Cryptography Compendium

Consolidated reference on cryptography: historical timeline, theoretical foundations, symmetric/asymmetric algorithms, hash, protocols, post-quantum cryptography, confidential computing, cryptocurrencies, attacks, people, and incidents.

Language: en-US; technical names, algorithms, and protocols in original form. Last updated: 2026-05-13 Maintainer: Rodrigo (rpm32510)


Map

# File Scope
01 timeline.md Complete timeline: ~1900 BC to today
02 fundamentals.md Theory, adversary models, principles (Kerckhoffs, Shannon, OWF, IND-CPA/CCA)
03 classical.md Pre-modern ciphers: substitution, transposition, polyalphabetic, electromechanical machines (Enigma, Lorenz, Purple)
04 symmetric.md Block ciphers (DES, AES, Serpent, Twofish, Camellia), stream (RC4, ChaCha20, Salsa20), modes (ECB, CBC, CTR, GCM, CCM, XTS, SIV, OCB), AEAD
05 asymmetric.md Diffie-Hellman, RSA, ElGamal, DSA, ECC (P-256384521, secp256k1, Curve25519, Curve448), EdDSA, Schnorr, BLS
06 hash-and-mac.md MD245, SHA-0123, RIPEMD, BLAKE23, HMAC, KMAC, Poly1305, KDFs (PBKDF2, scrypt, bcrypt, Argon2, HKDF)
07 protocols.md SSLTLS 1.0–1.3, SSH, IPsecIKE, Kerberos, OAuthOIDC, Signal Protocol (X3DHDouble Ratchet), MLS, Noise, WireGuard, OPAQUE
08 post-quantum.md NIST PQC: ML-KEM (Kyber), ML-DSA (Dilithium), SLH-DSA (SPHINCS+), FALCON, HQC; mathematical foundations (lattice, hash, code, isogenies, multivariate)
09 confidential-computing.md TPM 2.0, Secure Boot, AMD SEVSEV-ESSEV-SNP, Intel SGXTDX, ARM CCA, FHE (BFVCKKS/TFHE), MPC, ZKP (zk-SNARKs, zk-STARKs, Bulletproofs)
10 cryptocurrency.md Hashcash, Bitcoin, Merkle trees in UTXO, Schnorr/Taproot, BLS aggregation, MimbleWimble, ring signatures (Monero), zk-rollups
11 attacks.md Attack taxonomy: cryptanalysis (linear, differential), side-channel (timing, power, EM, fault), protocol (BEAST, CRIME, POODLE, FREAK, Logjam, DROWN, ROBOT, ROCA), implementation (Heartbleed, Bleichenbacher, padding oracle), physical (cold boot, DMA), quantum (Shor, Grover)
12 people.md Cryptographers and cryptanalysts: Diffie, Hellman, Rivest, Shamir, Adleman, Merkle, Koblitz, Miller, Bernstein, Schneier, Daemen, Rijmen, Boneh, Bellare, Rogaway, Nakamoto, Turing, Rejewski, Friedman, Kahn, Wang Xiaoyun, and others
13 incidents.md Enigma broken, Operation Rubicon (Crypto AG), Bullrun (Snowden), DualECDRBG, Heartbleed, ROCA Infineon, ROBOT, KRACK, Apple vs FBI, RSA SecurID, Juniper Dual_EC, Solarwinds
14 koder-applied.md Koder Stack cryptographic choices: TLS suites, kzip, Koder ID, key management, uniform SDK

Conventions

Source citation

  • Academic paper: full title, authors, year, venue (CRYPTOEUROCRYPTASIACRYPTCHESUSENIX SecurityIEEE S&PCCSNDSS), DOI or IACR eprint (`eprint.iacr.orgYYYY/NNN`).
  • RFC: RFC NNNN — Title, with link datatracker.ietf.org/doc/html/rfcNNNN.
  • NIST: FIPS PUB N or SP 800-NN, link csrc.nist.gov.
  • CVE: format CVE-YYYY-NNNNN with NVD or brief description.
  • IEC/ISO standard: ISO/IEC NNNNN.

What to ALWAYS include

  • Exact dates when known (month/year).
  • Keyblockoutput sizes in bits.
  • Current status: active, deprecated, broken, embargoed.
  • Practical recommendation when applicable: "use", "avoid", "prohibited in FIPS after 2030".

What to NEVER do

  • Invent historical attributions (if the exact date is not known, write "NNth decade" or "circa YYYY").
  • Attribute an algorithm to a single author when there is a team or priority dispute.
  • Confuse cipher (algorithm) with mode (mode of operation) with construction (complete scheme).
  • Mix up key length with block length with security level.

Consistent notation

Symbol Meaning
\(E_k(P)\) encryption: key \(k\), plaintext \(P\)
\(D_k(C)\) decryption: key \(k\), ciphertext \(C\)
\(H(m)\) hash of \(m\)
\(text{MAC}_k(m)\) MAC tag of \(m\) with key \(k\)
\(|m|\) size in bits of \(m\)
\(oplus\) XOR
\(\|\) concatenation
\(lambda\) security parameter
\(text{negl}(lambda)\) negligible function in \(lambda\)

Reading roadmap

For absolute beginners

  1. 02-fundamentals.md — principles and vocabulary
  2. 03-classical.md — historical intuition
  3. 04-symmetric.md §AES, §ChaCha20
  4. 06-hash-and-mac.md §SHA-2, §HMAC, §Argon2
  5. 07-protocols.md §TLS 1.3

For product implementers

  1. 04-symmetric.md §AEAD (GCM/Poly1305)
  2. 05-asymmetric.md §Curve25519, §EdDSA
  3. 06-hash-and-mac.md §HKDF, §Argon2
  4. 07-protocols.md §Noise, §Signal Protocol
  5. 11-attacks.md §implementation
  6. 14-koder-applied.md

For security architects

  1. 08-post-quantum.md — inevitable migration
  2. 09-confidential-computing.md — defense against adversarial hardware
  3. 13-incidents.md — learn from others' mistakes
  4. 11-attacks.md — complete threat model

For researchers

  1. Everything, in order.

Updates

This compendium should be updated when:

  • A new NIST/IETF standard is finalized (e.g., ML-KEM became FIPS 203 in Aug 2024).
  • A critical CVE in a widely used algorithm/protocol (e.g., ROCA, Heartbleed).
  • A relevant cryptanalytic break (e.g., SHA-1 collision in 2017, MD5 chosen-prefix in 2008).
  • A new side-channel/fault attack paper against a mainstream implementation.
  • An architectural decision in the Koder Stack that affects 14-koder-applied.md.

Update history tracked in git log -- meta/docs/cryptography/compendium-cripto/.