Some files and directories have been moved in an attempt to better organize the content. In case of 404s, please look around as it shouldn't be too hard to find the new paths.
Added:
Academia
Lecture notes, exercices, and tests from EPFL's Discrete Structures course Browse
Lecture notes from EPFL's Java OOP introduction course Browse
Lecture notes, exercices, and tests from EPFL's cryptography course by Serge Vaudenay Browse
Lecture notes from MIT's calculus & algebra introduction course Browse
"[...] a collection of descriptive grammars and pedagogical textbooks [...] of various natural languages and a few
prominent created languages [...] well over 2400 separate grammar books and dictionaries encompassing 1363
languages from every inhabited region of the globe."Browse
Various editions of the Digital Whisper e-zine Browse
Hardware
Reverse Engineering x86 Processor Microcode by Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz (Ruhr-Universität Bochum)
Notice: maintenance work will take place during the morning (approx. 1000 CEST), during which the
website will not be available.
Date: 29.7.20@2027 CEST
Notice: due to ISP connectivity issues, the website was unavailable from roughly last midnight to
now. The IP was subsequently changed to 77.56.129.162. Notice 2: now stable on 80.218.59.16.
Date: 7.5.20@1203 CEST
Notice: due to the previous complaint, the ISP had cut the Internet access until the situation was
resolved.
To prevent future censorship from any party, The Swiss Bay will slowly be transitioning to more resilient
networks.
Detailed information about this change will arrive in due time.
Date: 7.5.20@1200 CEST
Notice: due to a complaint, 4 PDFs from the Gentoomen Library
have been removed:
Wishing to stay as transparent as possible, you may find a screenshot of the complaint here.
Date: 25.11.19@1647 CEST
Notice: maintenance work will take place soon, during which the website will not be available
Date: 17.10.19@1225 CEST
Notice: maintenance work will take place soon, during which the website will not be available
Update 17.10.19@1738 CEST: maintenance work is done and the site is operational again.
Date: 5.10.19@1752 CEST
Notice: Let's Encrypt certificates were previously installed by hand in the Web stack upon each
renewal. This is now an automated task, so there should no longer be certificate expiry issues.
Date: 5.9.19@1652 CEST
Notice: maintenance work will take place soon, during which the website will not be available
Update 6.9.19@0132 CEST: maintenance work is done and the site is operational again, but some more
downtime is to be expected during the next day.
Notice: maintenance work will take place some time during the day, during which the website will not
be available. This notice will be appended by an update once the job is done.
Update 13.5.18@2320 CEST: maintenance work is done and the site is operational again.
Notice: the maximum upload rate (i.e. download rate for users) has been set to 25Mbps globally. Our
new WAN link grants us greater bandwidth.
Date: 12.12.17@1726 CEST
Notice: the upstream provider changed its IP allocation scheme without prior warning, resulting in
invalid IP configuration on our side. The previous IP address (84.72.152.153) was changed to another one
(77.56.134.244). This unexpected change is to be considered normal.
Notice: the website will be unavailable for some time during the day because of maintenance work on
electrical installations. This is planned to happen every 6 months.
Update 6.9.17@1722 CEST: all services are now available again. Many backend components were also
migrated to a new infrastructure, hence the rather long downtime. In the future, this should not last more
than 30 minutes.
Date: 30.8.17@0105 CEST
Notice: the maximum upload rate (i.e. download rate for users) has been set to 10Mbps globally in
order to prevent the WAN link from becoming too slow or even unresponsive due to ISP throttling.
Date: 10.8.17@0120 CEST
Notice: during the last two days, there have been periods during which the website was unreachable.
This is due to hardware upgrades that aim to improve the internal network with respect to stability and
performance. More connectivity losses are to be expected in the near future.
Date: 16.6.17@2030 CEST
Notice: at around 1800 CEST, a power outage has occured. The UPS currently in use can provide current
for a few hours, depending on the load. As the upstream issue has not been resolved yet, there is a chance
the webserver will be powered off (and hence the website will be unavailable). This is expected to last a
few hours, if not more. An update will be posted here when the situation changes.
Update 17.6.17@0250 CEST: input from the power company was OK but HPC fuses were blown on all phases,
hence cutting power to anything. The server likely shut down around 2130 CEST. The cause of the issue
remains unknown but since 0240 CEST power is back (at least for now).
