Notice: the upstream ISP will change on 01.03.21. This notice will be updated once the new IP address is delivered.
Update 01.03.2021@2126 CEST: the new IP is 81.221.198.85 81.221.147.41.
Date: 19.01.21@1104 CEST
Notice: unplanned maintenance had to be carried out, partly due to disk errors. All services were down from 0230 CEST until now. No data lost.
Date: 06.01.21@0033 CEST
Changes:
Some files and directories have been moved in an attempt to better organize the content. In case of 404s, please look around as it shouldn't be too hard to find the new paths.
Added:
Academia
Lecture notes, exercices, and tests from EPFL's Discrete Structures course Browse
Lecture notes from EPFL's Java OOP introduction course Browse
Lecture notes, exercices, and tests from EPFL's cryptography course by Serge Vaudenay Browse
Lecture notes from MIT's calculus & algebra introduction course Browse
"[...] a collection of descriptive grammars and pedagogical textbooks [...] of various natural languages and a few
prominent created languages [...] well over 2400 separate grammar books and dictionaries encompassing 1363
languages from every inhabited region of the globe."Browse
Various editions of the Digital Whisper e-zine Browse
Hardware
Reverse Engineering x86 Processor Microcode by Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz (Ruhr-Universität Bochum)
Notice: maintenance work will take place during the morning (approx. 1000 CEST), during which the website will not be available.
Date: 29.7.20@2027 CEST
Notice: due to ISP connectivity issues, the website was unavailable from roughly last midnight to now. The IP was subsequently changed to 77.56.129.162. Notice 2: now stable on 80.218.59.16.
Date: 7.5.20@1203 CEST
Notice: due to the previous complaint, the ISP had cut the Internet access until the situation was resolved. To prevent future censorship from any party, The Swiss Bay will slowly be transitioning to more resilient
networks.
Detailed information about this change will arrive in due time.
Date: 7.5.20@1200 CEST
Notice: due to a complaint, 4 PDFs from the Gentoomen Library have been removed:
Wishing to stay as transparent as possible, you may find a screenshot of the complaint here.
Date: 25.11.19@1647 CEST
Notice: maintenance work will take place soon, during which the website will not be available
Date: 17.10.19@1225 CEST
Notice: maintenance work will take place soon, during which the website will not be available
Update 17.10.19@1738 CEST: maintenance work is done and the site is operational again.
Date: 5.10.19@1752 CEST
Notice: Let's Encrypt certificates were previously installed by hand in the Web stack upon each renewal. This is now an automated task, so there should no longer be certificate expiry issues.
Date: 5.9.19@1652 CEST
Notice: maintenance work will take place soon, during which the website will not be available
Update 6.9.19@0132 CEST: maintenance work is done and the site is operational again, but some more downtime is to be expected during the next day.
Notice: maintenance work will take place some time during the day, during which the website will not be available. This notice will be appended by an update once the
job is done.
Update 13.5.18@2320 CEST: maintenance work is done and the site is operational again.
Notice: the maximum upload rate (i.e. download rate for users) has been set to 25Mbps globally. Our new WAN link grants us greater bandwidth.
Date: 12.12.17@1726 CEST
Notice: the upstream provider changed its IP allocation scheme without prior warning, resulting in invalid IP configuration on our side. The previous IP
address (84.72.152.153) was changed to another one (77.56.134.244). This unexpected change is to be considered normal.
Notice: the website will be unavailable for some time during the day because of maintenance work on electrical installations. This is planned to
happen every 6 months.
Update 6.9.17@1722 CEST: all services are now available again. Many backend components were also migrated to a new infrastructure, hence the rather
long downtime. In the future, this should not last more than 30 minutes.
Date: 30.8.17@0105 CEST
Notice: the maximum upload rate (i.e. download rate for users) has been set to 10Mbps globally in order to prevent the WAN link from becoming
too slow or even unresponsive due to ISP throttling.
Date: 10.8.17@0120 CEST
Notice: during the last two days, there have been periods during which the website was unreachable. This is due to hardware upgrades that
aim to improve the internal network with respect to stability and performance. More connectivity losses are to be expected in the near future.
Date: 16.6.17@2030 CEST
Notice: at around 1800 CEST, a power outage has occured. The UPS currently in use can provide current for a few hours, depending on
the load. As the upstream issue has not been resolved yet, there is a chance the webserver will be powered off (and hence the website will
be unavailable). This is expected to last a few hours, if not more. An update will be posted here when the situation changes.
