But if you care about privacy at all (and you should), encryption should be the default. If all you use Signal for is "sensitive communications", and everything else is plaintext, that's pretty much a big HEY HERE'S WHAT I HAVE TO HIDE sign to any potential attacker. Also, cryptography isn't foolproof, and there's always the occasional backdoor introduced on purpose because some intelligence agency thought nobody should be able to snoop but them! And then said backdoors end up being used by other actors who aren't "the good guys", and also it turns the good guys maybe weren't good in the first place. CLARIFY DELTA ENCODING (FROM INTERNET PAGE) - https://datatracker.ietf.org/doc/rfc3229/ - must define "instance manipulation" ## Checksum Articulate what a checksum is, and how it relates to encryption ## default passwords The root password is root I don’t know what a root password is, but growing up I was able to connect to so many WiFi networks just by trying the password “admin” ## History [SHA-1 - Wikipedia](https://en.wikipedia.org/wiki/SHA-1) - Compares the other ones (SHA-2, SHA-256, SHA-3, etc.) ## TLS [Bitcoin's biggest upgrade in four years just happened - here's what changes](https://www.cnbc.com/2021/11/14/bitcoin-taproot-upgrade-what-it-means-for-investors.html) The Taproot update means greater transaction privacy and efficiency - and crucially, it will unlock the potential for smart contracts. - Cover Taproot on Blockchain page, but also describe Elliptic Curve Digital Signature Algorithm and Schnorr Algorithm ## AES [AES-128 ECB to decrypt a BMP : HowToHack](https://old.reddit.com/r/HowToHack/comments/pqfpbr/aes128_ecb_to_decrypt_a_bmp) ## breaking encryption - broken [Breaking The Mutant Language's "Encryption"](https://eval.blog/breaking-the-mutant-languages-encryption) [Three Amateur Cryptographers Finally Decrypted the Zodiac Killer's Letters: A Look Inside How They Solved a Half Century-Old Mystery | Open Culture](https://www.openculture.com/2020/12/three-amateur-cryptographers-finally-decrypted-the-zodiac-killers-letters.html) [The solution of the Zodiac killer's 340-character cipher | Hacker News](https://news.ycombinator.com/item?id=26570795) [The Solution of the Zodiac Killer's 340-Character Cipher-Wolfram Blog](https://blog.wolfram.com/2021/03/24/the-solution-of-the-zodiac-killers-340-character-cipher/) [Hak5](https://www.hak5.org/blog/15-second-password-hack-mr-robot-style) (2016) 15 Second Password Hack, Mr Robot Style : Pilfering Passwords with the USB Rubber Ducky ## breaking encryption [The FCC responds to my ATSC 3 encryption complaint - they want to hear from you | Hacker News](https://news.ycombinator.com/item?id=36713037) [The FCC Responds to my ATSC 3 Encryption Complaint - They Want To Hear From You! - Lon Seidman & Lon.TV Blog](https://blog.lon.tv/2023/07/10/the-fcc-responds-to-my-atsc-3-encryption-complaint-they-want-to-hear-from-you/) [Passwordle | Hacker News](https://news.ycombinator.com/item?id=30361850) [rsk0315.github.io/playground/passwordle.html](https://rsk0315.github.io/playground/passwordle.html) [A woman bought a vintage dress. It had a secret pocket with a mysterious note | Hacker News](https://news.ycombinator.com/item?id=39004725) [A woman bought a vintage dress at an antique store. It had a secret pocket with a mysterious note | CNN](https://www.cnn.com/2024/01/15/us/antique-dress-maine-encrypted-message-cec/index.html) ["Quantum-Safe" Crypto Hacked by 10-Year-Old PC | Hacker News](https://news.ycombinator.com/item?id=32523584) ["Quantum-Safe" Crypto Hacked by 10-Year-Old PC - IEEE Spectrum](https://spectrum.ieee.org/quantum-safe-encryption-hacked) ## breaking