Date: 15.08.20@0141 CEST Notice: maintenance work will take place during the morning (approx. 1000 CEST), during which the website will not be available.
Date: 29.7.20@2027 CEST Notice: due to ISP connectivity issues, the website was unavailable from roughly last midnight to now. The IP was subsequently changed to 77.56.129.162.
Date: 7.5.20@1203 CEST Notice: due to the previous complaint, the ISP had cut the Internet access until the situation was resolved.
To prevent future censorship from any party, The Swiss Bay will slowly be transitioning to more resilient networks.
Detailed information about this change will arrive in due time.
Date: 7.5.20@1200 CEST Notice: due to a complaint, 4 PDFs from the Gentoomen Library have been removed:
Wishing to stay as transparent as possible, you may find a screenshot of the complaint here.
Date: 25.11.19@1647 CEST Notice: maintenance work will take place soon, during which the website will not be available
Date: 17.10.19@1225 CEST Notice: maintenance work will take place soon, during which the website will not be available
Update 17.10.19@1738 CEST: maintenance work is done and the site is operational again.
Date: 5.10.19@1752 CEST Notice: Let's Encrypt certificates were previously installed by hand in the Web stack upon each renewal. This is now an automated task, so there should no longer be certificate expiry issues.
Date: 5.9.19@1652 CEST Notice: maintenance work will take place soon, during which the website will not be available
Update 6.9.19@0132 CEST: maintenance work is done and the site is operational again, but some more downtime is to be expected during the next day.
Date: 13.5.18@1220 CEST Notice: maintenance work will take place some time during the day, during which the website will not be available. This notice will be appended by an update once the job is done.
Update 13.5.18@2320 CEST: maintenance work is done and the site is operational again.
Date: 12.12.17@1729 CEST Notice: the maximum upload rate (i.e. download rate for users) has been set to 25Mbps globally. Our new WAN link grants us greater bandwidth.
Date: 12.12.17@1726 CEST Notice: the upstream provider changed its IP allocation scheme without prior warning, resulting in invalid IP configuration on our side. The previous IP address (84.72.152.153) was changed to another one (77.56.134.244). This unexpected change is to be considered normal.
Date: 5.9.17@0055 CEST Notice: the website will be unavailable for some time during the day because of maintenance work on electrical installations. This is planned to happen every 6 months.
Update 6.9.17@1722 CEST: all services are now available again. Many backend components were also migrated to a new infrastructure, hence the rather long downtime. In the future, this should not last more than 30 minutes.
Date: 30.8.17@0105 CEST Notice: the maximum upload rate (i.e. download rate for users) has been set to 10Mbps globally in order to prevent the WAN link from becoming too slow or even unresponsive due to ISP throttling.
Date: 10.8.17@0120 CEST Notice: during the last two days, there have been periods during which the website was unreachable. This is due to hardware upgrades that aim to improve the internal network with respect to stability and performance. More connectivity losses are to be expected in the near future.
Date: 16.6.17@2030 CEST Notice: at around 1800 CEST, a power outage has occured. The UPS currently in use can provide current for a few hours, depending on the load. As the upstream issue has not been resolved yet, there is a chance the webserver will be powered off (and hence the website will be unavailable). This is expected to last a few hours, if not more. An update will be posted here when the situation changes.
Update 17.6.17@0250 CEST: input from the power company was OK but HPC fuses were blown on all phases, hence cutting power to anything. The server likely shut down around 2130 CEST. The cause of the issue remains unknown but since 0240 CEST power is back (at least for now).
Date: 24.4.17@2250 CEST
Changes:
Added The Intercept's fourth dump of NSA's SIDtoday (second half of '04) Browse
Information:
The SIDtoday directory now uses Git to stay up to date instead of requiring a manual copy of new documents. That is why the "Last modified" date shows today.
