So much of what interests me and consumes the tech industry these days relates to Cryptography, and in particularly public key cryptography. The list would include Heartbleed, NSA spying on citizens, and of course, Bitcoin and Blockhains.

And yet, when I hear people talk about Cryptography or when I read about Cryptography, my eyes tend to glaze over because I never studied Cryptography and am a self taught coder.

So I need to fix this. I want to bone up on Cryptography. Where should I start and what should I read?


Comments (Archived):

  1. Paul Williams

    Applied cryptography -Bruce Schneier -Wiley PressIt starts with Alice and Bob, but very quickly introduces Trent into the story :)or go for the full package which includes :1. Applied cryptography 2. Secrets and lies 3. Practical cryptography -Schneier & Ferguson.

    1. Roland Turner

      This is the definitive text.

    2. Big_fan

      I think Schneier is on record as saying Applied Cryptography lead to lots of bad behaviours and that Cryptography Engineering: Design Principles and Practical Applications is his recommendation now

    3. G

      For a basic introduction to cryptography, I always found is second book much better. It also introduce a lot of the main concept in network security and is still relevant today.Secrets and Lies: Digital Security in a Networked World:

    4. Laura Yecies

      His blog is a must read

    5. Tony Finch

      Practical Cryptography is horribly out-of-date and has some bad recommendations and awkward omissions. Get something more recent, e.g. Cryptography Engineering by Ferguson, Schneier, and Kohno.

    1. MikeTannenbaum

      Not that you know me from anyone else, but I just started this class the other day and really enjoy the foundation of knowledge it’s laying.

    1. Kirsten Lambertsen

      Now there’s something live by: “start where a kid might.” Keeper!

      1. Anne Libby


  2. Dennis

    This blog post is for “red-blooded American programmer[s] with a simmering interest in cryptography”. It will help you decide which resources are right for your interests, and it focused on helping engineers avoid common mistakes. Many people are going to drop a textbook in your lap and say, “read it :)” but that alone will leave you with some gaps in your practical knowledge.

  3. aweissman

    Well, one can usually start with Neil Stephenson for most things…

    1. Anne Libby

      That’s what sent me to the crypto course on Khan Academy! So good.

      1. WA

        Great idea. Thanks. 🙂

    2. WA

      One of the better books on my shelf. Great read. I can see why it drove Anne to Khan.

      1. Anne Libby

        Also, often laugh out loud funny, which I wasn’t expecting.

    3. Paul Sanwald

      great call! I just posted about this also. I love this book.

    4. Scott Carleton

      Just finished that book – having started it with no knowledge of its contents and all of a sudden my novel for fun was filled with Startups and crypto currencies. Le sigh

    5. ShanaC

      also, excellent story

    6. Jay Bregman


  4. LIAD

    I took my own crypto crash course last year.Still don’t understand the math for shit but get it conceptually and found real beauty in the way cryptography underpins and elegantly solves problems of significant importance which affects us all daily.The Diffie Hellman key exchange is a good way of whetting someone’s appetite.

  5. David Semeria

    The big breakthrough came with the invention of asymmetric (or public key) cryptography (link).To communicate securely, both parties first need to establish a “shared secret” which is subsequently used to encrypt their messages. This raises the paradoxical question of “how do I securely communicate a shared secret to somebody over an unsecure network?”Asymmetric cryptography is the answer, and it’s actually very easy to understand. I send you a small metal box which contains an open padlock. You put the secret to be shared inside the box and then close it with the padlock and send the box back to me. Since I’m the only person with the key to the padlock, only I can see inside the box.Voilà! We have managed to securely share a secret over an unsecure network.In this analogy, the box is the public key and the padlock key is the private key. This is why exposing your private key (or having it cracked) is such a big deal. If that happens anyone with a copy of the padlock key can look inside the box.Once the shared secret is established then both parties can communicate securely by encrypting their messages with the shared secret. It is the establishing of the shared secret that is the tricky part.

