.
Network Computing
Various articles on encryption from Network Computing magazine.
Network Encryption - history and patents
Patents on network encryption.
New Zealand Digital Library
Bibliogaphy/tech report/FAQ searchable index.
NSA to NARA OPENDOOR Bibliographic Index
Index of NSA declassified documents.
NSAM-160
Scanned copy of declassified 1960's memo on NSA public-key encryption research.
NSG Publications
IBM Network Security Group publications.
NT Domain Authentication
NT/CIFS domain authentication specification.
NT Security - Frequently Asked Questions version
On Distributed Communications
1964 RAND paper on secrecy and computer security.
Patent Database Access
Search the US patent database for crypto patents.
PGP 5 Users Guide
Online guide to PGP 5.0
PGP Quick Reference
Command reference card for PGP.
PGPfone Mailing List Archive
Phrack Magazine
President's Commission on Critical Infrastructure Protection.
Various US government agencies look at Jobsec^H^H^H^HInfosec.
Prime Page (An Index of Information on Prime Numbers)
Everything you need to know about prime numbers.
RSA Labs Frequently Asked Questions
Frequently asked questions about encryption algorithms, techniques, protocols, and services.
RSADSI'S Art Gallery
Cool crypto-related pictures.
Security Handbook
Seven Locks' online security handbook.
Security Issues in WWW
Various WWW security issues.
Security Protocol Workshop'97
Preprints of papers from the workshop.
SET
Good, thorough coverage of SET and secure card-processing issues.
SET Journal
Journal devoted to SET and SET implementations.
SET Protocol: Business Implications and Implementation
A good general overview of the implications of SET.
Shahram (publication)
Linear cryptanalysis of DES (MSc thesis), various papers on hash functions.
Scrambling News
Satellite TV scrambling and descrambling methods.
Search Security Bibliography
Retrieve documents from a large archive of crypto/security papers.
Smith's Internet Cryptography Site
Chapter outline pages include links to crypto-related publications and resources.
SNDSS'96
Symposium on Network and Distributed Systems Security (SNDSS'96) proceedings.
Springer-Verlag New York
Publishers of LNCS (crypto and security conference proceedings).
SSL Pipermail Archive
ssl-talk mailing list archive.
SSL-Talk FAQ
The SSL discussion list FAQ.
Survey: corporate uses of cryptography
Survey of corporate applications of and attitudes towards encryption.
Tasty Bits from the Technology Front
Free technology newsletter which includes coverage of encryption issues.
Technical Papers at Psionic Software Systems Inc.
Covert channels using TCP/IP (including source code).
The Collection of Computer Science Bibliographies
Large collection of computer-science-related bibliographies, including encryption and security issues.
The PDF Encryption Format
TSI International
Electronic commerce and EDI resources.
UCL Crypto Group - Call for papers
CFP's for conferences, including crypto and security conferences.
USENIX Conference Proceedings
Includes material from Usenix security conferences and symposiums.
USS Pampanito - ECM Mark II
Electronic Cipher Machine (SIGABA) details.
Verifying Security Protocols Using Isabelle
Various papers on verifying security protocols.
Wim Van Eck
van Eck/TEMPEST eavedropping.