Date: 24.4.17@2250 CEST
Changes:
Added The Intercept's fourth dump of NSA's SIDtoday (second half of '04) Browse
Information:
The SIDtoday directory now uses Git to stay up to date instead of requiring a manual copy of new
documents. That is why the "Last modified" date shows today.
Date: 12.3.17@1849 CEST
Changes:
Crypto whitepapers
Added "High-speed implementation of bcrypt password search using special-purpose hardware" by Friedrich
Wiemer, Ralf Zimmermann, Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum and Germany
View
Added "Are your passwords safe ? Energy-efficient bcrypt cracking with low-cost parallel hardware" by
Katja Malvoni, Solar Designer and Josip Knezovic View
Added "The rebound attack and subspace distinguishers: application to Whirlpool" by Mario Lamberger,
Florian Mendel, Christian Rechberger, Vincent Rijmen and Martin Schläffer View
Added "The Twofish team's final comments on AES selection" by Bruche Schneier, John Kelsey, Doug
Whiting, David Wagner, Chris Hall, Niels Ferguson, Tadayoshi Kohno and Mike Stay View
Added "Cryptanalysis of AES-based hash functions" by Martin Schläfer View
Added "Imperfect forward secrecy: how Diffie-Hellman fails in practice" by David Adrian, Karthikeyan
Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew
Springall, Emmanuel Thomé and more View
Added "Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities" by
Marc Stevens, Arjen Lenstra and Benne de Weger View
Added "The first collision for full SHA-1" by Marc Stevens, Elie Bursztein, Pierre Karpman, Ange
Albertini and Yarik Markov View
Added "Security dangers of the NIST curves" by Daniel J. Bernstein and Tanja Lange View
Added "The rebound attack_cryptanalysis of reduced Whirlpool and Grøstl" by Florian Mendel, Christian
Rechberger, Martin Schläffer and Søren S. Thomsen View
Added "Preimage and pseudo-Collision attacks on step-reduced SM3 hash function" by Gaoli Wang and
Yanzhao Shen from School of Computer Science and Technology, Donghua University, Shanghai and China View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "Unaligned rebound attack: application to Keccak" by Alexandra Duc, Jian Guo, Thomas Peyrin and
Lei Wei View
Added "Energy-efficient bcrypt cracking" by Katja Malvoni and Solar Designer View
Added "Rebound attacks on the reduced Grøstl hash function" by Florian Mendel, Christian Rechberger,
Martin Schläffer and Søren S. Thomsen View
Added "How to improve rebound attacks" by Marı́a Naya-Plasencia from FHNW, Windisch, Switzerland View
Added "ECDH key extraction via low-bandwidth electromagnetic attacks on PCs" by Daniel Genkin, Lev
Pachmanov, Itamar Pipman and Eran Tromer from Tel Aviv University View
Added "The number field sieve for integers of low weight" by Oliver Schirokauer View
Added "Analysis of SHA-512/224 and SHA-512/256" by Christoph Dobraunig, Maria Eichlseder and Florian
Mendel from Graz University of Technology, Austria View
Network whitepapers
Added "Teaching an old dog (not that new) tricks - Stego in TCP_IP made easy (part 1)" by John Torakis
View
Added "Pozzo & Lucky, the phantom shell - Stego in TCP_IP (part 2)" by John Torakis View
Books
Added "Manufacturing consent - The political economy of the mass media" by Edwards S. Herman and Noam
Chomsky View
Added "La cryptographie militaire" by Auguste Kerckhoffs View
Added "nginx_A practical guide to high performance" by Stephen Corona View
Added "Fundamentals of digital logic with VHDL design (3rd edition)" by Stephen Brown and Zvonko
Vranesic View
Added "Interactive computer graphics: a top-down approach with shader-based OpenGL (6th edition)" by
Edward Angel and Dave Shreiner View
Various whitepapers
Added "Google infrastructure security design overview" by Google View
Added "The ProjectSauron APT, indicators of compromise" by Global Research and Analysis Team from
Kaspersky Lab View
Added "BETA CONTENT_ AppLocker FAQ" by Microsoft View
Added "BETA CONTENT_Planning and deploying Windows AppLocker policies" by Microsoft View
Added "Art of anti detection - 1, Introduction to AV & detection techniques" by Ege Balci (Invictus
Europe) View
Added "(Cross-)browser fingerprinting via OS and hardware level features" by Yinzhi Cao, Song Li and
Erik Wijmans View
Added "I know where your page lives - De-randomizing the latest Windows 10 kernel" by Enrique Elias
Nissim (IOActive) View
Added "Information security in Sweden - Situational assessement 2009" by Swedish Civil Contigencies
Agency View
Political/legal documents
Added "Bringing real muscle to bear against Syria" by CIA View
