Open main menu

Wikipedia β

Wikipedia talk:WikiProject Cryptography

WikiProject Cryptography / Computer science  (Rated Project-class)
WikiProject icon This page is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
 Project  This page does not require a rating on the quality scale.
Taskforce icon
This page is supported by WikiProject Computer science.

Elliptic curve Diffie–HellmanEdit

I've just moved Elliptic Curve Diffie-Hellman (with the incorrectly capitalized "C" and the hyphen where an endash should be) to Elliptic curve Diffie–Hellman. I've fixed the double redirects. Could others help fix the other redirects?

How did so many links get made to such a conspicuously incorrect title? Do people who work on cryptography articles generally disregard Wikipedia's conventions—even simple and basic ones like these? Michael Hardy (talk) 14:06, 23 October 2009 (UTC)

....and now I've spent a lot of time moving incorrectly titled cryptography articles. And fixing section headings in which Every Word Began With A Capital Letter. And fixing the resulting double redirects and bypassing some of the unprintable redirects to incorrect titles. The vast number of such links and the partial cleanups I've done in the past half-hour make it clear that civilized people will have to send missionaries to this WikiProject to inform its participants that WP:MOS and WP:MOSMATH and the like exist. Michael Hardy (talk) 14:25, 23 October 2009 (UTC)
....sigh....... I guess the fact that this WikiProject hardly exists won't make this easier either. Michael Hardy (talk) 14:26, 23 October 2009 (UTC)
+100 points for doing wiki cleanup. -100 points for pompously lecturing no-one in particular over picayune violations of the manual of style. You may find your exhortations more effective if you refrain from treating fellow editors as wayward children. — Matt Crypto 17:49, 23 October 2009 (UTC)
Part of that was directed at me it appears. Thank you Michael for making these changes and for your comments, I'll try to keep them in mind in the future. Cheers. Skippydo (talk) 02:55, 24 October 2009 (UTC)
Michael Hardy: Oh the rantings of the very young. :))
The convention to use endashes in article titles is brand new, up until recently Wikipedia used hyphens in article names. Most of these crypto articles were created years ago. And most of them use the naming that is established practice in the crypto literature.
That these articles are old is a good thing, we crypto editors were working hard and made many articles early in the history of Wikipedia. And this WikiProject was early on one of the bigger and more active projects. This project has become somewhat sleepy since it is hard to find more subjects to write about in cryptography, we already cover the area so well. Just doing maintenance and reverting edits by less knowledgeable editors is no fun in the long run, so many of our editors have gone to greener pastures.
Oh, and cryptography is not the same thing as math, all though maths people tend to believe so. Which usually becomes very funny (or very sad if you will) when maths people try to build "secure" systems...
--David Göthberg (talk) 05:08, 9 January 2010 (UTC)
Oh, the naivety of the romantics :)... Hard to find more subjects? Kidding me? Wikipedia is missing essentially everything that relates to more advanced cryptography, and all the "harder" articles that exist are poor stubs or start classes. And btw, cryptography is not at a stand-still, there are new important areas being created on and on. And cryptography is not math? Maybe up to the 19th century in the classical area, but nowadays real crypto is just maths and only maths. Only symmetric-key crypto has remained some of the art that classical crypto had but all its secure design approaches are based on mathematics as well. Just saying. Nageh (talk) 11:41, 16 April 2012 (UTC)

Data encryption standard FAREdit

I have nominated Data Encryption Standard for a featured article review here. Please join the discussion on whether this article meets featured article criteria. Articles are typically reviewed for two weeks. If substantial concerns are not addressed during the review period, the article will be moved to the Featured Article Removal Candidates list for a further period, where editors may declare "Keep" or "Remove" the article's featured status. The instructions for the review process are here. Tom B (talk) 22:08, 4 November 2009 (UTC)

NSA Encryption SystemsEdit

The NSA Encryption Systems page has red/black reversed, at least according to the Red/Black Concepts page. Red is supposed to mean unencrypted and black means encrypted. Think Red means Danger and Black is like Men In Black :) —Preceding unsigned comment added by (talk) 21:52, 13 December 2009 (UTC)

  Fixed. NSA encryption systems and red/black concept now both agree that plaintext is red, encrypted ciphertext is black. --DavidCary (talk) 04:15, 5 February 2015 (UTC)