Update 17.6.17@0250 CEST: input from the power company was OK but HPC fuses were blown on all phases, hence cutting power to anything.
The server likely shut down around 2130 CEST. The cause of the issue remains unknown but since 0240 CEST power is back (at least for now).
Date: 24.4.17@2250 CEST
Changes:
Added The Intercept's fourth dump of NSA's SIDtoday (second half of '04) Browse
Information:
The SIDtoday directory now uses Git to stay up to date instead of requiring a manual copy of new documents. That is why the "Last modified"
date shows today.
Date: 12.3.17@1849 CEST
Changes: Crypto whitepapers
Added "High-speed implementation of bcrypt password search using special-purpose hardware" by Friedrich Wiemer, Ralf Zimmermann,
Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum and Germany
View
Added "Are your passwords safe ? Energy-efficient bcrypt cracking with low-cost parallel hardware" by Katja Malvoni, Solar Designer
and Josip Knezovic View
Added "The rebound attack and subspace distinguishers: application to Whirlpool" by Mario Lamberger, Florian Mendel, Christian
Rechberger, Vincent Rijmen and Martin Schläffer View
Added "The Twofish team's final comments on AES selection" by Bruche Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall,
Niels Ferguson, Tadayoshi Kohno and Mike Stay View
Added "Cryptanalysis of AES-based hash functions" by Martin Schläfer View
Added "Imperfect forward secrecy: how Diffie-Hellman fails in practice" by David Adrian, Karthikeyan Bhargavan, Zakir Durumeric,
Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé and more View
Added "Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities" by Marc Stevens, Arjen Lenstra
and Benne de Weger View
Added "The first collision for full SHA-1" by Marc Stevens, Elie Bursztein, Pierre Karpman, Ange Albertini and Yarik Markov
View
Added "Security dangers of the NIST curves" by Daniel J. Bernstein and Tanja Lange View
Added "The rebound attack_cryptanalysis of reduced Whirlpool and Grøstl" by Florian Mendel, Christian Rechberger, Martin Schläffer
and Søren S. Thomsen View
Added "Preimage and pseudo-Collision attacks on step-reduced SM3 hash function" by Gaoli Wang and Yanzhao Shen from School of Computer
Science and Technology, Donghua University, Shanghai and China View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "Unaligned rebound attack: application to Keccak" by Alexandra Duc, Jian Guo, Thomas Peyrin and Lei Wei View
Added "Energy-efficient bcrypt cracking" by Katja Malvoni and Solar Designer View
Added "Rebound attacks on the reduced Grøstl hash function" by Florian Mendel, Christian Rechberger, Martin Schläffer and Søren
S. Thomsen View
Added "How to improve rebound attacks" by Marı́a Naya-Plasencia from FHNW, Windisch, Switzerland View
Added "ECDH key extraction via low-bandwidth electromagnetic attacks on PCs" by Daniel Genkin, Lev Pachmanov, Itamar Pipman and
Eran Tromer from Tel Aviv University View
Added "The number field sieve for integers of low weight" by Oliver Schirokauer View
Added "Analysis of SHA-512/224 and SHA-512/256" by Christoph Dobraunig, Maria Eichlseder and Florian Mendel from Graz University
of Technology, Austria View
Network whitepapers
Added "Teaching an old dog (not that new) tricks - Stego in TCP_IP made easy (part 1)" by John Torakis
View
Added "Pozzo & Lucky, the phantom shell - Stego in TCP_IP (part 2)" by John Torakis View
Books
Added "Manufacturing consent - The political economy of the mass media" by Edwards S. Herman and Noam Chomsky View
Added "La cryptographie militaire" by Auguste Kerckhoffs View
Added "nginx_A practical guide to high performance" by Stephen Corona View
Added "Fundamentals of digital logic with VHDL design (3rd edition)" by Stephen Brown and Zvonko Vranesic View
Added "Interactive computer graphics: a top-down approach with shader-based OpenGL (6th edition)" by Edward Angel and Dave Shreiner
View
Various whitepapers
Added "Google infrastructure security design overview" by Google View
Added "The ProjectSauron APT, indicators of compromise" by Global Research and Analysis Team from Kaspersky Lab View
Added "BETA CONTENT_ AppLocker FAQ" by Microsoft View
Added "BETA CONTENT_Planning and deploying Windows AppLocker policies" by Microsoft View
Added "Art of anti detection - 1, Introduction to AV & detection techniques" by Ege Balci (Invictus Europe) View
Added "(Cross-)browser fingerprinting via OS and hardware level features" by Yinzhi Cao, Song Li and Erik Wijmans View
Added "I know where your page lives - De-randomizing the latest Windows 10 kernel" by Enrique Elias Nissim (IOActive) View