Security Standards, Laws, and Guidelines

A Guide to Understanding Data Remanence in Automated Information Systems
ACSI 33
Security guidelines for Australian government IT systems (typical unclassified-level security guidelines).
Advanced Encryption Standard (AES) Development Effort
NIST's AES home page.
An Analysis of PGP's Trust Model
ATM Security Page
Asynchronous Transfer Mode security standards, products, publications, and work in progress.
Außenhandelsgesetz - Dual Use Güter
Austrian (EU-derived) export restrictions.
Australian Controls on the export of Defence and Strategic Goods
CAVE encryption algorithm
The (deliberately crippled) US cellular phone "encryption" algorithm.
Commercial Encryption Export Controls
ITAR (under new management).
Common Data Security Architecture
Intel's proposed API for adding an encryption/authentication layer to Windows systems.
Computer seizure guidelines
US federal guidelines for searching and siezing computers.
Computer Security Objects Register
NIST security-related object identifier registry.
CSP Designators
Crypto designators for WWII-era and early postwar comsec gear.
DAP Malaysia National Homepage
Malaysian computer crimes, digital signature, and telemedecine bills.
DCE Security
DCE security specs and literature, DCE security program group and research efforts.
Digital Signature Guidelines
ABA Digital Signature Guidelines
Draft UNCITRAL
Draft UN law on electronic commerce.
Export Administration Regulations (EAR)
Latest version of the ITAR (which became the DTR, and now the EAR).
ECMA Standards (Blue cover)
EDI Security
An overview of EDI security.
EDIFACT Security Implementation Guidelines
EDIFACT security... dear oh dear.
Electronic Commerce, EDI, EDIFACT and Security
Internet electronic commerce security (PEM, PGP, SHTTP, S/MIME, SET, SSL, etc), EDI security (X.12, EWOS), EDIFACT security, other EDI and EDIFACT standards.
EMV sets standards for global integration of Chip cards
Standards for smart cards. smart card terminals, and applications.
Excerpts from the Export Control List of Canada
The sections which apply to crypto software/hardware.
Extensions to PGP Key Format
Extensions to the PGP key format for PGP 5.
FIPS Home Page
Federal Information Processing Standards (including many crypto standards).
German Digital Signature Law
Draft of the law with related press releases and information.
r³ security engineering ag, Information about IDEA cipher
Details on the design and development of IDEA.
ICE Home Page
The Information Concealment Engine block cipher.
IEEE P1363
RSA, Diffie-Hellman, elliptic curve, and related public-key cryptography (P1363)
ietf-open-pgp mailing list
PGP standardisation mailing list, RFC's, and archives.
Internet Mail Standards
Including S/MIME, PGP/MIME, MSP security in MIME, simple authentication and security layer (SASL), and mail ubiquitous security extensions (MUSE).
IESS Specs
Intelsat specs - roll your own Echelon.
IP Security Protocol (ipsec) Charter
IPSEC drafts and RFC's.
IP Security Working Group News
IPSEC specifications, drafts, related drafts, mailing list archives, and implementations.
ISAKMP and Oakley Information
Internet security association and key management protocol information.
ISO SC27 Standing Document 7
Abstracts for various ISO security standards.
ISO Standards
X.400, 500, 600, 700, 800. Get 'em quick before the ISO forces them offline.
ISO-IEC-9594
X.500 standards (including X.509) as Postscript files.
ITU series X Recommendations - Data networks and open system communication
This includes X.400 and X.500 security-related standards. Note that you can get a lot of these free elsewhere if you know where to look (check some of the links on this page).
Maßnahmenkataloge zum Gesetz zur digitalen Signatur
BSI guidelines for implementing the German digital signature law (algorithms, protocols, and services).
Microsoft Security Technologies
Authenticode, CryptoAPI, SSL and PCT, SET.
Netscape Certificate Extensions Specification
Netscapes private extensions to X.509.
NIST Computer Security Standards
FIPS and NIST special publications
NIST's DES Validation List
List of NIST-validated DES implementations.
NT Security - Frequently Asked Questions
OECD Draft Guidelines fpr Cryptography Policy
Leaked copies of the OECD crypto guidelines.
OECD guidelines comments
Stewart Bakers comments on the creation of the OECD crypto guidelines.
OID assignments from the top node
Play the ASN.1 object identifier game! See if you can find an OID for the algorithm you're looking for (and if not, invent your own). Win magnificant prizes, etc etc.
Open Systems Environment Implementors Workshop
You may be able to find bits and pieces of X.500 (including X.509) information here which are a lot more up to date than the ISO/ITU ones.
PKCS
RSADSI Public Key Cryptography Standards.
Public Key Infrastructure References
Public-key infrastructures (X.509, X-509-related, RFC's, other documents).
Rainbow Books
The DoD rainbow books and other security publications.
Security & Electronic Commerce
X/Open security, DCE, and GCS-API.
Security- and Privacy-Related Standards
A list of (mainly ANSI) security-related standards.
Security Guidelines
Australia/NZ GOSIP security guidelines.
Security Standards
Catalogue of international security-related standards and standards organisations.
Security Technologies
Microsofts security standardisation efforts.
SET (Secure Electronic Transactions)
SET message definitions.
SET Electronic Commerce
SET standards, and updates.
Software Industry Issues: Digital Signatures
Links to various digital signature law initiatives.
Source Code Review Guidelines
General guidelines for writing security-conscious code.
SSL 3.0 Specification
SSL 3.0 spec (online version and as a PS file.
Technical Advisory Committee to Develop a Federal Infomation Processing Standard for the Federal Key Management Infrastructure
US key escrow standards working group.
Technical Security Standard for Information Technology (TSSIT)
RCMP security standard.
Teletrust Algorithmenbeschreibung
Teletrust security architecture algorithms specification.
Teletrust Deutschland e.V.
Industry group/standards body formed to support security and authentication in communications.
The Wassenaar agreement.
The successor to COCOM, which restricts movements of dangerous technology such as biological, nuclear, and chemical weapons, missiles, artillery, and encryption software.
TNO-FEL: Common Criteria
Common security evaluation criteria.
Transport Layer Security (TLS) Working Group
Home page of the TLS WG.
Unix secure source code checklist
AusCERT checklist for programmers writing security-conscious Unix code.
Wassenaar Arrangement
The Wassenaar Arrangement as obtained from leaks or freedom-of-information lawsuits.
Wassenaar Arrangement - US control lists
The Wassenaar control lists as crowbarred from the US State Department by an FOIA request.
What is DMS?
The Defense Messaging System - like X.400 and X.500, but not as simple.
Windows Cryptosystem Guidelines
Security guidelines for encryption under Windows.
WWW-Security Reference page
Internet standards bodies, HTTP security proposals, IETF working groups, Internet standards, mailing lists.
X9 Home Page
ANSI X.9 standards (including crypto standards).

Algorithm benchmarks
Relative speeds of a number of encryption and hash algorithms.
AT&T PathServer
PGP web of trust tracing server.
Bletchley Park Home Page
Visitors guide to Bletchley Park.
Bob Tinsley's Steganography Pages
Steganography papers and ideas.
DigiCrime, Inc.
Online links to digital crime, blackmail services, encryption key cracking, airline rerouting, internet shoplifting, e-cash laundering, alien mind control, etc etc.
Information on VideoCrypt Hard/Software
KL7/KWR37 Crypto Units
Descriptions and photos of the KL7 and KWR37.
KuesterLaw Technology Law Resource
Technology and IP law resources.
Matt's Unix Security Page
Unix and Internet security papers, security software, links and miscellaneous items.
Microsoft Security Advisor Program
Microsoft's interpretation of security (see many other links on this page for everyone elses interpretation of Microsoft's security).
NSA Crypto Museum Photos
Pseudoprimes/Probable Primes
Papers on primality testing.
RADIOPHONE Top Level
Information on cellular telephony, PCS, and wireless data transfer.
Remailer related Sources
Remailer home pages, remailer techinfo, PGP introduction, PGP keyservers, crypto pages and laws.
Securing NIS
Sirene Home Page
Various research projects in computer security.
SourceKey - The Global Source for Key Recovery
GAK/key escrow/trusted third party/whatever centre.
SSL Browser Information
Information on the SSL implementation used by your browser.
Steganography
A paper on steganography.
The Square Page
The Square block cipher and links to implementations.
Toby's Cryptopage
Information and links to historical cryptosystems and encryption machines.