    1. Ahti Kitsik

      It also makes sense to note that public-private key (asymmetric) algorithms are much slower than the symmetric.Therefore often there is a combination of both — asymmetric key is used for initial authentication and after this symmetric key is generated for the session and exchanged between the users.This performance vs cracking complexity difference is also one of the reasons why symmetric crypto is used to securely store data (local storage, backups etc) instead of asymmetric.

    2. JLM

      .Another concept is what is called “gold in the trash” in which anything of value is mixed in with trash.The asymmetry is introduced by putting the real message inside a body of data packets in which the “key” first determines which data packets are the real ones (gold) and which ones are the filler (trash).In this manner, anyone trying to broke the encryption has also to find the gold in the trash.These techniques are the ones that make good encryption great.They are made even more powerful by making the gold assemble itself in different time of day placement.The most powerful tradecraft is that which is only known to the participants and is really not code at all.”Meet me at the place at the usual time.” You can decipher the message fine but it is not actionable unless you know for certain a particular fact.JLM.

      1. Ellie Kesselman

        Yay! You know about public key steganography! It is so cool. I thought it was charmingly clever ever since I first read about it. I wonder if Alex Halderman et. al. went any further with it? What Once Was Old…

    3. Mark Essel

      hmm proof of ownership of the public key is also necessary right?”After obtaining an authentic copy of each other’s public keys, Alice and Bob can compute a shared secret offline. “otherwise anyone could intercept and give you their own padlock/box and get your private keydig the analogy btw

      1. David Semeria

        Hi Mark. Yes, that’s what certificates are for.

        1. Mark Essel


  6. Semil Shah

    First time commenting *from* NYC proper, in the morning! Asked the same question last week and was pointed to this as a primer:

    1. Andrew Kennedy

      Must feel right

    2. awaldstein

      Welcome and enjoy the city.If you are on the west side downtown, my buddies new restaurant/wine bar opens tomorrow in TriBeCa.http://www.racinesny.comIf you go tell them I sent you.

      1. Semil Shah

        Just sent you an email, tomorrow 6-8pm at Hill & Dale.

    3. SubstrateUndertow


  7. Brian Crain

    The Code Book is a super fascinating account of the history of cryptography. There is also an extended section in it about public key crypto.(

    1. SubstrateUndertow

      “The Code Booktells the story of the most powerful intellectual weapon ever known: secrecy.”Doesn’t that implies that “privacy” is the most “primal ownership” issue involved in protecting/empowering the autonomous-agency supposedly granted to the democratic citizenry?But now that autonomous-agency empowering “privacy” seems to be reserved only for the STATE !That anti-democratic STATE of affairs seems dangerously up-side-down !

  8. Dan Storms

    Swing by Cornell Tech and chat with Cryptography Prof Rafael Pass. One of the best. Awesome for NYC that he recently moved to down from the main Cornell Engineering campus.

  9. andrewparker

    This course just started two weeks ago. I don’t think it’s too late to join, but you should jump in right away.

    1. Rob Underwood

      It is not too late to join. I am taking the course and enjoying it a lot. It’s well done.

    2. Rob Underwood

      Left something out — if there is critical mass of folks doing the Coursera class here in NYC, would anyone like to do a study group? Happy to host some sessions here at Relay.

  10. Jason C

    Not specifically about cryptography but Krebs On Security is a must read for people wanting to understand internet security from a high-level down to some low-level description –

  11. Tony

    I started with…Hands down one of the best crypto courses out there. It brought me from knowing nothing about crypto to at least being able to have an intelligent discussion about it. Then I read “Cryptography Engineering: Design Principles and Practical Applications” to fill in the gaps. Both of these will not go into things like Bitcoin and the block chain, but will give a really great foundation to understand it.

  12. pointsnfigures

    Was helping to judge the NVC at UChicago last night. The fad in startups was big data; but what’s on the mind of every CIO/CTO is security.