encryption - password crackers and recovery [John The Ripper: Incremental ASCII unreasonably effective? : hacking](https://old.reddit.com/r/hacking/comments/spjo64/john_the_ripper_incremental_ascii_unreasonably) ## breaking encryption - quantum computers [[Serious] How Fast would Quantum Computers Crack Passwords/Tokens/Logins? : AskNetsec](https://web.archive.org/web/20220802064005/https://old.reddit.com/r/AskNetsec/comments/sg7v9f/serious_how_fast_would_quantum_computers_crack/) [NSA, NIST, and post-quantum crypto: my second lawsuit against the US government | Hacker News](https://news.ycombinator.com/item?id=32360533) [cr.yp.to: 2022.08.05: NSA, NIST, and post-quantum cryptography](https://blog.cr.yp.to/20220805-nsa.html) [cr.yp.to](https://cr.yp.to/) [Introduction](https://nacl.cr.yp.to) [Debunking NIST's calculation of the Kyber-512 security level | Hacker News](https://news.ycombinator.com/item?id=37756656) [cr.yp.to: 2023.10.03: The inability to count correctly](https://blog.cr.yp.to/20231003-countcorrectly.html) [Google's threat model for post-quantum cryptography | Hacker News](https://news.ycombinator.com/item?id=39672583) [Blog: Google's Threat model for Post-Quantum Cryptography](https://bughunters.google.com/blog/5108747984306176/google-s-threat-model-for-post-quantum-cryptography) ## breaking encryption - unbroken [P1030680: Unbroken Enigma message (U534, 01 May 1945) | Hacker News](https://news.ycombinator.com/item?id=36483445) [Rare unbroken Enigma radio messages](https://enigma.hoerenberg.com/index.php?cat=Unbroken&page=P1030680) ## cipher [Remy van Elst & Juerd](https://cipherli.st/) Cipherli.st : Examples of strong Ciphers for Apache, nginx, Lighttpd and other tools ## cryptography [Computer Scientists Achieve 'Crown Jewel' of Cryptography | Quanta Magazine](https://www.quantamagazine.org/computer-scientists-achieve-crown-jewel-of-cryptography-20201110) [177: Alice and Bob - explain xkcd](https://www.explainxkcd.com/wiki/index.php/177:_Alice_and_Bob) [153: Cryptography - explain xkcd](https://www.explainxkcd.com/wiki/index.php/153:_Cryptography) [CrypTech.is - Making the Internet a little bit safer](https://cryptech.is) [/r/codes](https://www.reddit.com/r/codes/) Hiding data, cracking codes, finding hidden messages [/r/crypto](https://www.reddit.com/r/crypto/) cryptography news and discussions ## cryptography - Telegram [Is Telegram really an encrypted messaging app? | Hacker News](https://news.ycombinator.com/item?id=41350530) [Is Telegram really an encrypted messaging app? – A Few Thoughts on Cryptographic Engineering](https://blog.cryptographyengineering.com/2024/08/25/telegram-is-not-really-an-encrypted-messaging-app/) ## elliptic curves [NIST Elliptic Curves Seeds Bounty | Hacker News](https://news.ycombinator.com/item?id=37784499) [Announcing the $12k NIST Elliptic Curves Seeds Bounty](https://words.filippo.io/dispatches/seeds-bounty/) ## encrypted databases [The Plausibly Deniable DataBase (PDDB) - bunnie's blog](https://www.bunniestudios.com/blog?p=6307) ## encryption algorithms [What algorithm(s) to use if I want to encrypt sensitive database information? : computerscience](https://old.reddit.com/r/computerscience/comments/tudnll/what_algorithms_to_use_if_i_want_to_encrypt) [Max Veytsman](https://dev.to/appcanary/should-you-encrypt-or-compress-first) Should you encrypt or compress first? [MIFARE Classic: exposing the static encrypted nonce variant [pdf] | Hacker News](https://news.ycombinator.com/item?id=41269249) [MIFARE Classic: exposing the static encrypted nonce variant - 2024-1275.pdf](https://eprint.iacr.org/2024/1275.pdf) ## encryption culture [/r/encryption](https://www.reddit.com/r/encryption/) everything about encryption on reddit ## encryption standards [504: Legal Hacks - explain xkcd](https://www.explainxkcd.com/wiki/index.php/504:_Legal_Hacks) - THE STANDARD KEEP CHANGING AND MOVING AROUND [Results of technical investigations for Storm-0558 key acquisition | Hacker News](https://news.ycombinator.com/item?id=37408776) [Results of Major Technical Investigations for Storm-0558 Key Acquisition | MSRC Blog | Microsoft Security Response Center](https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/) [Why do people use plain text for usernames and passwords on GitHub? A cautionary tale. : github](https://old.reddit.com/r/github/comments/x4cq50/why_do_people_use_plain_text_for_usernames_and) ## FIDO standard [Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard | Hacker News](https://news.ycombinator.com/item?id=31272867) [Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins - FIDO Alliance](https://fidoalliance.org/apple-google-and-microsoft-commit-to-expanded-support-for-fido-standard-to-accelerate-availability-of-passwordless-sign-ins/) ## hash generators [How Lava Lamps Help Secure the Internet | Open Culture](https://www.openculture.com/2021/01/how-lava-lamps-help-secure-the-internet.html) [The image in this post displays its own MD5 hash | Hacker News](https://news.ycombinator.com/item?id=32956964) ## homomorphic encryption [Google's fully homomorphic encryption compiler - a primer | Hacker News](https://news.ycombinator.com/item?id=34783447) [Google's Fully Homomorphic Encryption Compiler - A Primer - Math ∩ Programming](https://jeremykun.com/2023/02/13/googles-fully-homomorphic-encryption-compiler-a-primer/) [Making ChatGPT Encrypted End-to-end with Homomorphic Encryption : crypto](https://old.reddit.com/r/crypto/comments/12rrzrj/making_chatgpt_encrypted_endtoend_with/) [Show HN: Read Wikipedia privately using homomorphic encryption | Hacker News](https://news.ycombinator.com/item?id=31668814) [spiralwiki.com/](https://spiralwiki.com/) ## legally hazy [I got an FBI record at age 11 from dabbling in cryptography (2015) | Hacker News](https://news.ycombinator.com/item?id=30118686) [I Spy](https://web.stanford.edu/~learnest/les/crypto.htm) ## OCSP [Intent to end OCSP service | Hacker News](https://news.ycombinator.com/item?id=41046956) [Intent to End OCSP Service - Let's Encrypt](https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html) ## password strength [Surveillance Self-Defense](https://ssd.eff.org/en/module/creating-strong-passwords) (2017) Creating Strong Passwords ## perceptual hashes [The Problem with Perceptual Hashes | Hacker News](https://news.ycombinator.com/item?id=28091750) [The Problem with Perceptual Hashes](https://rentafounder.com/the-problem-with-perceptual-hashes/) ## PGP - GnuPG [/r/GnuPG](https://www.reddit.com/r/GnuPG/) resources on everything about GnuPG, PGP, OpenPGP [GnuPG Docs](https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html) CLI options for using gpg gen-key from a script (aka unattended GPG key generation). Discovered via [Stack Overflow](https://superuser.com/questions/1003403/how-to-use-gpg-gen-key-in-a-script) [/r/GPGpractice](https://www.reddit.com/r/GPGpractice/) community of people learning GPG (Gnu Privacy Guard). [Saraev Nikita](https://www.reddit.com/r/GnuPG/comments/47f23m/gnupg_with_32kb_rsa_keys/) GnuPG with 32kb RSA keys ## PGP [Why I Wrote PGP (1999) | Hacker News](https://news.ycombinator.com/item?id=28103734) [philzimmermann.com/EN/essays/WhyIWrotePGP.html](https://philzimmermann.com/EN/essays/WhyIWrotePGP.html) [Starting emails with "BEGIN PGP MESSAGE" will fool the