Security Agencies and Organizations

Ajax U.S. & International Government Military, Intelligence & Law Enforcement Agency Access
Links to intelligence and law enforcement agencies, defence agencies and laboratories, military and other government agencies.
AUSCERT - Australian Computer Emergency Response Team
CERT Australia home page.
Bundesamt fuer Sicherheit in der Informationstechnik
The German version of the NSA.
Canadian Security Forum
Canadian computer security information.
Cerulean Technology - Law Enforcement Links
CESG Home Page
CESG (aka GCHQ) home page (pretty meagre).
CERT Coordination Center
Computer Emergency Response Team home page.
Codes and Codewords
Codes and codewords used in military projects.
Communications Security Establishment Official Page
The Canadian CSE's official web page.
Communications Security Establishment Unofficial Page
The Canadian CSE's unofficial web page, which is much more interesting than the official one.
Covert Action Quarterly
Articles on covert action and surveillance.
DefenseLINK News Overview
US Department of Defence news releases, with an extensive archive of older material.
DoD classified spending for FY 1997
US classified military programs spending for 1997.
Defence Signals Directorate - Information Security Branch
The Australian NSA subsidiary.
IEEE Cipher Newsletter Archive
Archives of the IEEE cipher newsletter containing a great deal of general news on crypto issues.
Info-Sec Super Journal
An online InfoSec journal.
Intelligence and Counter-Intelligence Link Farm
Spying, US intelligence agencies, DoD, air force, navy, army, foreign intelligence agencies, whistleblowers, online intelligence archives, military intelligence, weapons technology transfer, industrial espionage, security companies.
International Association for Cryptologic Research
IACR home page.
L0pht Heavy Industries
Hacking central, and a great source of information on security problems.
NAIS Online Newsletter
National Association of Investigative Specialists newsletter. Information of interest to investigators, video surveillance, search and seizure, privacy techniques, legal issues.
National Computer Security Association
National Security Agency High-Performance Computing Projects
Various high-performance computing projects sponsored by the NSA.
National Security Agency
The NSA's home page.
National Security Agency Unofficial Page
The NSA's unofficial home page (much more interesting than the official one).
National Security Archive Home Page
Archives, electronic briefing books, declassified documents, related information.
NSA: America's Fortress of Spies
The Baltimore Sun's six-part series on the NSA.
NIST Computer Security Resource Clearinghouse
NIST computer security resources.
NIST Computer Security Publications
NIST computer security publications.
NZ Intelligence Agencies
NZ Intelligence agencies.
Preparing for the 21st Century
GPO appraisal of the US intelligence community
Project on Intelligence Agency Reform
Lots of information on intelligence agencies which their home pages will never tell you.
Security Resource Net
Intelligence, corporate and computer security, counterterrorism, personal security, legislation, news bulletins, upcoming events.
Seven Locks Software
Security news and information, software, online discussion forums, products and services, calendar of security events, firewalls, viruses, security courses and policies.
SPAWAR Information Systems Security Office Homepage
Space and Naval Warfare Systems Command information.

Security People

Links to home pages of cryptographers
Large list of links to cryptographers home pages.
Ross Anderson
Mihir Bellare
Steven Bellovin
Eli Biham
Wei Dai
Dorothy Denning
Oded Goldreich
Shafi Goldwasser
Bob Jenkins
Phil Karn
Markus Kuhn
Stefan Lucks
Terry Ritter
Ron Rivest
Phil Rogaway
Greg Rose
Ken Shirriff
William Stallings
Doug Stinson
Serge Vaudenay
Boudewijn Visser
Bennet Yee
Yuliang Zheng