Date: 12.3.17@1849 CEST
Changes:
Crypto whitepapers
Added "High-speed implementation of bcrypt password search using special-purpose hardware" by Friedrich Wiemer, Ralf Zimmermann, Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum and Germany View
Added "Are your passwords safe ? Energy-efficient bcrypt cracking with low-cost parallel hardware" by Katja Malvoni, Solar Designer and Josip Knezovic View
Added "The rebound attack and subspace distinguishers: application to Whirlpool" by Mario Lamberger, Florian Mendel, Christian Rechberger, Vincent Rijmen and Martin Schläffer View
Added "The Twofish team's final comments on AES selection" by Bruche Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson, Tadayoshi Kohno and Mike Stay View
Added "Cryptanalysis of AES-based hash functions" by Martin Schläfer View
Added "Imperfect forward secrecy: how Diffie-Hellman fails in practice" by David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé and more View
Added "Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities" by Marc Stevens, Arjen Lenstra and Benne de Weger View
Added "The first collision for full SHA-1" by Marc Stevens, Elie Bursztein, Pierre Karpman, Ange Albertini and Yarik Markov View
Added "Security dangers of the NIST curves" by Daniel J. Bernstein and Tanja Lange View
Added "The rebound attack_cryptanalysis of reduced Whirlpool and Grøstl" by Florian Mendel, Christian Rechberger, Martin Schläffer and Søren S. Thomsen View
Added "Preimage and pseudo-Collision attacks on step-reduced SM3 hash function" by Gaoli Wang and Yanzhao Shen from School of Computer Science and Technology, Donghua University, Shanghai and China View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "Unaligned rebound attack: application to Keccak" by Alexandra Duc, Jian Guo, Thomas Peyrin and Lei Wei View
Added "Energy-efficient bcrypt cracking" by Katja Malvoni and Solar Designer View
Added "Rebound attacks on the reduced Grøstl hash function" by Florian Mendel, Christian Rechberger, Martin Schläffer and Søren S. Thomsen View
Added "How to improve rebound attacks" by Marı́a Naya-Plasencia from FHNW, Windisch, Switzerland View
Added "ECDH key extraction via low-bandwidth electromagnetic attacks on PCs" by Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer from Tel Aviv University View
Added "The number field sieve for integers of low weight" by Oliver Schirokauer View
Added "Analysis of SHA-512/224 and SHA-512/256" by Christoph Dobraunig, Maria Eichlseder and Florian Mendel from Graz University of Technology, Austria View
Network whitepapers
Added "Teaching an old dog (not that new) tricks - Stego in TCP_IP made easy (part 1)" by John Torakis View
Added "Pozzo & Lucky, the phantom shell - Stego in TCP_IP (part 2)" by John Torakis View
Books
Added "Manufacturing consent - The political economy of the mass media" by Edwards S. Herman and Noam Chomsky View
Added "La cryptographie militaire" by Auguste Kerckhoffs View
Added "nginx_A practical guide to high performance" by Stephen Corona View
Added "Fundamentals of digital logic with VHDL design (3rd edition)" by Stephen Brown and Zvonko Vranesic View
Added "Interactive computer graphics: a top-down approach with shader-based OpenGL (6th edition)" by Edward Angel and Dave Shreiner View
Various whitepapers
Added "Google infrastructure security design overview" by Google View
Added "The ProjectSauron APT, indicators of compromise" by Global Research and Analysis Team from Kaspersky Lab View
Added "BETA CONTENT_ AppLocker FAQ" by Microsoft View
Added "BETA CONTENT_Planning and deploying Windows AppLocker policies" by Microsoft View
Added "Art of anti detection - 1, Introduction to AV & detection techniques" by Ege Balci (Invictus Europe) View
Added "(Cross-)browser fingerprinting via OS and hardware level features" by Yinzhi Cao, Song Li and Erik Wijmans View
Added "I know where your page lives - De-randomizing the latest Windows 10 kernel" by Enrique Elias Nissim (IOActive) View
Added "Information security in Sweden - Situational assessement 2009" by Swedish Civil Contigencies Agency View
Political/legal documents
Added "Bringing real muscle to bear against Syria" by CIA View
Added "Rebuilding America's defenses_Strategy, forces and resources for a new century" by The Project for the New American Century View