filter | Hacker News](https://news.ycombinator.com/item?id=40369119) [Martin Kleppmann: "Our university deployed a mail filter that rewrit…" - Nondeterministic Computer](https://nondeterministic.computer/@martin/112444389342113780) [/r/pgp](https://www.reddit.com/r/pgp/) everything about PGP ["My PGP key is compromised, and at least many of my bitcoins stolen" | Hacker News](https://news.ycombinator.com/item?id=34210583) [Luke Dashjr on X: "PSA: My PGP key is compromised, and at least many of my bitcoins stolen. I have no idea how. Help please. #Bitcoin" / X](https://twitter.com/LukeDashjr/status/1609613748364509184) ## PQ3 [iMessage with PQ3 Cryptographic Protocol | Hacker News](https://news.ycombinator.com/item?id=39453660) [Blog - iMessage with PQ3: The new state of the art in quantum-secure messaging at scale - Apple Security Research](https://security.apple.com/blog/imessage-pq3/) ## RSA [Seriously, stop using RSA | Trail of Bits Blog](https://blog.trailofbits.com/2019/07/08/fuck-rsa) ## secrets [Diogo Mónica](https://diogomonica.com/2017/03/27/why-you-shouldnt-use-env-variables-for-secret-data/) (2017) Why you shouldn't use ENV variables for secret data ## SHA [NIST is announcing that SHA-1 should be phased out by Dec. 31, 2030 | Hacker News](https://news.ycombinator.com/item?id=34001347) [NIST Retires SHA-1 Cryptographic Algorithm | NIST](https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm) [SHA-1 is out. NIST recommends switching to the SHA-2 and SHA-3 groups of hash algorithms as soon as possible, with an official deadline of Dec. 31, 2030. : netsec](https://old.reddit.com/r/netsec/comments/zmna5z/sha1_is_out_nist_recommends_switching_to_the_sha2) [SHA-3 Buffer Overflow | Hacker News](https://news.ycombinator.com/item?id=33281106) [SHA-3 Buffer Overflow - Nicky Mouha](https://mouha.be/sha-3-buffer-overflow/) [The first chosen-prefix collision for SHA-1 | Hacker News](https://news.ycombinator.com/item?id=21979333) [SHA-1 is a Shambles](https://sha-mbles.github.io/) [How easy is it in 2022 to find a SHA1 collision? | Hacker News](https://news.ycombinator.com/item?id=31148839) [sha 1 - How easy is it in 2022 to find a SHA1 collision? - Cryptography Stack Exchange](https://crypto.stackexchange.com/questions/99767/how-easy-is-it-in-2022-to-find-a-sha1-collision) ## stopping decryption [Information Security Stack Exchange](https://security.stackexchange.com/questions/162273/password-manager-or-two-actor-authentication) Password manager or two -actor authentication ## text pixelation [Don't use text pixelation to redact sensitive information | Hacker News](https://news.ycombinator.com/item?id=30350626) [Never Use Text Pixelation To Redact Sensitive Information | Bishop Fox](https://bishopfox.com/blog/unredacter-tool-never-pixelation) [Unredacter: Never use pixelation as a redaction technique | Hacker News](https://news.ycombinator.com/item?id=34031568) [BishopFox/unredacter: Never ever ever use pixelation as a redaction technique](https://github.com/BishopFox/unredacter) ## TLS [TLS 1.0, 1.1 officially deprecated | Hacker News](https://news.ycombinator.com/item?id=26559869) [RFC 8996 - Deprecating TLS 1.0 and TLS 1.1](https://datatracker.ietf.org/doc/rfc8996/) [The animated elliptic curve | Hacker News](https://news.ycombinator.com/item?id=31769059) [The Animated Elliptic Curve](https://curves.xargs.org/) [Why we don't generate elliptic curves every day | Hacker News](https://news.ycombinator.com/item?id=38000154) [Why We Don't Generate Elliptic Curves Every Day](https://words.filippo.io/dispatches/parameters/) ## TrueCrypt [TrueCrypt](https://truecrypt.sourceforge.net/) ## WPA [Hold on there: WPA3 connections fail after 11 hours | Hacker News](https://news.ycombinator.com/item?id=39135487) [Hold on there: WPA3 connections fail after 11 hours](https://rachelbythebay.com/w/2024/01/24/fail/) ## WPS [GitHub - t6x/reaver-wps-fork-t6x](https://github.com/t6x/reaver-wps-fork-t6x) ## cryptography [Cryptography - Practical Networking .net](https://www.practicalnetworking.net/series/cryptography/cryptography) [cryptography - Encryption vs. digest - Stack Overflow](https://stackoverflow.com/questions/3332662/encryption-vs-digest) [Crypto 101 - Introductory course on cryptography | Hacker News](https://news.ycombinator.com/item?id=18776369) [Crypto 101](https://www.crypto101.io/) Crypto 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels. [GitHub repo](https://github.com/crypto101/book) [Cryptohack](https://cryptohack.org/) a fun platform for learning modern cryptography. [Cryptographic Best Practices · GitHub](https://gist.github.com/atoponce/07d8d4c833873be2f68c34f9afc5a78a) Cryptographic Best practices [Cryptography_1](https://github.com/danieldizzy/Cryptography_1) materials used whilst taking Prof. Dan Boneh Stanford Crypto course. [GitHub - pFarb/awesome-crypto-papers: A curated list of cryptography papers, articles, tutorials and howtos.](https://github.com/pFarb/awesome-crypto-papers) [The Joy of Cryptography | Hacker News](https://news.ycombinator.com/item?id=29314848) [The Joy of Cryptography](https://joyofcryptography.com/) [What is Decryption Techniques? - Use My Notes](https://usemynotes.com/what-is-encryption-and-decryption-techniques) [Online Cryptography Course (2017) | Hacker News](https://news.ycombinator.com/item?id=40237745) [Online Cryptography Course by Dan Boneh](https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/) [SalusaSecondus/CryptoGotchas](https://github.com/SalusaSecondus/CryptoGotchas/blob/master/GettingStarted.md) So, you want to be a Cryptographer? A collection of common (interesting) cryptographic mistakes and learning resources. ## encryption at rest [What is Encryption at Rest? Explained for Security Beginners](https://www.freecodecamp.org/news/encryption-at-rest) ## encryption secrets [How to prove you know a secret without giving it away | Hacker News](https://news.ycombinator.com/item?id=33171214) [Quanta Magazine](https://www.quantamagazine.org/how-to-prove-you-know-a-secret-without-giving-it-away-20221011/) ## games [A classic cracking challenge | Hacker News](https://news.ycombinator.com/item?id=10070050) [+Ma's Reversing - main page](http://3564020356.org/) ## 256-bit keys [do 256-bit keys really matter with ECC? : crypto](https://old.reddit.com/r/crypto/comments/13pwtvb/do_256bit_keys_really_matter_with_ecc/) ## AES [How AES Is Implemented](https://blog.0x7d0.dev/education/how-aes-is-implemented/) [Advanced Encryption Standard - Wikipedia](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) ## base64 encoding [What is base64 Encoding and Why is it Necessary?](https://www.freecodecamp.org/news/what-is-base64-encoding/) [Base64 Encoding, Explained | Hacker News](https://news.ycombinator.com/item?id=37981939) [Base64 Encoding, Explained](https://www.writesoftwarewell.com/base64-encoding-explained/) ## BCrypt [BCrypt Explained - DEV Community](https://dev.to/sylviapap/bcrypt-explained-4k5c) ## BLAKE3 [GitHub - BLAKE3-team/BLAKE3: the official Rust and C implementations of the BLAKE3 cryptographic hash function](https://github.com/BLAKE3-team/BLAKE3) ## checksum [Simple file verification - Wikipedia](https://en.wikipedia.org/wiki/Simple_file_verification) ## cipher [Cipher Definition - What is a Block Cipher and How Does it Work to Protect Your