I feel the title is not the best one for this book (although I'm not entirely sure what exactly the book is about). Could someone give it a look? Headbomb {ταλκκοντριβς – WP Physics} 21:56, 8 January 2010 (UTC)

Haha, you've come to the right place. I took a look. Well, there are encryption, decryption, hashing, MACing, signing, cryptanalysis and many other related concepts and methods. They all are "cryptography", and that is why this is WikiProject Cryptography. So I suggest that book should be renamed to "Book:Cryptography".
--David Göthberg (talk) 04:36, 9 January 2010 (UTC)
What I'm saying is that book seems to be focused on a subsection of cryptography. So if it's renamed Book:Cryptography, it should probably be expanded. If not, then it should probably be renamed to something more focused (like Book:DVD encryption algorithms, or whatever makes sense). Headbomb {ταλκκοντριβς – WP Physics} 05:11, 9 January 2010 (UTC)
It's not much of a book, since it only has four articles. But anyway: Two of those articles are about hashing so just calling it "encryption algorithms" wouldn't work that well, and it has no article specific to DVD encryption so I don't know why you suggest using "DVD" in the title. But yeah, since it is a very basic collection of articles, then using the generic name "Book:Cryptography" would be bad, since that would block that name for better collections. How about calling it "Book:Crypto introduction". Of course, if it were a real introduction it should contain the Cryptography article. But shouldn't you ask the user that created that book to choose the new name?
--David Göthberg (talk) 07:09, 9 January 2010 (UTC)
The user is inactive (last thing he did was create the book). My suggestion was an example of a more speciffic name, I know nothing of encryption (hence why I said "or whatever makes sense"). There's the 'Standard 4' subtitle, do you know what that refers to? Headbomb {ταλκκοντριβς – WP Physics} 08:09, 9 January 2010 (UTC)
The "Standard 4" subtitle almost certainly refers to the four articles in that book. Three of them are very much the three basic areas in cryptography. While the article Hash function is not, it's just an introduction that might be good to read before Cryptographic hash function.
--David Göthberg (talk) 08:50, 9 January 2010 (UTC)
What I mean is if I walk in a cryptography conference and say "the standard four", will people ask "What standard four?" or would they know I'm talking about these four topics? If they would know, then Book:Cryptography: The Standard Four is a good title. If they don't, then it's a bad title. Headbomb {ταλκκοντριβς – WP Physics} 17:11, 9 January 2010 (UTC)
No, they wouldn't know what you meant with that expression.
--David Göthberg (talk) 08:22, 12 January 2010 (UTC)

Table of costs of operations in elliptic curvesEdit

This article has been proposed for deletion. It may be easy to save. If you are knowledgeable in the field please have a look. -Arb. (talk) 12:49, 3 February 2010 (UTC)

It's no longer prodded. It does need some referencing. There is clearly relevant literature out there - didn't take me long to find some - so if some expert can track down where this data has been gathered from, it would be a great help. Charles Matthews (talk) 19:10, 4 February 2010 (UTC)


I have nominated OpenBSD for a featured article review here. Please join the discussion on whether this article meets featured article criteria. Articles are typically reviewed for two weeks. If substantial concerns are not addressed during the review period, the article will be moved to the Featured Article Removal Candidates list for a further period, where editors may declare "Keep" or "Remove" the article's featured status. The instructions for the review process are here.YellowMonkey (vote in the Southern Stars and White Ferns supermodel photo poll) 03:57, 26 March 2010 (UTC)

Split SHA hash functions to SHA-1 and SHA-2Edit

I started a discussion about splitting the current SHA hash functions article in two, at Talk:SHA hash functions#SHA-1 and SHA-2 split. Anyone's input is welcome! -- intgr [talk] 19:27, 31 March 2010 (UTC)

Missing cryptography topicsEdit

Can anybody have a look at this list of missing cryptography topics - Skysmith (talk) 12:12, 8 April 2010 (UTC)