    1. LE

      Security is an emotional buy.As such there is huge opportunity. The FUD factor. [1]Big data is not an emotional thing like security is. As such it’s not as easy to sell.[1] Fear undertainty doubt. (Used by IBM and Microsoft successfully.)

    2. Nilesh Trivedi

      Security has always been on CIO’s mind. Back in the Web1.0 days, it was about perimeter security and locking down the enterprise. That gave rise to Firewall and VPN technologies. But this kept applications still open and vulnerable. But this wasn’t a big deal since applications & services weren’t as pervasive. With device proliferation, we now have a problem where perimeteri’zed security is not enough since I could carry a malware through my mobile phone onto enterprise and screw everything up inside. One thing I learnt as a self-learned hacker and then security product guy was that security is a problem of obscurity. You protect yourself with *something* and hope that it’s safe. And it’s safe till the next flaw is discovered and you are back to square one. The security industry goes through this cycle every 5-7 years.

  13. Nate Kidwell

    Agree with the recommendations of the coursera (Dan Boneh is awesome) and udacity courses. Note also that coursera has an upcoming security track where Jon Katz (authored a great book on crypto btw –… ) will be teaching a class on crypto (and they will have related classes covering other aspects of security).One thing to consider is whether you want to use/talk crypto or know it in your bones.To use/talk it, “Everyday Cryptography” is a nice/clean book that runs through what you need to know. A great combination of being light AND thorough (… ). Also the khan academy lectures give a nice run-though (… ).But the issue is that crypto references every topic so it is one field that really pushes the bounds of your knowledge. It’s very intimidating to read a paper and spend the next week on Wolfram. If you want to know it deeply, like go off the deep end in the style of the movie Pi:Be aware crypto is the most math-centric discipline of CS. You have an engineering degree so you should be okay with the all-important probability/statistics and (to a MUCH lesser degree) calculus aspects. But to get a deep appreciation for the topic some abstract algebra (groups, rings, etc.) and number theory should be almost required (Victor Shoup has a primer of both here:…, as well as a longer free reference book focusing on the math behind crypto here:… ).

  14. William Mougayar

    1. Read the chapters preview of Andreas Antonopolous upcoming book, Mastering Bitcoin (O’Reilly Press). He literally de-constructs how Bitcoin works.http://my.safaribooksonline…2. For something more exotic, The University of Nicosia in Cyprus has an MSc Degree in Digital Currency… and a MOOC on the same topic http://digitalcurrency.unic

  15. Scott

    I felt I was in the same situation ( rudimentary understanding, but wanted to know more ) so I took Dan Boneh’s (Stanford) Crypotgraphy I course on Coursera. Videos were nicely sized and I could watch them on plane flights. There were some assignments around basic code structures to do encryption/decryption etc.

  16. Sebastian Wain

    I think the RSA FAQ (click on the FTP link, the HTTP link does not work) is the fastest way to start. Then you can find this Q&A post on useful: Is Schneier’s “Applied Cryptography” current?. Personally I like the Schneier’s book because you can read it a different levels of complexity and it is very accessible. I also like the Handbook of Applied Cryptography but only used it for research purposes. For more avanced and current topics you would need to search for papers on Google Scholar.

  17. Clay Hebert

    I liked Steve Weis’ talk at Google from 2007, “Theory and Practice of Cryptography” –

  18. Aaron Klein

    Fred, you have a long and successful marriage. Obviously, you have long since decoded the secrets of cryptography.

    1. LE

      See now I would have guessed that that comment would have offended some people.

      1. Guest

        It seems lame and passe to me, rather than offensive. It demonstrates:1. a lack of understanding about interacting with women and2. any comprehension of cryptography, functionally or historically. I am saddened even more because Aaron got 8 up votes for it. You were the only kind soul to balk. Thank you, by the way, for balking.