Added "Rebuilding America's defenses_Strategy, forces and resources for a new century" by The Project
for the New American Century View
Added "Child sex rings - A behavioral analysis for criminal justice professionals handling cases of
child sexual exploitation" by National Center for Missing & Exploited Children View
Added "Executive summary of joint FBI-CIA report on extent of Saudi government support for terrorism" by
FBI and CIA View
Manuals
Added "N2006P digital multi power, volt & amp meter operation manual" by e3b6a5y GlobalDigital View
Date: 31.12.16@2125 CEST
Changes:
Added volumes 6-21 of Microsoft's Security Intelligence Report Browse
Date: 19.12.16@2245 CEST
Changes:
Added "Higher order differential analysis of NORX" by Sourav Das (Infinera), Subhamony Maitra (Indian
Statistical Institute) and Willi Meier (FHNW) View
Date: 19.12.16@2218 CEST
Changes:
Added "Dalvik Executable (DEX) trick: Hidex" by Axelle Apvrille from Fortinet View
Added "Hide Android applications in images" by Axelle Apvrille (Fortinet) and Ange Albertini (Corkami)
View
Added ""I've got nothing to hide" and other misunderstanding of privacy" by Daniel J. Solove View
Date: 18.12.16@1045 CEST
Changes:
Added The Intercept's third dump of NSA's SIDtoday (first half of '04 and some '05) Browse
Date: 18.12.16@0044 CEST
Changes:
Added "Password Interception in a SSL/TLS Channel" by Brice Canvel1 (EPFL LASEC), Alain Hiltgen (UBS
AG), Serge Vaudenay (EPFL LASEC) and Martin Vuagnoux (EPFL SSC & Ilion) View
Added "Cache-oblivious algorithms - Extended abstract" by Matteo Frigo, Charles E. Leiserson, Harald
Prokop and Sridhar Ramachandran from the MIT Laboratory for Computer Science View
Added "Password security: past, present, future (with strong bias towards password hashing)" by Solar
Designer and Simon Marechal View
Added "Forward secrecy in TLS - A systematic study" by Nick Sullivan and Filippo Valsorda View
Added "The Linux kernel hidden inside Windows 10" by Alex Ionescu View
Added "A riddle wrapped in an Enigma" by Neal Koblitz and Alfred J. Menezes View
Added "Learning to Read Encrypted VoIP Conversations" by Fabian Monrose View
Added "Leaking beeps: unencrypted pager messages in industrial environments" by Stephen Hilt and
Philippe Lin View
Added "Efficient zero-knowledge proofs" by Jens Groth View
Added "NORX v3.0" by Jean-Philippe Aumasson, Philipp Jovanovic and Samuel Neves View
Added "Not-quite-so-broken TLS 1.3 mechanised conformance checking" by David Kaloper-Meršinjak and
Hannes Mehnet View
Added "DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive
Noise" by Mordechai Guri, Yosef Solewicz, Andrey Daidakulov and Yuval Elovici from the Ben-Gurion
University of Negev, Cyber Security Research Center View
Added "Color image encryption using spiral encoding technique and symmetric key" by Jayeeta Majumder and
Partha Pratim Bankura View
Added "Traffic analysis: or... encryption is not enough" by Carmela Troncoso View
Added "Microsoft Security Intelligence Report Volume 20" by Microsoft View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "RSA key extraction via low-bandwidth acoustic cryptanalysis" by Daniel Genkin, Adi Shamir and
Eran Tromer View
Added "Does the online card payment landscape unwittingly facilitate fraud ?" by Mohammed Aamir Ali,
Budi Arief, Martin Emms and Aad van Moorsel View
Added "Security flaws induced by CBC padding applications to SSL, IPSec, WTLS..." by Serge Vaudenay View
Added "How can quantum cryptography contribute to cyber-security ?" by Nicolas Gisin and Hugo Zbinden View
Added "Selecting cryptographics key sizes" by Arjen K. Lenstra and Eric R. Verheul View
Added "The ProjectSauron APT (v1.02, 9.8.16)" by the Global Research and Analysis Team from Kaspersky
Lab View
Added "Electromagnetic Radiation from Video Display Units - An Eavesdropping Risk ?" by Wim van Eck View
Added "Windows 10 mitigation improvements" by David Weston and Matt Miller View
Added "Ceph, Gluster, Swift - Similarities and differences" by Thiago da Silva and Prashanth Pai View
Added "Efficient ephemeral elliptic curve cryptographic keys" by Andrea Miele and Arjen K. Lenstra View
Added "Case study: a computer science perspective of bridge design" by Alfred Spector and David Gifford
View
Date: 7.11.16@2146 CEST
Notice: the website was unavailable from the afternoon of Friday 4.11.16 until the evening of Monday 7.11.16
due to an unexpected connectivity issue with the upstream provider. NO file has been altered during the
downtime.