Security Problems

$10,000 DES Challenge
RSADSI's encryption-breaking challenge.
ActiveX - Conceptual Security Flaw
Using ActiveX to steal money via fake bank transfers.
AOL-Security Pages
AOL security problems (some fairly scary).
Architectural considerations for cryptanalytic hardware
Breaking RC4, A5, DES, and CDMF with FPGA's.
Archive of Hacked Websites
Various web pages which have been altered by hackers.
Armageddon
Packet sniffing and spoofing.
Bokler's Guide to "CRACKER" Software
Programs to break the "encryption" on a number of DOS and Windows programs.
BugNet
Wintel PC bugs, including occasional security problems and holes.
Bugtraq Archives for July 1995 - present
Security vulnerability archives.
Bugtraq mailing list archives
Security vulnerability archives, 1993-present.
Channel 1 File Library:Unprotects
Unprotects for a large amount of software.
Chaos Computer Club
Computer Crime Reference Index
Organisations, publications, legal resources, security advisories, mailing lists.
Cookie Jar
Control which web servers can get cookies.
CooL_MoDe's Kewl World
Exploit files for a wide variety of Unix security problems.
CRAK Software
Password-recovery software for Word, Excel, 123, Quattro Pro, WordPerfect, Quicken, etc.
Crash Netscape
This URL will crash Netscape (and make Windows unusable for Win 3.x) when connected to.
Crashing IE4
Combines the MSIE res security hole and the Pentium F00F bug to lock up any Pentium machine running MSIE.
Crypto & Hacker Linkz
Links to crypto and password-recovery pages.
Cybercrime on the Internet
Cyberciminals and cybercrime buzzword buzzword hacking buzzword fnord child pornography buzzword fnord.
Death by ActiveX
More ActiveX security holes.
Decompilation of Binary Programs - dcc
Decompiler for reverse-engineering 80x86 software.
Defiants Eurosat.com
Pay TV and smart card hacking information.
DES Challenge Coordinated Effort
SolNET RSADSI DES challenge.
DES Challenge Attack
Distributed software attack on DES
Denial-of-Service FAQ
The denial-of-service FAQ.
distributed.net - Node Zero
Distributed computing applications (such as encryption breaking).
Factorization of RSA-130
Fravia's page of reverse engineering
Much information on reverse-engineering software.
Fun and Games with PGP
Potential PGP weaknesses and problems.
Greg Miller's Home Page: Crypto, AI, and Networking
Netware-related security problems and issues.
Hack Watch News
Satellite TV security and insecurities
Hacker's Encyclopedia CDROM
CDROM full of files on every aspect of computer security and how to bypass it.
Hacking Novell Netware FAQ
HAM Radio Software
POCSAG decoder for monitoring pager messages.
Hardware Hacks
Hardware hacks, mainly mag.card related.
Hostile Applets Home Page
Various hostile Java applets.
H/P/C/V Utilities
Password crackers, carding, war diallers, key generators, hex editors, links to related sites.
Hyperlink Spoofing
SSL server authentication attack.
Infilsec - Vulnerabilities
Vulnerabilities database for various OS's.
Inside the Windows 95 Registration Wizard
What the Windows 95 Registration Wizard is *really* doing with your system.
Internet Attacks
A (very complete) taxonomy of Internet attacks.
Internet browser access to your hard drive
How to access your local hard drive with a web browser.
ISS NT Security Library
Links to sites covering NT security issues.
Key Code Generators
Key and unlock code generators for large amounts of software.
Key Recovery Technologies
How to implement espionage-enabled software.
Microsoft CD Key Authentication Revealed!
Microsoft IIS Web Server Security Bugs
Security holes and bugs in Microsofts Internet Information Server.
Microsoft Security Problems
Security flaws in Microsoft products.
Mini-FAQ: NT Password Attack & defences
NT password cracking FAQ.
Money Protocols
Things which can go wrong with smart cards.
Netscape Security Problems
Security flaws in Netscape.
Netware/Windows NT/Web Hack FAQ
Security problems in Netware, NT, web servers and browsers.
New Media Laboratories - Crypto
Distributed attack on RC5.
No First Virtual
Security problems with First Virtual.
Nowhere to Run
TEMPEST monitoring.
NSClean information
Clean up various Netscape files which record information on you and your net activity.
NTAccess
Change the Windows NT administrator password.
NT Crack
Very effective NT password cracker.
NT Exploits
Windows NT security holes and exploits.
NT Internals
Not directly security-related, but contains a lot of useful technical information and source code to bypass or upset NT's security controls.
NT offline pw-util, bootdisk
Password change and general system editing utility for NT.
NT Security Home
NT security issues and concerns, security tools.
Nurse your Net Nanny!
How to disable various Internet blockers (and these things are supposed to be childproof!).
On the topic of Firewall Testing
mjr on firewall testing and certification.
pan1k?
Assorted information on security problems and programs (AOL, Netware, boxing, carding, encryption, password-cracking, virii, satellite TV, text files).
Password Removal Tactics
How to remove/bypass password/"encryption" protection for a variety of software.
Phrack Magazine Home Page
Security problems, hacking, hacker conferences, general news.
Ping o' Death Page
Problems with remote machines crashing whens sent long ping packets (this affects Unix systems, Macs, Netware, routers, printers, ...).
PkCrack - Breaking PkZip-encryption
An implementation of the Biham/Kocher paper.
RISKS Forum Archives
Archives of the ACM forum on risks to the public in computers and related systems (use the arrow icons to move to other risks volumes).
RSA Challenge '97--Break the Key
RSA encryption-breaking challenge (40 bits in 3.5 hours, 48 bits in 13 days).
SatHack HomePage
Satellite TV hacking, cards, software, programmers, and codes.
Scott Schnoll's Unofficial Microsoft Internet Explorer Security FAQ
Bugs and design flaws in MS Internet Explorer.
Security Survey of Key Internet Hosts
Security survey which found that two thirds of the WWW hosts checked had security problems.
Snake Oil FAQ
Snake oil warning signs - encryption software to avoid.
Snoopie, a TCP login tracer for DOS-machines
TCP/IP login tracer which sniffs logins for FTP, telnet, POP3 connections.
Stack Smashing Security Vulnerabilities
Resources related to stack-overwriting security holes.
Supplementary Analysis of the Royal Holloway Key Escrow Scheme
More weaknesses in Euro-Clipper.
The BioArchive
Novell Netware, cellular phone, and other security problems.
"The Stalker's Home Page"
What others can find out about you using online search engines.
The TEMPEST Information page
Much information on TEMPEST eavesdropping and its prevention.
unix / net / hack page
Unix security problems, software, documentation, RFC's.
Vulnerability Database
Database of common security vulnerabilities in RPC's, sendmail, firewalls, and various other categories.
Weaknesses in Euro-Clipper
Various weaknesses in the Royal Holloway "trusted third party" ley escrow scheme.
Web Pages we’d like to see:
(This one's good enough to deserve its own reference).
Why You Need ACG
Grabbing car alarm codes.
Windows NT Password Cracker
Windows NT Password Recovery Service
Recover passwords for Windows NT servers, domain controllers, and workstations.
Windows NT Security Administrator
Windows NT security problems and solutions.
Windows NT Security Issues
Windows NT security issues.
Winternals Software
Edit NT partitions, change the password for any account (including administrator).