Added "Child sex rings - A behavioral analysis for criminal justice professionals handling cases of child sexual exploitation" by National Center for Missing & Exploited Children View
Added "Executive summary of joint FBI-CIA report on extent of Saudi government support for terrorism" by FBI and CIA View
Manuals
Added "N2006P digital multi power, volt & amp meter operation manual" by e3b6a5y GlobalDigital View
Date: 31.12.16@2125 CEST
Changes:
Added volumes 6-21 of Microsoft's Security Intelligence Report Browse
Date: 19.12.16@2245 CEST
Changes:
Added "Higher order differential analysis of NORX" by Sourav Das (Infinera), Subhamony Maitra (Indian Statistical Institute) and Willi Meier (FHNW) View
Date: 19.12.16@2218 CEST
Changes:
Added "Dalvik Executable (DEX) trick: Hidex" by Axelle Apvrille from Fortinet View
Added "Hide Android applications in images" by Axelle Apvrille (Fortinet) and Ange Albertini (Corkami) View
Added ""I've got nothing to hide" and other misunderstanding of privacy" by Daniel J. Solove View
Date: 18.12.16@1045 CEST
Changes:
Added The Intercept's third dump of NSA's SIDtoday (first half of '04 and some '05) Browse
Date: 18.12.16@0044 CEST
Changes:
Added "Password Interception in a SSL/TLS Channel" by Brice Canvel1 (EPFL LASEC), Alain Hiltgen (UBS AG), Serge Vaudenay (EPFL LASEC) and Martin Vuagnoux (EPFL SSC & Ilion) View
Added "Cache-oblivious algorithms - Extended abstract" by Matteo Frigo, Charles E. Leiserson, Harald Prokop and Sridhar Ramachandran from the MIT Laboratory for Computer Science View
Added "Password security: past, present, future (with strong bias towards password hashing)" by Solar Designer and Simon Marechal View
Added "Forward secrecy in TLS - A systematic study" by Nick Sullivan and Filippo Valsorda View
Added "The Linux kernel hidden inside Windows 10" by Alex Ionescu View
Added "A riddle wrapped in an Enigma" by Neal Koblitz and Alfred J. Menezes View
Added "Learning to Read Encrypted VoIP Conversations" by Fabian Monrose View
Added "Leaking beeps: unencrypted pager messages in industrial environments" by Stephen Hilt and Philippe Lin View
Added "Efficient zero-knowledge proofs" by Jens Groth View
Added "NORX v3.0" by Jean-Philippe Aumasson, Philipp Jovanovic and Samuel Neves View
Added "Not-quite-so-broken TLS 1.3 mechanised conformance checking" by David Kaloper-Meršinjak and Hannes Mehnet View
Added "DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise" by Mordechai Guri, Yosef Solewicz, Andrey Daidakulov and Yuval Elovici from the Ben-Gurion University of Negev, Cyber Security Research Center View
Added "Color image encryption using spiral encoding technique and symmetric key" by Jayeeta Majumder and Partha Pratim Bankura View
Added "Traffic analysis: or... encryption is not enough" by Carmela Troncoso View
Added "Microsoft Security Intelligence Report Volume 20" by Microsoft View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "RSA key extraction via low-bandwidth acoustic cryptanalysis" by Daniel Genkin, Adi Shamir and Eran Tromer View
Added "Does the online card payment landscape unwittingly facilitate fraud ?" by Mohammed Aamir Ali, Budi Arief, Martin Emms and Aad van Moorsel View
Added "Security flaws induced by CBC padding applications to SSL, IPSec, WTLS..." by Serge Vaudenay View
Added "How can quantum cryptography contribute to cyber-security ?" by Nicolas Gisin and Hugo Zbinden View
Added "Selecting cryptographics key sizes" by Arjen K. Lenstra and Eric R. Verheul View
Added "The ProjectSauron APT (v1.02, 9.8.16)" by the Global Research and Analysis Team from Kaspersky Lab View
Added "Electromagnetic Radiation from Video Display Units - An Eavesdropping Risk ?" by Wim van Eck View
Added "Windows 10 mitigation improvements" by David Weston and Matt Miller View
Added "Ceph, Gluster, Swift - Similarities and differences" by Thiago da Silva and Prashanth Pai View
Added "Efficient ephemeral elliptic curve cryptographic keys" by Andrea Miele and Arjen K. Lenstra View
Added "Case study: a computer science perspective of bridge design" by Alfred Spector and David Gifford View
Date: 7.11.16@2146 CEST
Notice: the website was unavailable from the afternoon of Friday 4.11.16 until the evening of Monday 7.11.16 due to an unexpected connectivity issue with the upstream provider. NO file has been altered during the downtime.