Data?](https://www.freecodecamp.org/news/what-is-a-block-cipher) ## cryptography [Export of cryptography from the United States - Wikipedia](https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States) [sobolevn/awesome-cryptography: A curated list of cryptography resources and links.](https://github.com/sobolevn/awesome-cryptography) [sobolevn's personal blog](https://sobolevn.me/) ## cryptology [Cryptology ePrint Archive](https://eprint.iacr.org/) ## email encryption [Step by step encryption with the updated Email Self-Defense guide — Free Software Foundation — Working together for free software](https://www.fsf.org/blogs/community/step-by-step-encryption-with-the-updated-email-self-defense-guide) ## encoding [Daniel Miessler](https://danielmiessler.com/study/encoding/) An Encoding Primer ## encrypting files [Age: A simple, modern and secure file encryption tool | Hacker News](https://news.ycombinator.com/item?id=21895671) [Show HN: Age 1.0 - Simple, modern and secure file encryption | Hacker News](https://news.ycombinator.com/item?id=28435613) [Release age v1.0.0 🏁 · FiloSottile/age](https://github.com/FiloSottile/age/releases/tag/v1.0.0) [GitHub - FiloSottile/age: A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.](https://github.com/FiloSottile/age) ## encryption hashes [Hashing | Hacker News](https://news.ycombinator.com/item?id=36401747) [Hashing](https://samwho.dev/hashing/) ## end to end encryption [Proof of concept: end-to-end encryption in Jitsi Meet | Hacker News](https://news.ycombinator.com/item?id=22855407) [End to End Encryption Calls in Jitsi Meet Demo | Jitsi](https://jitsi.org/blog/e2ee/) ## exporting keys [Nitin Venkatesh](https://2buntu.com/articles/1503/pgp-and-ssh-keys-generate-export-backup-and-restore/) (2014) PGP and SSH keys - Generate, export, backup and restore ## GPG and PGP [What is GPG/PGP and how do I use it?](https://www.privex.io/articles/what-is-gpg) [How to Verify a PGP Signature: 14 Steps (with Pictures) - wikiHow](https://www.wikihow.com/Verify-a-PGP-Signature) [GPGTools](https://gpgtools.org/) Encrypt & Sign Data/Communications [index](https://gnupg.org/related_software/libgcrypt) [What is PGP Encryption? - Use My Notes](https://usemynotes.com/what-is-pgp-encryption-and-hashing) [pgp](http://curtiswallen.com/pgp/) [pgp](https://web.archive.org/web/20210102182957/http://curtiswallen.com/pgp/) cool pgp guide from ages ago [Mailvelope: PGP for Gmail & Webmail](https://mailvelope.com/en) [Documentation Mailvelope](https://www.mailvelope.com/en/help) [PGP Email Guide](https://ssd.eff.org/en/module/how-use-pgp-windows) [Dutch PGP werking](https://www.nu.nl/internet/3784407/zo-versleutel-je-e-mail-met-pgp.html) [Risan Bagja](https://risanb.com/code/backup-restore-gpg-key/) (2020) How to Backup and Restore Your GPG Key ## homomorphic encryption [GitHub - jonaschn/awesome-he: Awesome - A curated list of amazing Homomorphic Encryption libraries, software and resources](https://github.com/jonaschn/awesome-he) ## MD5 and SHA [MD5 vs SHA-1 vs SHA-2 - Which is the Most Secure Encryption Hash and How to Check Them](https://www.freecodecamp.org/news/md5-vs-sha-1-vs-sha-2-which-is-the-most-secure-encryption-hash-and-how-to-check-them) [Show HN: SHA-256 Animation | Hacker News](https://news.ycombinator.com/item?id=23165333) [in3rsha/sha256-animation: Animation of the SHA-256 hash function in your terminal.](https://github.com/in3rsha/sha256-animation) [Show HN: SHA-256 explained step-by-step visually | Hacker News](https://news.ycombinator.com/item?id=30244534) [Sha256 Algorithm Explained](https://sha256algorithm.com/) ## offensive and defensive cryptography [Crypton](https://github.com/ashutosh1206/Crypton) library to learn and practice Offensive and Defensive Cryptography. ## password cracking [What is the quickest method to crack a ZIP file password if I know some of its chars already? : HowToHack](https://old.reddit.com/r/HowToHack/comments/py5fbs/what_is_the_quickest_method_to_crack_a_zip_file) [John The Ripper - find password when you know a part of it - Information Security Stack Exchange](https://security.stackexchange.com/questions/234447/john-the-ripper-find-password-when-you-know-a-part-of-it) [Gmail password first character is case insensitive on mobile device | Hacker News](https://news.ycombinator.com/item?id=28808289) [Gmail password first character is case insensitive on mobile device - Gmail Community](https://support.google.com/mail/thread/55577729/gmail-password-first-character-is-case-insensitive-on-mobile-device?hl=en) ## PGP - GnuPG [GnuPG Docs](https://www.gnupg.org/documentation/manuals/gnupg/) GNU Privacy Guard Manual [GnuPG Docs](https://www.gnupg.org/gph/en/manual/book1.html) (1999) The GNU Privacy Handbook ## private vs public key [Difference between Private Key and Public Key](https://tutorialspoint.com/difference-between-private-key-and-public-key) [Symmetric and Asymmetric Key Encryption - Explained in Plain English](https://www.freecodecamp.org/news/encryption-explained-in-plain-english) ## secrets [Show HN: Portable Secret - How I store my secrets and communicate privately | Hacker News](https://news.ycombinator.com/item?id=34083366) [🔐 Portable Secret | portable-secret](https://mprimi.github.io/portable-secret/) [Coda Hale](https://codahale.com/how-to-safely-store-a-password/) (2010) How To Safely Store A Password "In which I recommend bcrypt." ## SSH keys [Risan Bagja Pradana](https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54) (2018) Upgrade Your SSH Key to Ed25519 ## steganography [How to Build a Photo Encryption App using Steganography](https://www.freecodecamp.org/news/build-a-photo-encryption-app/) [Audio/Visual Steganography](https://medium.com/@aleksanderrr_/hear-no-evil-an-introduction-to-audio-file-analysis-for-osint-f545c8623377) Blog by Aleksander on how messages can be hidden within audio and visual files, focusing on audio [What is Steganography? How to Hide Data Inside Data](https://www.freecodecamp.org/news/what-is-steganography-hide-data-inside-data/) ## TLS [How to Protect Data in Transit using HMAC and Diffie-Hellman in Node.js [Full Handbook]](https://www.freecodecamp.org/news/hmac-diffie-hellman-in-node/) [What is TLS? Transport Layer Security Encryption Explained in Plain English](https://www.freecodecamp.org/news/what-is-tls-transport-layer-security-encryption-explained-in-plain-english) [The TLS Handshake -- everything that happens to get that coveted padlock : cybersecurity](https://old.reddit.com/r/cybersecurity/comments/1126lt1/the_tls_handshake_everything_that_happens_to_get) [GitHub - syncsynchalt/illustrated-tls12: The Illustrated TLS 1.2 Connection: Every byte explained](https://github.com/syncsynchalt/illustrated-tls12) [See this page fetch itself, byte by byte, over TLS | Hacker News](https://news.ycombinator.com/item?id=35884437) [TLS, byte by byte](https://bytebybyte.dev/) [The Illustrated TLS Connection](https://tls.ulfheim.net/) every byte of a TLS connection explained and reproduced. [The Illustrated TLS 1.3 Connection | Hacker News](https://news.ycombinator.com/item?id=32333115) [The Illustrated TLS 1.3 Connection: Every Byte Explained](https://tls13.xargs.org/) ## WPA [WPA Key, WPA2, WPA3, and WEP Key: Wi-Fi Security Explained](https://www.freecodecamp.org/news/wifi-security-explained)