Security Products

Access Control

ActivCard Home Page
Authentication/single sign-on card.
Argus Products & Services Page
Extra security measures for Java programs, Orange Book/ITSEC security modules.
Cambridge Neurodynamics
Biometric identification systems.
Capella Electronics - Security Systems
Access control and security sensors.
Check Point FireWall-1
FireWall-1 firewall.
Cerberus Homepage
Win 3.1/Win95 access control.
Cryptocard Corporation
User authentication and remote access management tools.
CYCON Labyrinth og CYCON technologies and Cypress Consulting
The Cycon labyrinth firewall.
e.g. Software
Auditing, security alerts, password analysis, and security software for Netware.
Firewall Overview
Overview of firewall types and technologies.
Hardcastle Electronics
Firewalls, security gateways, F-secure.
Intracept - X-Ray Vision
Blocks Java, ActiveX, and cookies to web browsers.
Kalliopi: DELPHI Security - We've got it covered!!
Access control to Delphi apps.
MARX CRYPTO-BOX Software Copy Protection
Software and hardware-based copy protection.
medcom Home Page
Firewalls, tiger team testing, WWW security.
Micah Development
Access control for DOS and Windows.
New-Tech Systems
DOS/Windows access control software.
PC Security
The Stoplock product range (access control, single sign-on, smart card control, etc).
PCGUARDIAN Home Page
PC access control and encryption software.
SAGUS Products Page
Security gateway, firewall, Winsock interface.
Sealabs
Watchguard firewall and security management software.
Secure Storage
High-security storage facility.
Sesame
Euro-Kerberos
SOL - Security On Line
Phsyical security items and information.
The ULTIMATELY Secure Firewall
Wingate Lan to Internet Software
Windows Internet proxy.

Counterintelligence Items

SpyZone Tools and Techniques
Industrial espionage and surveillance tools and techniques, security equipment, secure communications systems, disaster recovery, bug sweeps.
The Codex Privacy Site
Electronic eavesdropping detection, anti-bugging, privacy protection, secure communications.
TSCM.COM Counterintelligence Home Page
Technical Surveillance Countermeasures - bugs and wiretapping, detecting bugs, intelligence agencies, and counterintelligence.