Added "Information security in Sweden - Situational assessement 2009" by Swedish Civil Contigencies Agency View
Political/legal documents
Added "Bringing real muscle to bear against Syria" by CIA View
Added "Rebuilding America's defenses_Strategy, forces and resources for a new century" by The Project for the New American Century
View
Added "Child sex rings - A behavioral analysis for criminal justice professionals handling cases of child sexual exploitation"
by National Center for Missing & Exploited Children View
Added "Executive summary of joint FBI-CIA report on extent of Saudi government support for terrorism" by FBI and CIA View
Manuals
Added "N2006P digital multi power, volt & amp meter operation manual" by e3b6a5y GlobalDigital View
Date: 31.12.16@2125 CEST
Changes:
Added volumes 6-21 of Microsoft's Security Intelligence Report Browse
Date: 19.12.16@2245 CEST
Changes:
Added "Higher order differential analysis of NORX" by Sourav Das (Infinera), Subhamony Maitra (Indian Statistical Institute)
and Willi Meier (FHNW) View
Date: 19.12.16@2218 CEST
Changes:
Added "Dalvik Executable (DEX) trick: Hidex" by Axelle Apvrille from Fortinet View
Added "Hide Android applications in images" by Axelle Apvrille (Fortinet) and Ange Albertini (Corkami)
View
Added ""I've got nothing to hide" and other misunderstanding of privacy" by Daniel J. Solove View
Date: 18.12.16@1045 CEST
Changes:
Added The Intercept's third dump of NSA's SIDtoday (first half of '04 and some '05) Browse
Date: 18.12.16@0044 CEST
Changes:
Added "Password Interception in a SSL/TLS Channel" by Brice Canvel1 (EPFL LASEC), Alain Hiltgen (UBS AG), Serge
Vaudenay (EPFL LASEC) and Martin Vuagnoux (EPFL SSC & Ilion) View
Added "Cache-oblivious algorithms - Extended abstract" by Matteo Frigo, Charles E. Leiserson, Harald Prokop
and Sridhar Ramachandran from the MIT Laboratory for Computer Science View
Added "Password security: past, present, future (with strong bias towards password hashing)" by Solar Designer
and Simon Marechal View
Added "Forward secrecy in TLS - A systematic study" by Nick Sullivan and Filippo Valsorda View
Added "The Linux kernel hidden inside Windows 10" by Alex Ionescu View
Added "A riddle wrapped in an Enigma" by Neal Koblitz and Alfred J. Menezes View
Added "Learning to Read Encrypted VoIP Conversations" by Fabian Monrose View
Added "Leaking beeps: unencrypted pager messages in industrial environments" by Stephen Hilt and Philippe Lin
View
Added "Efficient zero-knowledge proofs" by Jens Groth View
Added "NORX v3.0" by Jean-Philippe Aumasson, Philipp Jovanovic and Samuel Neves View
Added "Not-quite-so-broken TLS 1.3 mechanised conformance checking" by David Kaloper-Meršinjak and Hannes
Mehnet View
Added "DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise"
by Mordechai Guri, Yosef Solewicz, Andrey Daidakulov and Yuval Elovici from the Ben-Gurion University of
Negev, Cyber Security Research Center View
Added "Color image encryption using spiral encoding technique and symmetric key" by Jayeeta Majumder and Partha
Pratim Bankura View
Added "Traffic analysis: or... encryption is not enough" by Carmela Troncoso View
Added "Microsoft Security Intelligence Report Volume 20" by Microsoft View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "RSA key extraction via low-bandwidth acoustic cryptanalysis" by Daniel Genkin, Adi Shamir and Eran Tromer
View
Added "Does the online card payment landscape unwittingly facilitate fraud ?" by Mohammed Aamir Ali, Budi Arief,
Martin Emms and Aad van Moorsel View
Added "Security flaws induced by CBC padding applications to SSL, IPSec, WTLS..." by Serge Vaudenay View
Added "How can quantum cryptography contribute to cyber-security ?" by Nicolas Gisin and Hugo Zbinden View
Added "Selecting cryptographics key sizes" by Arjen K. Lenstra and Eric R. Verheul View
Added "The ProjectSauron APT (v1.02, 9.8.16)" by the Global Research and Analysis Team from Kaspersky Lab
View
Added "Electromagnetic Radiation from Video Display Units - An Eavesdropping Risk ?" by Wim van Eck View
Added "Windows 10 mitigation improvements" by David Weston and Matt Miller View
Added "Ceph, Gluster, Swift - Similarities and differences" by Thiago da Silva and Prashanth Pai View
Added "Efficient ephemeral elliptic curve cryptographic keys" by Andrea Miele and Arjen K. Lenstra View
Added "Case study: a computer science perspective of bridge design" by Alfred Spector and David Gifford
View
Date: 7.11.16@2146 CEST
Notice: the website was unavailable from the afternoon of Friday 4.11.16 until the evening of Monday 7.11.16 due to an unexpected connectivity issue with the upstream provider. NO file has been altered during the downtime.