Date: 5.10.16@2322 CEST
Changes:
Added "A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption Datapaths — Toward Efficient CBC-Mode Implementation" by Rei Ueno, Sumio Morioka, Naofumi Homma and Takafumi Aoki View
Added "Making master/slave systems work better with pgpool-II" by Tatsuo Ishii, SRA OSS, Inc. Japan View
Added "Key-Recovery Attacks on Universal Hash Function based MAC Algorithms" by Helena Handschuh and Bart Preneel View
Added "Practical Forgeries and Distinguishers against PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki and Lei Wang View
Added "Practical Cryptanalysis of PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki and Lei Wang View
Added "Off-Path TCP Exploits: Global Rate Limit Considered Dangerous" by Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy and Lisa M. Marvel View
Added "Using AES Round Symmetries to Distinguish PAES" by Jérémy Jean and Ivica Nikolić View
Added "PAES v1: Parallelizable Authenticated Encryption Schemes based on AES Round Function" by Dingfeng Ye, Peng Wang, Lei Hu, Liping Wang, Yonghong Xie, Siwei Sun and Ping Wang, Institute of Information engineering, Chinese Academy of Sciences View
Added "Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations" by Charles V. Wright, Lucas Ballard, Scott E. Coull, Fabian Monrose and Gerald M. Masson, Johns Hopkins University View
Added "Truncating TLS Connections to Violate Beliefs in Web Applications" by Ben Smyth and Alfredo Pironti, INRIA Paris-Rocquencourt View
Added "Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow" by Shuo Chen, Rui Wang, XiaoFeng Wang and Kehuan Zhang View
Date: 16.8.16@1203 CEST
Changes:
Added "Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family" by Dmitry Khovratovich, Christian Rechberger and Alexandra Savelieva View
Added "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice" by David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin and Paul Zimmermann View
Added "NISTIR 8105 Draft: Report on Post-Quantum Cryptography" by Lily Chen, Stephen Jordan, Yi-Kai Liu, Dustin Moody, Rene Peralta, Ray Perlner and Daniel Smith-Tone View
Added "On Collisions for MD5" by M.M.J. Stevens View
Added "To Decode Short Cryptograms" by George W. Hart View
Added The Intercept's second dump of NSA's SIDtoday (second half of '03, plus '04-'05) Browse
Date: 8.7.16@1920 CEST
Changes:
Added "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng" by Dan Shumow, Niels Ferguson, Microsoft Corporation View
Date: 16.6.16@2304 CEST
Changes:
Added "Erasure Codes for Storage Systems - A Brief Primer" by James S. Plank View
Date: 13.6.16@1804 CEST
Changes:
Added FF 2015 6597 by the Federal Chancellery of Switzerland View
Resolved issues with the rendering of non-ASCII characters
Date: 10.6.16@1957 CEST
Changes:
Added "Untangling The Web - A Guide To Internet Research" by the NSA View
Date: 8.6.16@1358 CEST
Changes:
Added manual for the Supermicro X10SRL-F motherboard View
Date: 8.6.16@1007 CEST
Changes:
Added NSA's reply to Jason Leopold's Freedom of Information Act request regarding Edward Snowden View
Date: 25.5.16@1710 CEST
Changes:
Added "Plaintext-Recovery Attacks Against Datagram TLS" by Nadhem J. AlFardan and Kenneth G. Paterson, Information Security Group, Royal Holloway, University of London View
Date: 18.5.16@1743 CEST
Changes:
Initial release of this document; pre-existing PDF files are not included here
Added The Intercept's 2003 dump of NSA's SIDtoday Browse