Data Encryption

Aegis Research Corporation
Windows PGP shell.
Atalla
Network and internet security processors and solutions.
Avalanche Java Cryptography Toolkit
Encryption, hash functions, and secure random number generation in Java.
Baltimore | Products
Crypto systems toolkit - DES, IDEA, RSA, DSA, RIPEMD, SHA1, MD2, MD5, X.509/CA toolkit, email security software.
BBN Security
SafeKeyper tamperproof hardware key storage.
BestCrypt family of Data Protection systems
GOST and DES software/hardware encryption for DOS/Windows.
Blowfish Advanced Download Site
Blowfish file encryption for DOS and Win95.
Bokler Software's Home Page
DES and hashing DLL's and OCX's.
Briggs Softworks: Software
Directory snoopper/file eraser, file encryption for Windows.
Brokat X*PRESSO Home Page
Secure non-US encryption by adding another layer of 128-bit encryption over the top of the US crippled 40-bit version.
Business Security home page
Fax, video, voice, and modem encryption.
CellCase Key Agile ATM Encryptor
RSA/triple DES ATM link encryptor.
Certicom
Elliptic curve cryptosystem products.
CES Home Page
Phone and fax encryption add-on (questionable algorithm).
Chrysalis ITS - Product Information
PCMCIA encryption cards.
Cisco Network Encryption Services
DSA-signed DH for link and session encryption.
Citadel Products
Firewall/VPN, Windows file encryption.
Clipper and Fortezza: Pictures and Info
CodedDrag
Drag-and-drop DES encryption for Win95/NT.
Cold Fusion Power Packs
Encryption/decryption, credit card processing, for Cold Fusion.
Communication Security Corporation Home Page
Diffie-Hellman and triple DES speech encryption. No GAK.
Computer Development Systems Crypto Page
Link encryption hardware, file and fax encryption software (unknown algorithm).
ComScire QNG From Quantum World
Johnson-noise-based RNG for PC parallel ports.
Condor - Secure Ubiquitous Portable Interoperable Communications Buzzword Buzzword
Secure Fortezza-protected voice and data over celluylar links.
Confidentiel : Présentation
Mac file encryption, approved by the French secret service.
CoreDesign
Royalty-free Verilog PKC core.
CRYTEK Communications - Secure Telephone Adaptor
Key-based subband voice scrambler. Uses Diffie-Hellman key exchange, but a questionable encryption function "based on matrix multiplication".
Cryptext
Win95/NT 4 encryption shell extension.
Crypto AG Switzerland
Encryption software and hardware of all kinds (but see also the link in the "Crypto Social Issues" section).
Cryptomathic homepage
Encryption and security software and consulting.
CSM Proxy Server - The Ultimate Gateway to the Internet
Proxy which includes SSL tunnelling.
Cybanim
PEM software, bignum maths package.
Cylink Corporation
Cypris
Lockheed Martin's crypto processor.
DATACRYPT Home Page
File and file transfer encryption (unknown algorithm).
DataGuard® - The Software Safe
IDEA and SEAL file encryption for Win32.
Deming Software
S/MIME software for MS Exchange and Eudora.
D.I.C.A. ISDN Encryptor
ISDN link encryption using FEAL 16, IDEA, or DES.
Digital Delivery
Secure (encrypted) software and information distribution systems.
Diskcrypt 95
Floppy drive encryption for Windows 95.
DubnerCruncher
Very fast bignum maths card for PC's.
EES Family Data Sheet
Clipper chips.
EMD Enterprises
Win95/NT anti-virus and encryption software.
Encrypt-It Plus
DLL/VBX/OLE control providing DES and 3 other (unknown) encryption algorithms.
Encryption Plus
Encryption for Visual Basic.
Encrytor
DES file encryption for Windows.
Entrust - Home Page
Nortel's Entrust cryptography product family.
ERACOM - Encryption Adaptors
Encryption toolkits, DES encryption hardware for PC's.
F-Secure Cryptography Products
Windows/Unix <-> Windows/Unix link encryption with secure telnet, X11, port forwarding, etc. The link is encrypted with algorithms like triple DES or Blowfish, with 1024-bit RSA for key exchange an authentication.
Formal Systems
X.509 certificate viewer, PKI, encryption services and consulting.
FORTEZZA Developers Home Page
Fortezza ISA Bus Crypto Card
Fortezza on an ISA card.
Frontier Technologies e-Lock Home Page
PKCS/X.509 and S/MIME key management, signing, secure email and browser.
Fulltime RSA
RSA speech encryption for PSTN lines.
Global Technologies Group, Inc.
Products based on the German SuperCrypt DES/triple DES chip.
Hide Me for Windows
Windows file encryption, unknown algorithm.
HRB Systems
Data encryption products (an division of E-Systems)
IBM SecureWay
Data encryption, security, consulting.
International Cryptography Framework
HP's international big brother design.
Internet Solution Security (Pty) Ltd
Access control, electronic commerce, 128-bit SSL proxy.
Internet Security Group
CryptoSwift public-key encryption hardware accelerator.
Internet Smartsec
Internet security technology (knowledge of Swedish useful).
Invincible Data Systems, Inc.
PGP - compatible encryption software for e-mail, hard disk encryption, access control hardware tokens.
iPower Home Page
National's PCMCIA crypto card.
IRE Product Catalog
Network and link encryption hardware.
ISC Products
Email encryption, crypto toolkits, encrypted Zmodem.
ISDN Encryptor
Kremlin
Win95/NT drag-and-drop file encryption.
Kryptology Home Page
Snake oil for the masses.
Langley System Web Site
Floppy disk encryption software.
Lintel Security
DES and RSA encryption chips and hardware.
LUC ENcryption Technology (LUCENT) Limited
Lucas-function based PKC.
NetFortress
Network link encryption.
NetLOCK(tm) Network Security
Encryption and authentication for LANs and WANs.
NEXUS Solutions NTrust
Blowfish encryption for Windows.
NTrust
Blowfish file encryption.
PGP -- Pretty Good Privacy, Inc. Home Page
PGP Tools from Net Services
Windows front-end for PGP.
Phaos Technology
SSL in Java.
PIJNENBURG Beheer N.V.
Cool RSA/bignum and DES/triple DES encryption hardware.
PowerCrypt Website
PEM and S/MIME encryption for the Power Mac.
Racal/Airtech Security
Various access control and security products.
Rainbow Technologies Internet Security Group
CryptoSwift crypto hardware accelerator.
RAMPART for DOS/Windows
DES encryption software and other utilities.
Reflex Magnetics - homepage
Secure FTP, mail, modem encryption using DES, 3DES, Blowfish, or IDEA.
RPK Public Key Cryptography
Crypto SDK and email software utilising a new, fast discrete-log-over-GF(2^k) based PKC.
RSA Data Security, Inc.
SafeHouse Drive Encryption
DES disk encryption for Win3.x/Win95.
SafePassage Web Proxy
Full-strength encrypting web proxy which bypasses US export restrictions.
SandTiger
File encryption using Blowfish, CAST-128, and Diamond2.
SCI Web Page
PCMCIA-based disk and file encryption.
SecureFile
File encryption and signing for Win95/NT
SECURE...Encryption and Security for all
DES and IDEA encryption software for Windows.
SecureOffice
Triple DES encryption add-on for MS Office.
SecureWin
Win95/NT file encryption using RSA and the BSAFE conventional algorithms, other security tools (eg secure delete, secure shutdown).
Security Domain: electronic message security
Public-key file encryption, CA software.
Sioux: Sophisticated & Secure
Apache-based secure web server.
SKIP Information
Simple Key management for Internet Protocols - papers, information, implementations (US only).
SKIP in Russia
As above, without the export restrictions.
Soft Concepts
Ncrypt file archiving, compression, and encryption utilities.
SoftWings Enterprises Inc
DES/triple DES protected OS/2 data transfer.
SoftWinter - Shade page
Disk encryption for Windows NT.
SoundCode, Inc.
Crypto libraries and software.
SSL HTTP Security Solution
128-bit SSL proxy - turns crippled SSL browsers into full-strength encryption ones.
SSL Plus (Product)
SSL Plus SSL integration suite.
SSLava
SSL 3.0 implemented in Java.
SSLP Reference Implementation Project
An SSL reference implementation (still under development).
SSRSSL
Secure sockets relay - full-strength SSL proxying.
Stronghold Homepage
Apache-based secure web server.
SynCrypt
File and email encryption using Elgamal, Blowfish, IDEA, and triple DES.
tbCrypt
Win95/NT, OS/2, DOS file encryption using DES, IDEA, Blowfish, NewDES, and Lucifer.
TeamWARE Crypto
ICL's Windows file encryption software.
TecApro Internacional - Home page
Win95 file encryption.
Templar Software and Services
Secure EDI over the Internet.
TimeStep - The Network Security Standard
VPN encryption systems using DES encryption and X.509 certificates and digital signatures for authentication.
TrustedWeb
Intranet ACL-based security and encryption using RSA and triple DES.
TSS OfficeLock - Data Security for Microsoft Office
Strong encryption for MS Office documents.
UCrypt
DES, triple DES, GOST, Blowfish, 3-Way, RC5, TEA, Safer, Shark, Diamond-2, and others.
Utimaco Safeware AG
DOS, OS/2, Windows encryption software, encryption hardware.
Virtually Online
SEMS email encryption using the RPK algorithm.
VPNet: Products
WAN VPN encryption products using DES and triple DES with SKIP key management.
Wormhole technologies
PKC-based email encryption software.
Xcert Software
Access control, X.509-related software.

