Chapter 2 Further Reading

Chapter 2 Further Reading

Foundational Textbooks

Jonathan Katz and Yehuda Lindell, Introduction to Modern Cryptography (3rd edition, CRC Press, 2020) The gold standard for a rigorous yet accessible introduction to cryptography. Covers hash functions, digital signatures, and public-key cryptography with formal security definitions and proofs. Chapter 5 (hash functions) and Chapter 13 (digital signatures) are directly relevant to this chapter. Suitable for readers with some mathematical maturity.

Christof Paar and Jan Pelzl, Understanding Cryptography (2nd edition, Springer, 2024) More applied than Katz-Lindell, with a focus on implementation and real-world protocols. Excellent chapters on elliptic curve cryptography and digital signature schemes. The companion website includes lecture videos for every chapter. Ideal for readers who prefer a more practical orientation.

Bruce Schneier, Applied Cryptography (2nd edition, Wiley, 1996) The classic reference for cryptographic algorithms and protocols. While dated in some areas (published before ECC was widespread), the explanations of hash functions, the mathematical foundations, and the security analysis remain valuable. Best used as a reference alongside a more modern text.

SHA-256 and Hash Functions

NIST FIPS 180-4, "Secure Hash Standard (SHS)" The official specification for SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. Available free from NIST at https://csrc.nist.gov/publications/detail/fips/180/4/final. If you want to understand exactly how SHA-256 works at the bit level — every padding step, every round, every constant — this is the definitive source.

Marc Stevens et al., "The First Collision for Full SHA-1" (2017) The SHAttered paper, documenting the first practical collision attack on SHA-1. Available at https://shattered.io. An important case study in how collision resistance can be broken while preimage resistance remains intact, and why SHA-256 replaced SHA-1 in security-critical applications.

Guido Bertoni et al., "The Keccak Reference" (2011) The specification for SHA-3 (Keccak), the latest member of the SHA family. SHA-3 uses a fundamentally different construction (sponge function) than SHA-256 (Merkle-Damgard). Understanding both designs deepens your understanding of hash function security.

Elliptic Curve Cryptography

Andrea Corbellini, "Elliptic Curve Cryptography: A Gentle Introduction" (blog series) Available at https://andrea.corbellini.name/2015/05/17/elliptic-curve-cryptography-a-gentle-introduction/. A four-part series that builds ECC from the ground up with excellent visualizations. Covers point addition, scalar multiplication, ECDH, and ECDSA. The best free introduction to ECC for readers without an abstract algebra background.

Daniel R.L. Brown, "SEC 2: Recommended Elliptic Curve Domain Parameters" (Certicom, 2010) The specification defining secp256k1 and other curves. Available at https://www.secg.org/sec2-v2.pdf. Essential reference for understanding the specific parameters Bitcoin and Ethereum use.

D.J. Bernstein and Tanja Lange, "SafeCurves: Choosing Safe Curves for Elliptic-Curve Cryptography" Available at https://safecurves.cr.yp.to. A critical evaluation of various elliptic curves against security criteria. Relevant to Exercise 2.16 and the broader question of why different systems choose different curves.

Digital Signatures

Thomas Pornin, RFC 6979: "Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)" (2013) The specification for deterministic nonce generation in ECDSA, directly motivated by the Android vulnerability discussed in Case Study 1. Available at https://tools.ietf.org/html/rfc6979. Essential reading for anyone implementing digital signatures.

Don Johnson, Alfred Menezes, and Scott Vanstone, "The Elliptic Curve Digital Signature Algorithm (ECDSA)" (International Journal of Information Security, 2001) The original academic paper describing ECDSA in detail, including the mathematical proofs of correctness. Available through academic databases. More rigorous than the SEC specification, with detailed security analysis.

Merkle Trees

Ralph C. Merkle, "A Digital Signature Based on a Conventional Encryption Function" (CRYPTO 1987) Merkle's original paper introducing the Merkle tree (called a "hash tree" or "authentication tree" in the paper). Remarkably readable and demonstrates how far-reaching the concept has become from its origin in digital signature schemes.

Ben Laurie, Adam Langley, and Emilia Kasper, RFC 6962: "Certificate Transparency" (2013) The specification for the Certificate Transparency system discussed in Case Study 2. Available at https://tools.ietf.org/html/rfc6962. Shows how Merkle trees are used at scale for a non-blockchain application.

Post-Quantum Cryptography

NIST Post-Quantum Cryptography Standardization Project Available at https://csrc.nist.gov/projects/post-quantum-cryptography. The primary source for the ongoing standardization of post-quantum cryptographic algorithms. The ML-DSA (Dilithium), SLH-DSA (SPHINCS+), and FN-DSA (FALCON) standards are published here.

Daniel J. Bernstein and Tanja Lange, "Post-Quantum Cryptography" (Nature, 2017) A high-level overview of the quantum threat to current cryptography and the main families of post-quantum algorithms. Accessible to a general technical audience.

Bitcoin-Specific Cryptography

Satoshi Nakamoto, "Bitcoin: A Peer-to-Peer Electronic Cash System" (2008) The Bitcoin whitepaper. Available at https://bitcoin.org/bitcoin.pdf. Sections 2 (Transactions), 7 (Reclaiming Disk Space, which introduces Merkle trees in Bitcoin), and 8 (Simplified Payment Verification) are directly relevant to this chapter.

Andreas M. Antonopoulos, Mastering Bitcoin (3rd edition, O'Reilly, 2023) Chapter 4 (Keys, Addresses) and Chapter 9 (The Blockchain) provide practical, implementation-focused coverage of the cryptographic primitives discussed in this chapter, with Bitcoin-specific details.

Online Resources

Blockchain Demo (https://andersbrownworth.com/blockchain/) — Anders Brownworth's interactive visualization of hashing, blocks, and blockchain. Excellent for building intuition.
Bitcoin Wiki: Secp256k1 (https://en.bitcoin.it/wiki/Secp256k1) — Detailed technical page on the elliptic curve used by Bitcoin.
Bitcoin Wiki: Elliptic Curve Digital Signature Algorithm (https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm) — Bitcoin-specific ECDSA documentation.
Crypto 101 (https://www.crypto101.io/) — A free introductory book on cryptography, with practical Python examples.