        1. LE

          And it demonstrates a lack of understanding of having fulfilling interaction with womenBut if that is the case (and I have no idea if it is or not) then can you blame Aaron for making the comment? And hard to blame someone for a stereotype that was brainwashed into them as a child (not talking about this but other things). Or by their friends or siblings at an early age.I think Aaron was attempting to be funny. If he was attempting to be funny but he doesn’t have that experience personally (meaning his wife is not like that) that might be different.On the other hand people should be able to say what they want and then in that case things can be pointed out and others can learn from the experience (such as our interaction).If everyone is just all buttoned down and politically correct then nobody learns anything. There should always be a dialog.That said there is no question that there are men out there who will quickly throw any women into that “box” simply because they (the man that is ) are lazy and don’t want to take the time to hear and understand what the other side (woman) is saying. So they will just summarily chalk it up to a communication problem on the other side.

          1. Ellie Kesselman

            Of course he was attempting to be funny! Lots of people thought he was. Okay, it was a stereotype brainwashed into him as a child, probably grew up in the 1980’s. He learned that women are opaque, inscrutable, capricious, but he loves them anyway. Yes. I should behave more like that, would get along better socially.Wait, you were the one who commented on it in the first place, then rebuked me for blaming Aaron and trying to stifle his participation here. I don’t know…sigh. I’m sorry. I didn’t intend to make trouble.

          2. LE

            then rebuked meI didn’t rebuke you. Where did I rebuke you? I was being circumspect.Yes. I should behave more like that, would get along better socially.Maybe maybe not.Look if I want I can walk up to my uncle and say something nasty like “you look old and fat and ugly to me” but then I would have to take the consequences of that action. I used to tell my aunt that she looked like Elizabeth Taylor (back in the day that is) because it made her feel good. And she liked that. And gave me larger presents. (Well not really but I’m trying to prove a point here.)I can tell a customer that I think they are stupid and not getting my point or I can be nice and they will continue to pay me money. In other words I can do whatever I want as long as I am willing to take the consequences.

        2. Aaron Klein

          Oh for crying out loud.The differences in how two people in a marriage communicate are well observed and documented. Fortunately, I married way, way up and my wife puts up with my faults in those areas. But it feels like cryptography from time to time.And as for a lack of understanding of women, my immediate past boss who was female would probably beg to differ.

          1. Guest

            I’m sorry. I was wrong. I should know my place. Now I’m crying. Please forgive my insolence.

          2. Aaron Klein

            Ha!(That was me interpreting your reply as irony. Seems like we both enjoy making jokes.)

          3. Guest

            No. It isn’t irony. I’m a widow. I’ll never find a husband by offending nice Jewish men with my know-it-all attitude. I’m sorry for what I said earlier.

          4. LE

            I do not believe that Aaron is jewish actually.Not all jews are kleins. And not all kleins are jews.

          5. Ellie Kesselman

            Now I need to apologize for that too! Enough already! Please stop. @wmoug:disqus please, I’m begging you, delete all my comments in this thread? I feel so ashamed, embarrassed, foolish.

          6. Aaron Klein

            Ellie, can I give you some advice?Stop apologizing. You are welcome here. AVC is a fun community of great people.It’s probably best to think the best of those people and not assume that they are sexist, but it’s okay to state your opinion.The answer to getting something wrong isn’t to be embarrassed or upset. This is a friendly place. I’m glad you commented, even if I disagreed with your comment.

          7. Ellie Kesselman

            I have been visiting here since 2010. This is not friendliness. I am asking you nicely, politely, please stop. I’m sorry for what I said. Cryptography is exactly like marriage. I am ignorant. Okay? You win. I’m sorry for apologizing. You told me not to do that. Please stop. Please?

          8. Ellie Kesselman

            There is a high probability, though, that an “Aaron Klein” is Jewish. First and last names are not i.i.d. random variables, but even if they were, the intersection would increase the likelihood. Based on Aaron’s Disqus bio, I don’t know what his religion is.