Weak security categoriesEdit

WP should have a couple categories to identify weak and broken crypto. I think articles such as WEP, Crypt_(Unix), md5, Enigma and Cryptoloop should be in something like Category:Broken cryptography for algorithms and software that have serious design or implementation flaws (not of the rubber-hose cryptanalysis type). I think articles such as Adobe Flash, and Little Snitch should be in something like Category:Insecurely distributed software for software distributed only via insecure methods, such as over ftp or http, without PKI-based signatures or securely distributed secure checksums, or without tamper-resistant retail packaging. (The related Category:Securely distributed software is probably also appropriate, e.g. for software like LastPass and the Linux Kernel; the latter get credit for defense in depth; the stuff is served over https, and is PGP-signed.) Thought I'd post here for any feedback before getting started on making it so; we could mention this at Wikipedia talk:Categorization. Notes: These would NOT be for indicating software with remedied or un- remedied exploits. Besides, those are too transient to be practical (unless the flaws go uncorrected for a long time), or too unimportant to be encyclopedic. (Categories need parents; will need to take care of that.... Oh, Category:Broken cryptography algorithms ∃. ) --Elvey (talk) 04:27, 23 October 2010 (UTC)

I have a question. Would articles placed in either Category:Broken cryptography or Category:Insecurely distributed software unequivocally belong in those categories? I.e. would there be reliable sources that presented unambiguous conditions for labeling a piece of software as one or the other? Also, if this requirement is met I would expect to find these matters discussed in sections of some of our existing categories or even in dedicated articles. __meco (talk) 07:57, 25 October 2010 (UTC)
I'm also concerned about verifiability. It's hard to track category usage (you can't watch a category for added articles), so people will slap them on articles based on personal belief, not verifiable sources. There's also no way to add a citation for a category.
Also note that these days, almost everyone recognizes "crypt (Unix)" to be the shadow password hashing technique, which is still secure today. The "crypt" encryption command was never present on modern unices. So the article should be split first, but I'm not sure that the encryption program can even pass notability. -- intgr [talk] 08:31, 25 October 2010 (UTC)
I don't know that it's a useful idea. We already have Category:Broken block ciphers, and any published certificational weakness is enough to put an algorithm there. Ntsimp (talk) 14:55, 25 October 2010 (UTC)

Thanks for the comments. I see that WEP and md5 are appropriately categorized now. Certainly, membership in Category:Securely distributed software is readily verifiable; the source is considered reliable for such info, as a company is considered a reliable source for its financials and such. Membership in Category:Insecurely distributed software often can't be firmly established; I'll search further to see if I can find an RS I haven't heard of. I disagree; crypt is several things, it's common to have it refer to any of an insecure encryption system, an insecure password hashing system, a secure encryption system, or a secure password hashing system.
What you are suggesting seems too close to WP:original research. Looking at how a product is distributed and concluding the method is insecure would be an improper synthesis. In general, using category assignments to make editorial comments is bad for a number of reasons.--agr (talk) 21:47, 16 April 2012 (UTC)

Fix SHA-2 pageEdit

[Discussion moved to Talk:SHA-2 -- intgr [talk] 17:28, 6 January 2011 (UTC)]


Cryptography FAREdit

I have nominated Cryptography for a featured article review here. Please join the discussion on whether this article meets featured article criteria. Articles are typically reviewed for two weeks. If substantial concerns are not addressed during the review period, the article will be moved to the Featured Article Removal Candidates list for a further period, where editors may declare "Keep" or "Delist" the article's featured status. The instructions for the review process are here.Smallman12q (talk) 14:15, 27 January 2011 (UTC)

U.S. Lifted Export Restrictions.Edit

Ricky McCormick murder notesEdit

I have started an article on the Ricky McCormick murder notes for which the FBI just asked for public help in decoding. --agr (talk) 22:45, 29 March 2011 (UTC)

CopyVio suspectEdit

There's a CopyVio discussion [[1]] about a steganalysis diagram. Interested users may consider reading the nomination page and the related article Blackvisionit (talk) 18:54, 15 July 2011 (UTC)

Secret Key Generation Via Wireless Channel CharacterizationEdit

Could use some more eyes on it. I know very little about this field but at a glance this looks like it may include WP:OR. Beeblebrox (talk) 17:02, 21 August 2011 (UTC)

Making binary human-readable/pronounceable for cryptographic, similar purposesEdit

Hi. In the course of considering the Bubble Babble article, we/I came to the realization that it might be useful to merge it and some other articles on algorithms into one article on transforming binary into something human-readable/pronounceable, either via generating pseudowords/logatomes (like Bubble Babble) or into series of actual words (like the PGP word list, Diceware, and S/KEY). Any thoughts? What other algorithms exist and should be in such an article? What's the proper name for such an article? Thanks very much! Allens (talk) 01:02, 1 November 2011 (UTC)