Interception and Monitoring

Hardware and software for intercepting and monitoring information.

Cellular Monitoring Interface (via Electronic Countermeasures Inc)
Computer interface for intercepting cellphone traffic.
Datascan TEMPEST monitoring system
Electroconductive Concrete ELFINCO
Makes for great TEMPEST shielding.
Fastscan
Win95/NT port scanner.
Fax Analyzer
PC fax interception card.
Force-Ten Online Catalog
Surveillance, wiretaps, spying equipment.
GCOM Technologies
GSM, cellphone, computer, and fax interception and monitoring equipment (the GSM interception unit features real-time, off-air interception of up to 1000 voice/data/fax transmissions, traffic targetting and screening, and call tracking, all with a friendly Windows interface).
GSM Monitoring - GSTA-1400
Complete GSM monitoring/interception system with call and target tracking and location features.
Kansmen Corporation
LittleBrother Internet monitoring call.
NDG Software Products
Various network monitoring and snopping tools.
NetWatcher
Monitor and intercept TCP/IP sessions.
Pager Decoding Interface (via Electronic Countermeasures Inc)
Computer interface for intercepting pager traffic.
Spies:Law Enforcement
Cellular, GSM, and fax interception and monitoring equipment.
The Watcher Network Monitoring Program
Monitor and control any IP connection on a network.
Virtual ISA Proto Board
Xilinx 5210/4013E card.

Investigative Tools

Tools for investigating the security aspects of various things.

Chip Express Corporation
Fast turn-around ASICs.
Convar Systeme Deutschland - Service Center
Disk data recovery.
Digital Instruments
Scanning probe microscopy (used to investigate magnetic media).
Hack Watch News
Satellite and terrestrial TV scrambling systems.
IBAS Laboratories - Professional Data Recovery
Recovery of data from damaged or overwritten/erased magnetic media.
MUSIC Semiconductors
Various content-addressable memories, useful for investigating encryption algorithms.
Neuroptics Technologies, Inc.
Neural network hardware.
Programmable Logic Jump Station ( FPGA, CPLD )
More investigative tools for encryption keys.
Xilinx Product Information
Perfect for investigating currently unknown DES and RC4 keys.

Online Commerce and Banking

Canada Trust
Online access to account balances, stock quotes, and other banking services.
Credit Suisse Direct Net
Full online banking using 128-bit SSL proxies.
EMJ America
Internet security and e-commerce products.
ICVerify Home Page
Online credit card, debit card, and cheque verification.
Internet-based digital cash
Links to various e-cash resources.
Netbill-related publications
Various online electronic transaction protocols.
Payment mechanisms designed for the Internet
Welcome to Online Banking!
Wells Fargo online banking.

Smart Cards

These include only the interesting sites, some manufacturers currently provide no really useful information and aren't included here.

Advanced Card Systems, Ltd.
Smart cards, card readers, development kits.
ACOLAs Homepage -Communication, Terminal Server and Data Collection Products
Smart card and RF card products.
AD-Teknik, Mainpage
Smart card emulators, PCB's, readers.
AMC Smart Card Reader Products
Smart card/mag stripe reader/writer.
ASE - The Aladdin Smartcard Environment
Smartcard development kit.
B&C Data Systems
Smart card reader/writer.
Card Europe Main Index Page
CardTech/SecurTech:Home
Smart card and security card conference information.
Catalyst Serial E2PROMs -- I2C Bus
Smart card EEPROMs.
CITI Smart Cards
University of Michigan smart card research project.
CompInfo - Smartcard Technology - Information Sources and Manufacturers
Links to sources of information on smart cards and card and card reader manufacturers.
Crownhill Associates Ltd
Smart cards, PIC programming, code recovery/reverse engineering.
CryptoCard's Security Products
Various access-control systems.
Dallas Semiconductor Corp: Home Page
Identification and authorization chips, secure microcontrollers.
Dallas Semiconductor Corp. iButton: Home Page
Digital credentials/timestamping/crypto in a button.
Datakey Home Page
Smart card reader/writers, smart cards.
DataMega I/O Products
Smart card readers.
Encotone Ltd. Home Page
Smart-card and smart-card-like authentication and security devices.
Fun With Smartcards
Notes from the HIP'97 Fun with Smartcards session.
Gemplus Smart Card Home Page
GIS Home Page
Smart card readers, terminals, and developer kits.
IBM Student Chipcard Innovation Team Homepage
Dutch student-designed card reader and software.
Litronic, Inc.
Smart cards, card API's, Fortezza cards.
Magtek Products
Magnetic card reader/writers.
Microchip Memory Data Sheets
Includes EEPROM memory for smart cards..
Micromodule Pte Lte, Singapore
Smart cards, readers, development kits.
Motorola SmartCards (TM)
Databooks for Motorola microcontrollers (including smart card micros).
Motorola SmartCards (TM)
A different access point for Motorola smart card information.
Nexus Products and Services
Mag card and smart card readers, PINpads.
Ordacard Israel
Mag stripe and smart cards
OKI Personal Smart Card Reader
Electronic wallet balance checker.
OTI - OnTrack Innovations Israel
Contactless smart cards.
Paul Maxwell-King For Pic Chips, 16c84, sathack, ISO7816, sat-hack, satellite cards, codes, programmers, sky, D2MAC, DSS, season, blockers, crack, satellite, satellite TV, hacking, cracking, satellite hardware, videocrypt, filmnet, sky cards, smartcard, smartcard interface
Smart-card hacking-related hardware.
PEP Products & Services Page
Smart card readers, RFID products, crypto and flash cards.
Philips Smart Card Services
Philips smart cards.
pincash
Smart cards and readers.
SCARD - Smartcard Resources
Smart card standards, interface software, hardware.
Schlumberger Universe of Smart Cards
Smart card readers, tools, SDK's.
SCM Microsystems - Products
Smart card readers, writers, and interface products.
SGS-Thomson Smartcard Products
Smart card information and data sheets.
Siemens Smart Card Integrated Circuits
No technical information, unfortunately.
Smart Cards, Credit Cards, Internet Security.
Smart card resources link farm.
Smart Card News
Smart card publicatiosn, technology, and information.
Smart Card Reader/Writer
Card readers/writers/PINPads.
Smart Card Resource Center
Links to chip manufacturers, companies, conferences, mag cards, readers, RF cards, and other smart-card related information.
Smartcard Information Page
Smart card information, card types, and links to manufacturers.
Smart Semiconductor Search
Search engine which links to most major embedded semi vendors.
Smartcards and other cards
Links to smart cards, memory cards, smart card readers, mag cards and barcode cards.
The Smart Card Forum
General information on smart cards.
TOWITOKO homepage
Smart card readers.
Tritheim Technologies
Smart card readers and writers.
UNIPROG Universalprogrammer
CCC universal smart card programmer.
Xicor Inc.
EEPROM's, smart cards, flash memories.

