Cryptography Compendium
Consolidated reference on cryptography: historical timeline, theoretical foundations, symmetric/asymmetric algorithms, hash, protocols, post-quantum cryptography, confidential computing, cryptocurrencies, attacks, people, and incidents.
Language: en-US; technical names, algorithms, and protocols in original form. Last updated: 2026-05-13 Maintainer: Rodrigo (rpm32510)
Map
| # | File | Scope |
|---|---|---|
| 01 | timeline.md | Complete timeline: ~1900 BC to today |
| 02 | fundamentals.md | Theory, adversary models, principles (Kerckhoffs, Shannon, OWF, IND-CPA/CCA) |
| 03 | classical.md | Pre-modern ciphers: substitution, transposition, polyalphabetic, electromechanical machines (Enigma, Lorenz, Purple) |
| 04 | symmetric.md | Block ciphers (DES, AES, Serpent, Twofish, Camellia), stream (RC4, ChaCha20, Salsa20), modes (ECB, CBC, CTR, GCM, CCM, XTS, SIV, OCB), AEAD |
| 05 | asymmetric.md | Diffie-Hellman, RSA, ElGamal, DSA, ECC (P-256384521, secp256k1, Curve25519, Curve448), EdDSA, Schnorr, BLS |
| 06 | hash-and-mac.md | MD245, SHA-0123, RIPEMD, BLAKE23, HMAC, KMAC, Poly1305, KDFs (PBKDF2, scrypt, bcrypt, Argon2, HKDF) |
| 07 | protocols.md | SSLTLS 1.0–1.3, SSH, IPsecIKE, Kerberos, OAuthOIDC, Signal Protocol (X3DHDouble Ratchet), MLS, Noise, WireGuard, OPAQUE |
| 08 | post-quantum.md | NIST PQC: ML-KEM (Kyber), ML-DSA (Dilithium), SLH-DSA (SPHINCS+), FALCON, HQC; mathematical foundations (lattice, hash, code, isogenies, multivariate) |
| 09 | confidential-computing.md | TPM 2.0, Secure Boot, AMD SEVSEV-ESSEV-SNP, Intel SGXTDX, ARM CCA, FHE (BFVCKKS/TFHE), MPC, ZKP (zk-SNARKs, zk-STARKs, Bulletproofs) |
| 10 | cryptocurrency.md | Hashcash, Bitcoin, Merkle trees in UTXO, Schnorr/Taproot, BLS aggregation, MimbleWimble, ring signatures (Monero), zk-rollups |
| 11 | attacks.md | Attack taxonomy: cryptanalysis (linear, differential), side-channel (timing, power, EM, fault), protocol (BEAST, CRIME, POODLE, FREAK, Logjam, DROWN, ROBOT, ROCA), implementation (Heartbleed, Bleichenbacher, padding oracle), physical (cold boot, DMA), quantum (Shor, Grover) |
| 12 | people.md | Cryptographers and cryptanalysts: Diffie, Hellman, Rivest, Shamir, Adleman, Merkle, Koblitz, Miller, Bernstein, Schneier, Daemen, Rijmen, Boneh, Bellare, Rogaway, Nakamoto, Turing, Rejewski, Friedman, Kahn, Wang Xiaoyun, and others |
| 13 | incidents.md | Enigma broken, Operation Rubicon (Crypto AG), Bullrun (Snowden), DualECDRBG, Heartbleed, ROCA Infineon, ROBOT, KRACK, Apple vs FBI, RSA SecurID, Juniper Dual_EC, Solarwinds |
| 14 | koder-applied.md | Koder Stack cryptographic choices: TLS suites, kzip, Koder ID, key management, uniform SDK |
Conventions
Source citation
- Academic paper: full title, authors, year, venue (CRYPTOEUROCRYPTASIACRYPTCHESUSENIX SecurityIEEE S&PCCSNDSS), DOI or IACR eprint (`eprint.iacr.orgYYYY/NNN`).
- RFC:
RFC NNNN — Title, with linkdatatracker.ietf.org/doc/html/rfcNNNN. - NIST:
FIPS PUB NorSP 800-NN, linkcsrc.nist.gov. - CVE: format
CVE-YYYY-NNNNNwith NVD or brief description. - IEC/ISO standard:
ISO/IEC NNNNN.
What to ALWAYS include
- Exact dates when known (month/year).
- Keyblockoutput sizes in bits.
- Current status: active, deprecated, broken, embargoed.
- Practical recommendation when applicable: "use", "avoid", "prohibited in FIPS after 2030".
What to NEVER do
- Invent historical attributions (if the exact date is not known, write "NNth decade" or "circa YYYY").
- Attribute an algorithm to a single author when there is a team or priority dispute.
- Confuse cipher (algorithm) with mode (mode of operation) with construction (complete scheme).
- Mix up key length with block length with security level.
Consistent notation
| Symbol | Meaning |
|---|---|
| \(E_k(P)\) | encryption: key \(k\), plaintext \(P\) |
| \(D_k(C)\) | decryption: key \(k\), ciphertext \(C\) |
| \(H(m)\) | hash of \(m\) |
| \(text{MAC}_k(m)\) | MAC tag of \(m\) with key \(k\) |
| \(|m|\) | size in bits of \(m\) |
| \(oplus\) | XOR |
| \(\|\) | concatenation |
| \(lambda\) | security parameter |
| \(text{negl}(lambda)\) | negligible function in \(lambda\) |
Reading roadmap
For absolute beginners
02-fundamentals.md— principles and vocabulary03-classical.md— historical intuition04-symmetric.md§AES, §ChaCha2006-hash-and-mac.md§SHA-2, §HMAC, §Argon207-protocols.md§TLS 1.3
For product implementers
04-symmetric.md§AEAD (GCM/Poly1305)05-asymmetric.md§Curve25519, §EdDSA06-hash-and-mac.md§HKDF, §Argon207-protocols.md§Noise, §Signal Protocol11-attacks.md§implementation14-koder-applied.md
For security architects
08-post-quantum.md— inevitable migration09-confidential-computing.md— defense against adversarial hardware13-incidents.md— learn from others' mistakes11-attacks.md— complete threat model
For researchers
- Everything, in order.
Updates
This compendium should be updated when:
- A new NIST/IETF standard is finalized (e.g., ML-KEM became FIPS 203 in Aug 2024).
- A critical CVE in a widely used algorithm/protocol (e.g., ROCA, Heartbleed).
- A relevant cryptanalytic break (e.g., SHA-1 collision in 2017, MD5 chosen-prefix in 2008).
- A new side-channel/fault attack paper against a mainstream implementation.
- An architectural decision in the Koder Stack that affects
14-koder-applied.md.
Update history tracked in git log -- meta/docs/cryptography/compendium-cripto/.