There is an article Human-readable medium which seems to fit this. I think the secondary name in the article Human-readable format is better. I'd say Base64 and hexadecimal fit this, but that's arguable as it would still be cryptic to most people. Maybe include these towards one end of a spectrum. --Flexdream (talk) 18:50, 8 March 2012 (UTC)
I agree with Allens that it would be useful to have a general overview article to cover all algorithms that convert binary bits (perhaps a computer-generated public key) into something that is relatively easy for a human to read over the phone.
However, I think that several of these algorithms are independently notable enough to have their own independent article.
I personally think of the PGP word list as a kind of spelling alphabet that has one word for each of the 256 octets.
At the moment, I think binary-to-text encoding is the closest thing we have so far to such a general overview article. I added S/Key to that article.
Perhaps we could continue adding such things to the "binary-to-text encoding" article until we come to a better understanding of the full spectrum of possibilities as mentioned by Flexdream, and perhaps when it comes time to WP: SPLIT out the "readable-over-the-phone" algorithms, it will then be easier to select a proper name for that article, rather than come up with that name ahead of time. --DavidCary (talk) 08:50, 20 December 2015 (UTC)

Template:WikiProject Cryptography and assessmentsEdit

Any particular reason why Template:WikiProject Cryptography does not support assessments? --Piotr Konieczny aka Prokonsul Piotrus| talk to me 02:53, 9 February 2012 (UTC)

No, I think the template was just never updated when assessment grades were introduced. Can you do that? It would be great if the template could be extended to support assessments, I just never got to check what needs to be done to support it. Nageh (talk) 17:08, 9 February 2012 (UTC)
I cannot, but if you ask on WP:VPT, I am sure somebody will help you out. --Piotr Konieczny aka Prokonsul Piotrus| talk to me 22:29, 9 February 2012 (UTC)
I added support for quality and importance assessment. If I did not mess something up this should be working alright now. These are the quality and importance categories on all articles tagged with a crypto banner. Lots of work ahead to categorize them. Nageh (talk) 20:57, 20 March 2012 (UTC)

Random functionEdit

Please consider article random function. Presently it contains cryptography-based stuff, that seems very unclear and uncited. It seems to be using the term in a way that partly conflicts with what would be wanted for a more general article in the context of probability theory or statistics. A question is whether what is in the article does actually reflect usage in cryptography and whether it would be better dealt with under someother establisahed terminology. But a clean-up to raise the article from stub status would be good in any case. Melcombe (talk) 17:12, 28 February 2012 (UTC)

Essentially, the definition is in the first two to three sentences, and this is independent of any crypto stuff. The concept of random functions is quite important in provable cryptography, so this is quite relevant to the article. In its current state, it is really weak, though. I will see when I get to work on it. Nageh (talk) 21:58, 28 February 2012 (UTC)
Thanks. I suppose I was most concerned with the "finite set of functions" mentioned as possibilities early on, which is limiting. Melcombe (talk) 23:37, 28 February 2012 (UTC)
Well, right. Cryptography is only concerned with discrete random variables, and I cannot think of a practical case where the sample space for random functions would be infinite (usually, they are selected uniformly at random). Maybe you can add a formal, general definition of a random function? I can then work on its application in cryptography. Btw, what is the purpose of the hatnote you added? It doesn't seem to me that anyone looking up "Random function" would really be looking for "Random number generation". Nageh (talk) 02:04, 29 February 2012 (UTC)
I did a quick Google on "random function" and essentially all of at least the first few pages returned items about subroutines (usually implemented in the form of "functions") for generating random numbers. Hence it seemed that this might be a common term for someone starting from computer programming. Melcombe (talk) 11:15, 29 February 2012 (UTC)
Hm, I didn't think of that. Makes sense. Nageh (talk) 12:15, 29 February 2012 (UTC)
I have now expanded the content for more generality, and added projerct banners on the talk page. Feel free to change anything. Melcombe (talk) 12:17, 29 February 2012 (UTC)
Thanks! Nageh (talk) 12:59, 29 February 2012 (UTC)

When is a cryptographic algorithm notable?Edit

Let's see how alive this WikiProject is. I am currently going through a list of cryptography articles in my attempt to rate them with quality and importance asssessments. What I have found is that there are a few articles on cryptographic algorithms whose notability is highly questionable. As an example, here are three block cipher algorithms that all seem to be based on the same principle and which seem to be based on two main authors, Nikolay Moldovyan and Alexander Moldovyan: Cobra ciphers, CIKS-1, and Spectr-H64. The basic principle of the algorithms is that of "data-dependent permutations", which is based on the more general principle of data-dependent operations (e.g., rotations, key scheduling, etc.), which really isn't that new. The concept is suggested to develop faster ciphers.