Snake Oil

Ciphile Software
"Absolute online privacy - Level 3(tm)(c)(patent pending)" - "the best encryption software available today" - "unbreakable".
Cryptor Homepage
Cellular-automata-based OS/2 file encryption.
Cybank
"Maximum security encryption... we use our own snake oil because public-key encryption has been proven to be insecure".
Data Protect
Self-proclaimed leading security expert Kimble analyses your security problems.
DataTech Systems - Home Page
Software which is "ABSOLUTELY IMPOSSIBLE TO CRACK. This can be proved as never has a file that has been encrypted... been cracked, even with utilising some of the best cryptographers living" [sic].
Enigma-7 Windows Superencryption Software
"The most powerful Windows encryption software available".
Evolv - Skipjack IC Info & Pricing
Encryption using "proprietary artificial intelligence engines", "light years beyond the security level offerend by any other encryption method". Incidentally, this Skipjack has nothing in common (apart from the name) with the USG's Skipjack.
GCC Chaos Encryption Overview
KeyGen Automatic Synchronized Key Generator (TM) for Encryption Without Key Management
"No key management! No certificate authorities!". No visible means of security.
Meganet VME Encryption
"A breakthrough new Encryption method, using innovative new technology...The Meganet VME can not be compromised".
Net Titan page
Amazing what you can do in an afternoon with Visual Basic.
One Time Pad (TM) makes Internet Access Secure!
"One Time Pad (TM) authentication" (a very primitive, non-free alternative to S/Key).
Safeguard Fractal Encryption Software
Fractal encryption - even though it only uses a 40-bit key, it's a 40-bit key with *fractals*, which makes it magically safe.
Safe Send 1.0
"Uses a prearranged cryptic code which is all but impossible to crack by any individual or government".
Shades White Paper
"A newly patented mode of encryption which is quick and particularly reassuring".
TRIAX GmbH Gesellschaft für Kommunikation und Datensicherheit
TRIAX(TM) encryption, now with OTPS(TM).
TRICRYPTION - IBM File Encryption Programs
Amazing keyless cryptography! Quadrillions of combinations!
Universal Data Cryptography Module
More advanced than RSA, DES, IDEA, and PGP! More advanced than all other algorithms put together! May even work on your system (after extensive patching and modifications).
Ultrimate Privacy
The million dollar challenge - we are betting a million dollars that our challenge is cooked so noone can claim the prize!
WinKrypt
Secure email encryption from the people who brought you SoftRam95.

Argus Systems Group, Inc.
Operating system security add-on products for Solaris and Windows NT.
Automatic Response Systems
Document destructions products and services.
Consensus Products/Services
SSL Plus integration suite, RSAREF, IDEA licensing, code security screening.
Digital ID Center
Web interface to Verisign's digital ID (CA) service.
Disk Zapper
Floppy disk bulk eraser.
IBM SecureWay Home Page
IBM's security hardware and software, consulting, technology, and general information.
IP Packet Filter
Highly configurable kernel-level IP packet filters.
Kilben Business Services
Computer enclosures and alarms.
List of FPGA-based Computing Machines
Fast encryption hardware (with a little programming...).
Minatronics Corporation
Physical security products.
SEM - Security Engineered Machinery
Data destruction equipment and information.
Wang Government Services Secure System's HOME PAGE
Wang's TEMPEST products and secure services.

Virus/Antivirus

Anti-Virus Chamber
Anti-virus software, information, news, and organizations.
Computer Virus Myths treatise
Sophos PLC Home Page
Sophos anti-virus products.
The Crypt Newsletter Homepage
Virus/antivirus information.
Virus Homepage!
Large numbers of viruses and related software.
Virus Page
Virus researchers, anti-virus software and vendors, viruses, programming infomation.


Security and Encryption-related Resources and Links / Peter Gutmann / pgut001@cs.auckland.ac.nz