        3. Matt A. Myers

          He didn’t mention the gender of Fred’s partner anywhere. What if Fred was gay and he was married to a man? How would you have reacted?

          1. Guest

            Fred’s “partner” is Gotham Girl, mother of his children. How would it make me feel? Oh, gee, let’s see. I have insulted Aaron for my parochial attitudes toward gay marriage too. Y’all are right. I’m provincial, prejudiced and ignorant. LEAVE ME ALONE. STOP IT. WHAT DO YOU WANT FROM ME ALREADY?@William Mougayar Help! Please? I’ll never come back here, I promise. I’m sorry. Please delete everything. Please?

          2. Matt A. Myers

            I know who Fred is married to, and the few interactions I’ve had with her were pleasant.I’m unsure why you’re responding the way you are. There is no intent of blame from me, nor do I believe from anyone else – just trying to understand or help clarify.You’re jumping to conclusions and “putting words into my mouth.” It’s quite impossible to continue conversation while someone is doing that. Do you realize that is what you’re doing?

          3. Ellie Kesselman

            Why did you ask me this then, “He didn’t mention the gender of Fred’s partner anywhere. What if Fred was gay and he was married to a man? How would you have reacted?” LEAVE ME ALONE. You asked me that. I did not put words in your mouth. Please, please stop. No more.

          4. Guest

            How dare you say it is impossible to continue conversing with me? I asked you to please, please stop. I don’t want to converse with you. I’ve had run in’s with you here before. Please, enough. Stop, please?

          5. Ellie Kesselman

            Fred is not gay. He is blessed with a good wife and 3 daughters. Need I link to where you asked me, He didn’t mention the gender of Fred’s partner anywhere. What if Fred was gay and he was married to a man? How would you have reacted? Then you profess your purported desire to help me understand, “I’m unsure why you’re responding the way you are. There is no intent of blame from me, nor do I believe from anyone else – just trying to understand or help clarify.” and accuse me of putting words in your mouth, “You’re jumping to conclusions and “putting words into my mouth.” It’s quite impossible to continue conversation while someone is doing that. Do you realize that is what you’re doing?” then directly ask me if I know that I am making it impossible for you to talk to me because of my behavior. Yes, oh wise Mark, I realize now the wrongness of my ways. It is all my fault. Satisfied yet?

          6. Matt A. Myers

            Take care. Hoping the best for you.

          7. Guest

            Please stop. Now.

      2. Aaron Klein

        If they were offended, they have zero sense of humor and are looking to be offended.It wasn’t a gender-specific comment; it was a funny remark on marriage and communication issues.

  19. jason wright

    Kryptos at the CIA is a fun way to get to grips with all things Kate Winslet and Saffron Burrows in Enigma.

  20. LE

    “and Blockhains.”

  21. PrometheeFeu

    Read Applied Cryptography to start with. The most important parts are the security protocols (read through each of them carefully and try to look for flaws, don’t just speed-read, that will teach you how to think about security the right way: what’s my threat model? Where are the flaws? Etc…) and the section on information theory. (Once you understand information theory in that context, a lot of the world makes much more sense. And as a bonus you can use it to solve riddles) Skip the math part (his treatment of it is frankly bad imo) and the algorithms parts. (Not up to date)The handbook of applied cryptography will take some serious math, so beware, but it’s also amazing.Finally, go read the paper titled “A Tutorial on Linear and Differential Cryptanalysis”Then listen to the other commenters.

  22. JLM

    .Good topic to bone up on . In the post-Snowden world, we will shortly be using iris, thumbprint ID to generate a one-time randomly generated access 30-second code (password) with a changing 4-digit alpha tag that has a one day life.Body parts provide access to random generation which marries to changing personal ID.Encryption will similarly be changed on the fly with more than one key on both ends changing during the message or site access so no single code key can be used to decipher a message.The metadata will be similarly scrambled with one part of the code key being held by a third party all the time.This is already being used by folks whose day jobs are part of the alphabet soup of government.Can’t wait. Or, so I am told.JLM.