The problem now is threefold:

  1. For each of above algorithm, there seem to be just three independent papers, each of which shows that the design is insecureless secure than claimed. There seems to be no further indication for notability. In particular, it is missing the significant coverage by reliable independent sources as expected per our notability guideline.
  2. The concept of data-dependent permutations is just a specific case of data-dependent operations, which are nothing new in cryptography or block cipher design, either. In particular, data-dependent rotations have been used in the RC5 cipher, and key-dependent mixing functions are used in several existing ciphers. There seems to be no indication that the specific concept of "data-dependent permutations" in block ciphers is notable in the sense that it warrants its own article (if it were, the simple solution would be to merge the material into an article on that concept).
  3. New suggested cryptographic algorithms are like a dime a dozen (and the WikiProject's template on block ciphers is somewhat a testimony to this). Most of them quickly fall into oblivion either for being superseded by better designs building on the suggestion or for being shown insecure.

So the question is: Does a publication in a journal automatically warrant notability? (My opinion: Getting something published is not a high barrier, and this alone is certainly insufficient.) Does the existence of a few papers by independent authors, showing that the design is insecure, warrant notability? (My opinion: If the fact that a design was insecure were so surprising then it certainly would be discussed more widely. Otherwise, it is not enough to indicate notability.) And does the existence of better designs, which refer to the original design, justify inclusion on Wikipedia? (My opinion: If the original design was truly "original" it would be highly cited, thus proving notability. Otherwise, it may warrant a mention in a more general Wikipedia article, but not as a stand-alone article.)

I'd be interested in your thoughts on this. If I don't get any response, I'll bring the three articles to AfD. Cheers, and many thanks, Nageh (talk) 17:52, 12 April 2012 (UTC)

If the total contribution to scholarship with regard to some piece of cryptography is simply a proposal followed by a total break, it is very likely that the topic is not notable. Skippydo (talk) 18:33, 12 April 2012 (UTC)
Yeah, sure. The algorithms are not completely broken, but they are clearly flawed (i.e., immediately shown less secure than claimed) as outlined by the independent papers. That doesn't seem to be any indication for notability to me, though. Nageh (talk) 18:58, 12 April 2012 (UTC)
"Does a publication in a journal automatically warrant notability?" No, pre-publication peer review is too weak to establish notability, you need independent citations to establish notability. "Does the existence of a few papers by independent authors, showing that the design is insecure, warrant notability?" No, this merely indicates the contributions failed post-publication peer review. I assume this to be a common phenomena in the field of cryptography. The obvious exception would be if the contribution becomes a text book example of how not to design a cryptographic algorithm or protocol. "And does the existence of better designs, which refer to the original design, justify inclusion on Wikipedia?" This would depend on the exact amount of independent references, I guess. —Ruud 19:10, 12 April 2012 (UTC)
Thanks. I think we are in agreement. Nageh (talk) 19:34, 12 April 2012 (UTC)
I'm surprised at the notion that "three independent papers each" doesn't constitute significant coverage by reliable independent sources. We're not talking about DES here, but notability is all about the sources, and there they are. So what if the papers are breaks of the ciphers? That's still significant coverage. Few ciphers are as notable as the totally-broken FEAL. It seems like you're saying that only groundbreaking new cryptographic ideas that stand the test of time warrant Wikipedia articles. That's a much stricter standard than notability, and I don't support it. But I will defer to whatever consensus develops. Ntsimp (talk) 20:47, 12 April 2012 (UTC)
No, that's absolutely not what I am saying. Have a look at Category:Block ciphers. There are 107 ciphers listed, and most of them satisfy the "significant coverage" requirement of WP:N. The three ciphers discussed here do not. I think it should be obvious that publishing a cryptographic algorithm only to have it broken by other researchers, without any other coverage of the algorithm, does not count as being notable. If you think that is a criteria for inclusion, have a look at this list of pairing-based cryptography algorithms, as an example. An argument could be made that each of these cryptographic algorithms should have an article on Wikipedia, simply because it is being listed there. However, in the case of the three ciphers discussed, absolutely no other secondary coverage could be found. Assume further that in addition to this list of algorithms there have been many more proposals published in journals that have quickly been either shown insecure (by other researchers) or been superseded by better solutions (by other researchers) – without any other secondary coverage, do you think this alone warrants sufficient notability for inclusion on Wikipedia? My answer is a strong and capitalized NO. From WP:NOT: "[Wikipedia is not] a scientific journal." And I'm pretty inclusionist in this regard. To the best of my knowledge, and I really did try hard studying both the primary papers and secondary literature on these algorithms for indication of sufficient notability, but I don't see them as being suitable for inclusion. Nonetheless, a sincere thank you for your feedback! Nageh (talk) 21:13, 12 April 2012 (UTC)
PS: I checked the citation indices of the relevant papers. It appears that after subtracting self-references, then apart from references by two (not three, actually) independent author teams describing attacks on the system there is only ONE reference left by other independent authors to a single paper, namely a reference to "A cipher based on data-dependent permutations" (2002) from the paper "ARMADILLO: a Multi-Purpose Cryptographic Primitive Dedicated to Hardware". Notability looks different, if you're asking me. Nageh (talk) 21:33, 12 April 2012 (UTC)