Date: 5.10.16@2322 CEST
Changes:
Added "A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption
Datapaths — Toward Efficient CBC-Mode Implementation" by Rei Ueno, Sumio Morioka, Naofumi Homma and
Takafumi Aoki View
Added "Making master/slave systems work better with pgpool-II" by Tatsuo Ishii, SRA OSS, Inc. Japan View
Added "Key-Recovery Attacks on Universal Hash Function based MAC Algorithms" by Helena Handschuh and
Bart Preneel View
Added "Practical Forgeries and Distinguishers against PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki and
Lei Wang View
Added "Practical Cryptanalysis of PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki and Lei Wang View
Added "Off-Path TCP Exploits: Global Rate Limit Considered Dangerous" by Yue Cao, Zhiyun Qian, Zhongjie
Wang, Tuan Dao, Srikanth V. Krishnamurthy and Lisa M. Marvel View
Added "Using AES Round Symmetries to Distinguish PAES" by Jérémy Jean and Ivica Nikolić View
Added "PAES v1: Parallelizable Authenticated Encryption Schemes based on AES Round Function" by Dingfeng
Ye, Peng Wang, Lei Hu, Liping Wang, Yonghong Xie, Siwei Sun and Ping Wang, Institute of Information
engineering, Chinese Academy of Sciences View
Added "Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations" by Charles V.
Wright, Lucas Ballard, Scott E. Coull, Fabian Monrose and Gerald M. Masson, Johns Hopkins University View
Added "Truncating TLS Connections to Violate Beliefs in Web Applications" by Ben Smyth and Alfredo
Pironti, INRIA Paris-Rocquencourt View
Added "Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow" by Shuo Chen, Rui
Wang, XiaoFeng Wang and Kehuan Zhang View
Date: 16.8.16@1203 CEST
Changes:
Added "Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family" by Dmitry Khovratovich,
Christian Rechberger and Alexandra Savelieva View
Added "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice" by David Adrian, Karthikeyan
Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew
Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin
and Paul Zimmermann View
Added "NISTIR 8105 Draft: Report on Post-Quantum Cryptography" by Lily Chen, Stephen Jordan, Yi-Kai Liu,
Dustin Moody, Rene Peralta, Ray Perlner and Daniel Smith-Tone View
Added "On Collisions for MD5" by M.M.J. Stevens View
Added "To Decode Short Cryptograms" by George W. Hart View
Added The Intercept's second dump of NSA's SIDtoday (second half of '03, plus '04-'05) Browse
Date: 8.7.16@1920 CEST
Changes:
Added "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng" by Dan Shumow, Niels
Ferguson, Microsoft Corporation View
Date: 16.6.16@2304 CEST
Changes:
Added "Erasure Codes for Storage Systems - A Brief Primer" by James S. Plank View
Date: 13.6.16@1804 CEST
Changes:
Added FF 2015 6597 by the Federal Chancellery of Switzerland View
Resolved issues with the rendering of non-ASCII characters
Date: 10.6.16@1957 CEST
Changes:
Added "Untangling The Web - A Guide To Internet Research" by the NSA View
Date: 8.6.16@1358 CEST
Changes:
Added manual for the Supermicro X10SRL-F motherboard View
Date: 8.6.16@1007 CEST
Changes:
Added NSA's reply to Jason Leopold's Freedom of Information Act request regarding Edward Snowden View
Date: 25.5.16@1710 CEST
Changes:
Added "Plaintext-Recovery Attacks Against Datagram TLS" by Nadhem J. AlFardan and Kenneth G. Paterson,
Information Security Group, Royal Holloway, University of London View
Date: 18.5.16@1743 CEST
Changes:
Initial release of this document; pre-existing PDF files are not included here
Added The Intercept's 2003 dump of NSA's SIDtoday Browse