    1. LE

      Good topic to bone up onMy personal opinion is that it’s a waste of time and there are better things to spend one’s time on. Maybe also a case where a little bit of knowledge can be dangerous.For the same amount of time a book about security and how hackers operate, as well as simply browsing the pages of “2600” might make more sense. To just know what is possible. Understand social engineering and what motivates a hacker. Good entertainment.Not to mention that keeping on top of this “security thing” is near a full time job. I wouldn’t even want to count the amount of hours I spend on it in one form or another. Not something you just read about one day and then you are set for the next five years.Ok, here is an analogy. Reminds me of women who think they can take a short self defense course and then be able to actually defend against an assailant. Big mistake. False sense of security that can get you into bigger trouble.

    2. David Semeria

      And then there are those texts that are unintelligible even after decryption 😉

  23. jason wright

    i read of hunters in Italy who use a whistling language to communicate with each other across the valleys they hunt it. cryptographers have been unable to crack it.

  24. Joel Monegro…I felt the same way yesterday. The link above was definitely not a bad start.

  25. Ankush Agarwal

    Crypto 101 : 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels. Comes with everything you need to understand complete systems such as SSL/TLS: block ciphers, stream ciphers, hash functions, message authentication codes, public key encryption, key agreement protocols, and signature algorithms.

  26. Paul Sanwald

    I’m a big fan of the “very short introduction” series:…Fred, have you read Neil Stephenson’s “Cryptonomicon”? I love this book. It’s a story, not a textbook or explanation of crypto stuff, but it has a lot of great technical detail in it and if you are into cryptography you will surely enjoy this book. I’ve read it twice.

  27. Pete Griffiths

    The tricky element of ‘boning up’ on Cryptography is the math required.

    1. Ellie Kesselman

      Very true, but Fred is sufficiently mathematics-inclined that it won’t be an obstacle. I know that to be true because he has at least one degree in mechanical engineering, where math rules. In fact, I was wondering if user aVC was Fred, see How to get an ellipse whose border is made of smaller arcs in iOS graphics? on StackOverflow (Fred likes mobile phones!) and Who’s Fred W?.

      1. Pete Griffiths

        Engineering is indeed a good math background. But some of the math in crypto is pretty unfamiliar and heinous. 🙂

  28. Alex Meyer

    (Bitcoin related*) Here’s a great reading list put together on github. Hardly have gotten through it all but so far seems to be pretty helpful to me:

  29. JamesHRH

    Plumbing alert!

  30. cmackge

    I get the big picture, and read Bruce Schneier (… whenever I get a chance. His feed is right under yours in my reader……..

  31. Ian Fellows

    It depends upon what level of depth of understanding you wish to attain, but the first thing to recognize is that cryptography is a mathematical field not a coding exercise. Before you can understand how to implement the algorithms (which is a coding exercise), you’ll need to understand the mathematics behind them.

  32. sigmaalgebra

    Get an elementary book on number theory and read Fermat’s little theorem. Then read, say,.Bruce Schneier, ‘Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C’, ISBN 0-471-11709-9, John Wiley and Sons, New York, 1996.

  33. Will Koffel

    For something that’s definitely technical, but laid out such that simple concepts build up to a full understanding of modern crypto systems, check out the pre-release of Crypto101

  34. Bob Labarre

    Fred, you should read some basic prime number theory by the math genius Terence Tao @ UCLA. It is also available on Coursera. Fascinating stuff, and covers the number theory behind encryption. Some of the the largest prime numbers, a million digits long, may soon be factorable by quantum computing- and this could lead to an ‘arms race’ to provide even more vast levels of secruity. The ‘classic’ asymmertic key cipher problem, the Diffie Hellman key exchange, was constructed at MIT in the 1970s, I think.