Ok, I have found where these articles could be redirected to. An article on lightweight cryptography. Unfortunately, it has to be created first. :/ Nageh (talk) 20:04, 13 April 2012 (UTC)

Article alertsEdit

FYI, I have set up Article alerts for this WikiProject. Any articles whose talk pages are tagged with the {{WikiProject Cryptography}} template and requiring maintenance action (WP:AfD, WP:PROD, WP:RfC, WP:FAC, etc.) will be listed at Wikipedia:WikiProject Cryptography/Article alerts in the future. Nageh (talk) 17:16, 14 April 2012 (UTC)

Phone hackingEdit

Article is an epic fail in terms of its description of the crypto issues around weak PINs. My edits have been reverted, and I don't have the time at the moment to address this, so flagging for attention here. (e.g. the predicable PINs that allowed voicemail services to be "hacked" have nothing to do with any defaults configured on handsets) Socrates2008 (Talk) 08:52, 25 July 2012 (UTC)

Rationale for including functions in the hash function templateEdit

What is the rationale for including hash functions in the template?

Functions like FSB, ECOH, and SWIFFT were SHA-3 candidates but not very signicant ones; they did not pass to the second round. Why are they listed here when most second round candidates are not?

Same question for the list here: List_of_hash_functions#Cryptographic_hash_functions. That list also include Spectral Hash, a completely broken SHA-3 candidate.

On a related note, many second round candidates do not have a Wikipedia page, even though they are much more significant than Spectral Hash...

Ni fr (talk) 12:57, 18 April 2013 (UTC)

I don't think there is a "rationale", someone probably just added those hashes to the template without much thought. It certainly shouldn't try to list every cryptographic hash under the sun. Be bold and remove them.
As for the list article, I think it makes sense to include every hash function we have an article about. Whether Spectral Hash warrants an article is another question -- probably not per notability (there are no secondary sources).
The solution certainly isn't creating more articles of questionable notability. -- intgr [talk] 18:01, 18 April 2013 (UTC)

New PagesEdit

New pages added for Hut 3 & Hut 4; they were redirects to Bletchley Park. Any other "Hut" articles warranted? Hugo999 (talk) 11:34, 25 April 2013 (UTC)

Quick question about ARIA cipherEdit

Please answer at Talk:ARIA (cipher) if you know if the name stands for something or not. Ego White Tray (talk) 12:28, 25 April 2013 (UTC)

RfC concerning the Lavabit email serviceEdit

There is a request for comments (RfC) that may be of interest. The RfC is at

Talk:Lavabit#RfC: Should information about Lavabit complying with previous search warrants be included?

At issue is whether we should delete or keep the following text in the Lavabit article:

Before the Snowden incident, Lavabit had complied with previous search warrants. For example, on June 10, 2013, a search warrant was executed against Lavabit user for alleged possession of child pornography.