Date: 5.10.16@2322 CEST
Changes:
Added "A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption Datapaths
— Toward Efficient CBC-Mode Implementation" by Rei Ueno, Sumio Morioka, Naofumi Homma and Takafumi
Aoki View
Added "Making master/slave systems work better with pgpool-II" by Tatsuo Ishii, SRA OSS, Inc. Japan
View
Added "Key-Recovery Attacks on Universal Hash Function based MAC Algorithms" by Helena Handschuh and
Bart Preneel View
Added "Practical Forgeries and Distinguishers against PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki
and Lei Wang View
Added "Practical Cryptanalysis of PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki and Lei Wang View
Added "Off-Path TCP Exploits: Global Rate Limit Considered Dangerous" by Yue Cao, Zhiyun Qian, Zhongjie
Wang, Tuan Dao, Srikanth V. Krishnamurthy and Lisa M. Marvel View
Added "Using AES Round Symmetries to Distinguish PAES" by Jérémy Jean and Ivica Nikolić View
Added "PAES v1: Parallelizable Authenticated Encryption Schemes based on AES Round Function" by Dingfeng
Ye, Peng Wang, Lei Hu, Liping Wang, Yonghong Xie, Siwei Sun and Ping Wang, Institute of Information
engineering, Chinese Academy of Sciences View
Added "Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations" by Charles V.
Wright, Lucas Ballard, Scott E. Coull, Fabian Monrose and Gerald M. Masson, Johns Hopkins University
View
Added "Truncating TLS Connections to Violate Beliefs in Web Applications" by Ben Smyth and Alfredo
Pironti, INRIA Paris-Rocquencourt View
Added "Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow" by Shuo Chen,
Rui Wang, XiaoFeng Wang and Kehuan Zhang View
Date: 16.8.16@1203 CEST
Changes:
Added "Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family" by Dmitry Khovratovich,
Christian Rechberger and Alexandra Savelieva View
Added "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice" by David Adrian, Karthikeyan
Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger,
Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago
Zanella-Béguelin and Paul Zimmermann View
Added "NISTIR 8105 Draft: Report on Post-Quantum Cryptography" by Lily Chen, Stephen Jordan, Yi-Kai
Liu, Dustin Moody, Rene Peralta, Ray Perlner and Daniel Smith-Tone View
Added "On Collisions for MD5" by M.M.J. Stevens View
Added "To Decode Short Cryptograms" by George W. Hart View
Added The Intercept's second dump of NSA's SIDtoday (second half of '03, plus '04-'05) Browse
Date: 8.7.16@1920 CEST
Changes:
Added "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng" by Dan Shumow,
Niels Ferguson, Microsoft Corporation View
Date: 16.6.16@2304 CEST
Changes:
Added "Erasure Codes for Storage Systems - A Brief Primer" by James S. Plank View
Date: 13.6.16@1804 CEST
Changes:
Added FF 2015 6597 by the Federal Chancellery of Switzerland View
Resolved issues with the rendering of non-ASCII characters
Date: 10.6.16@1957 CEST
Changes:
Added "Untangling The Web - A Guide To Internet Research" by the NSA View
Date: 8.6.16@1358 CEST
Changes:
Added manual for the Supermicro X10SRL-F motherboard View
Date: 8.6.16@1007 CEST
Changes:
Added NSA's reply to Jason Leopold's Freedom of Information Act request
regarding Edward Snowden View
Date: 25.5.16@1710 CEST
Changes:
Added "Plaintext-Recovery Attacks Against Datagram TLS" by Nadhem J.
AlFardan and Kenneth G. Paterson, Information Security Group, Royal
Holloway, University of London View
Date: 18.5.16@1743 CEST
Changes:
Initial release of this document; pre-existing PDF files are not
included here
Added The Intercept's 2003 dump of NSA's SIDtoday Browse