  35. vruz

    Intro to crypto (free PDF download)…Then maybe Bruce Schneier’s “Applied Cryptography”…

    1. Jeffrey Hartmann

      I will have to second Schneier’s book, I learned a ton from that book, it is really worth the effort to go through. Its been many years (I read it in 98 I think), and there is some date to the material but it really gives a very good foundation.

      1. vruz

        It’s been updated since then, but Schneier’s website doesn’t say how exactly or how recent are the updates.Like anything on the internets, one month ago is an eternity…

  36. Russell

    I’ve been listening to the audio version of this CS50 course, jointly offered on the MIT/Harvard EdX. It has an intro to cryptography as well as a lot of other cool stuff. Certainly one of the better lecturers, and I’m considering taking it for the certificate.

  37. Ron Williams

    To round off your education make sure to read Neal Stephenson’s Cryptonomicon… good view of possibilities and history in an enjoyable fiction work.

  38. Brian Spector

    Fred, you need to start a dialog with CertiVox’s Chief Cryptographer, Dr. Michael Scott. Before he became CC at CertiVox he was the head of the computer science school at Dublin City University, where he had the thankless task of teaching undergrads all about crypto. He has an incredible ability to take this complex subject and make it interesting and informative. I also think you should expand your education to include identity based encryption, and specifically bilinear pairing crypto, which is where all the innovation is happening. Mike at certivox dot com.

  39. PsySciGuy

    Cut through the clutter and contact 3 Sigma Research, Inc. A DOD SBIR contractor teaches a seminar via Skype on cryptography, software security, and network security 2 days but custom versions (think free) available. psysciguy at mekk dot biz

  40. BillMcNeely

    In 1997 when I decided to leave the Navy but I still had to test to see what my re enlistment options were.My test showed I qualified for the Cryptologic Technician jobs which meant a 2 paygrade promotion and a $20-40K re enlistment bonus.I ultimately continued on with my plans to go to college but that left an impression that it was an important skill. I read a few book on cryptology over the next couple of years.One of them was Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age by Steven Levy it’s a bit aged now but he writes good stuff. It may give you good historical context.

  41. Ellie Kesselman

    Fred, don’t start with any MOOCs! Ask someone who knows the field, preferably by experience and education. Emphasis on experience, foremost! Go from there.Schneier’s blog is good. For more diffuse though business relevant blogs, try hackingdistributed, Emin Gun Sirer’s blog (Cornell) and Steve Bellovin’s blog (Columbia). Both are very readable, not too technical. If you have specific questions, ask Security Stack Exchange.

  42. Luis D Arbulu

    there’s a great Coursera / Stanford class on Cryptography that just started last week:…I’ve taken it before and I can highly recommend it. it flows super easy

  43. Abdallah Al-Hakim

    A couple of our engineers at influitive gave us a private talk about cryptography and how it works. You may find the slides useful. I can send them to you it put them on slideshare and share the link. Let me know.

  44. Nilesh Trivedi

    Before you jump onto Public Key Infrastructure based Crypto, it would be a good idea to learn about the basics and how Cryptography is actually applied to solve privacy and security issues in communication. I learned about it from Bruce Schneier and his book ‘Applied Cryptography’ and then implemented few of those on applications. That book is still something I refer to to gloss over the mechanics.

  45. Emily Merkle

    A relative of mine is regarded as one of the inventors of public key cryptography.Ralph Merkle.He’s a pretty interesting guy. is also kind enough to host my email, though we have never met.

    1. BillMcNeely

      LOL. A bit understated 🙂

      1. Guest

        Heh. We missed eachother at Georgia Tech by two years. I come from interesting stock. Not all as distinguished as Ralph, but a fair band of characters nonetheless.

      2. Emily Merkle

        Whoops. Replied then decided not to. Sorry 🙂

  46. anshublog

    Bob told Alice that she should start by reading about public keys (PKI). Alice told Bob that he should read about shared secrets. Bob and Alice…