Your input on this question would be very much welcome. --Guy Macon (talk) 05:07, 29 August 2013 (UTC)

Implementations in source codeEdit

Should more of the articles have simple implementations in source code? A good example is the md5 article which has the implementation in pseudocode as well as the C programing language. Thea10 (talk) 16:23, 13 September 2013 (UTC)

Unfortunately, dozens of programming languages have their own programming language partisans that feel they need to "promote" their favorite programming language wherever possible. People who are not programming language partisans generally feel that including an implementation in every one of those languages in a single article is excessive. (Wikipedia talk:WikiProject Computer science/Manual of style#Concrete Implementations of Algorithms; Wikipedia talk:Algorithms on Wikipedia/More talk).

Rather than put source code directly into the Wikipedia article, perhaps it is better to put that source code into Wikibooks: Cryptography, or into a wiki dedicated to source code such as (In particular, see ), , , or etc., or into some other source code repository website. Then add a (indirect) link into the Wikipedia article pointing at that off-site source code.

Alas, some people think that merely *linking* to implementations in many languages is excessive (Wikipedia talk:WikiProject Computer science/Archive 10#External links to implementations). --DavidCary (talk) 06:36, 4 February 2014 (UTC)

Entropy Page In Need of ReviewEdit

I noticed today that the Entropy(Computing) Page has been marked as in need of an expert reviewer since 2009. Is there anyone in this project that might be up to the task? I read the entire page and think it sounds pretty good. Then again, I'm a chemist, and not a cryptographer or computer security expert. With the recent comments of L. Torvalds and the petition regarding /dev/random, it's a page that will probably be hit more often. Sean Egan (talk) 21:46, 7 October 2013 (UTC)
--Guy Macon (talk) 22:35, 7 October 2013 (UTC)

Post-quantum cryptographyEdit

Even though current publicly known experimental quantum computing is nowhere near powerful enough to attack real cryptosystems[1] "citation requested" — Preceding unsigned comment added by (talk) 02:11, 26 November 2013 (UTC)


Discussion at Template_talk:WikiLeaksEdit

  You are invited to join the discussion at Template_talk:WikiLeaks. Neutral assistance requested. At issue is whether the template for wikileaks should show "Chelsea Manning" or "Chelsea (formerly Bradley) Manning" or some other formulation. Obi-Wan Kenobi (talk) 00:56, 25 October 2013 (UTC)

Assassination market article - anyone want to help?Edit

After the in-depth Forbes article on the Bitcoin/Tor-based Assassination Market website, this article (about the general concept of an assassination market, not the Internet specifically implementation) is looking a bit out of date.

If it's within the remit of this project, anyone want to help out with updating it? Jonathan Deamer (talk) 21:04, 9 December 2013 (UTC)

Invitation to help craft a proposalEdit

Surveillance awareness day is a proposal for the English Wikipedia to take special steps to promote awareness of global surveillance on February 11, 2014. That date is chosen to coincide with similar actions being taken by organizations such as Mozilla, Reddit, and the Electronic Frontier Foundation.

Feedback from members of this Wikiproject would be greatly appreciated. Please come join us as we brainstorm, polish, and present this proposal to the Wikipedia Community. --HectorMoffet (talk) 11:21, 18 January 2014 (UTC)

Password Hashing CompetitionEdit

Is the recently-created "Password Hashing Competition" article too much WP:CRYSTALBALL ? --DavidCary (talk) 19:06, 21 January 2014 (UTC)

Salted Challenge Response Authentication MechanismEdit

I want to create an article about Salted Challenge Response Authentication Mechanism. Here is my draft. How can I improve it?

Thank youMuelleum (talk) 20:59, 29 January 2014 (UTC)

"Numerical cipher"Edit

A recently created redirect, Numerical cipher (edit | talk | history | protect | delete | links | watch | logs | views), currently points to Bifid cipher, is this correct? -- (talk) 10:15, 23 February 2014 (UTC)

List of unsolved problems in CryptographyEdit

FYI, List of unsolved problems in Cryptography (edit | talk | history | protect | delete | links | watch | logs | views) has been nominated for deletion. -- (talk) 10:27, 23 February 2014 (UTC)

@ like its gone, where is the AfD discussion? Jonpatterns (talk) 18:56, 9 March 2014 (UTC)
Is Wikipedia: Redirects for discussion/Log/2014 February 23#List of unsolved problems in Cryptography the discussion Jonpatterns is looking for? --DavidCary (talk) 05:40, 6 February 2015 (UTC)
@DavidCary: Thanks for the link, could be useful for people querying the deletion. Jonpatterns (talk) 13:06, 6 February 2015 (UTC)

Supersingular Isogeny Key ExchangeEdit

Draft:Supersingular Isogeny Key Exchange needs your help. Please chime at the Articles for creation help desk. Chris Troutman (talk) 02:10, 21 May 2014 (UTC)

Draft:3-Subset Meet-in-the-Middle attackEdit

Dear encryption experts: The above AfC submission may be of interest. —Anne Delong (talk) 15:57, 15 June 2014 (UTC)

Kama Sutra Cipher article vastly inaccurateEdit

The Kama Sutra doesn't have a 45th chapter. The Kama Sutra instead describes cryptography as a recommendation for pleasurable activities to be pursued by women. I believe it is actually number 44 on the list. It's easy enough to find in the translation in Project Gutenberg by searching for the word "cypher." There are a lot of places that repeat this misinformation, possibly because it's on Wikipedia.

One source I've found, The Six Unsolved Ciphers, seems to have a bit better of a description, and is consistent with further academic sources I've found. Note that I've found academic sources that cited the incorrect Wikipedia article (why would you do that?). The words to look for are Muladeviya and Kautilyam.

The best source I've found thus far: Novel Cipher Technique Using Substitution Method, Shobha Vatsa, Tanmeya Mohan, A. K. Vatsa, International Journal of Information & Network Security (IJINS), Vol.1, No.4, October 2012, pp. 313~320, ISSN: 2089-3299

Page 317 touches on the Kama Sutra cipher, and describes what is shown in the Wikipedia as Muladeviya. The wording around it is a bit difficult to parse though. It references a research paper "presented as Aryabhata's Mathematics," and that Yasodhara described this cipher along with Kautiliyam (substitutions based on phonetic relations).

Unfortunately the citation for that section looks like this: http:// Aryabhata‟s Mathematics by Subhash Kak, RSA Conference, San Jose, Feb. 13-17, 2006

Please pardon my formatting, I haven't edited Wikipedia before aside for minor spelling corrections. — Preceding unsigned comment added by (talk) 14:40, 17 June 2014 (UTC)

Articles for Deletion/SQRLEdit

This is a notice that the article SQRL, which may be within the scope of your WikiProject, has been nominated for deletion. If this is of interest to your members, their input would be appreciated. 0x0077BE [talk/contrib] 14:43, 23 July 2014 (UTC)


I have drafted an article on the Walsh Report more correctly titled Review of Policy relating to Encryption Technologies that was conducted for the Australian government in 1996. Having been a board member of Electronic Frontiers Australia who played a major role in the Walsh Report I have a potential conflict of interest in this article.

Could one or more editors here please review my draft, edit it if you want to, and—if you then consider it sufficiently neutral and meeting other criteria for Wikipedia articles—move it to mainspace. Tango Mike Bravo (talk) 08:44, 23 August 2014 (UTC)

Thanks to User:Graeme Bartlett this has now been moved to mainspace. Tango Mike Bravo (talk) 11:32, 15 September 2014 (UTC)

Comment on the WikiProject X proposalEdit

Hello there! As you may already know, most WikiProjects here on Wikipedia struggle to stay active after they've been founded. I believe there is a lot of potential for WikiProjects to facilitate collaboration across subject areas, so I have submitted a grant proposal with the Wikimedia Foundation for the "WikiProject X" project. WikiProject X will study what makes WikiProjects succeed in retaining editors and then design a prototype WikiProject system that will recruit contributors to WikiProjects and help them run effectively. Please review the proposal here and leave feedback. If you have any questions, you can ask on the proposal page or leave a message on my talk page. Thank you for your time! (Also, sorry about the posting mistake earlier. If someone already moved my message to the talk page, feel free to remove this posting.) Harej (talk) 22:47, 1 October 2014 (UTC)

Distributed key generation/Threshold crytosystemEdit

I did a bit of work on the distributed key generation page and I'd like to take it off the stub listing. Can I get someone to review it? Also, distributed key generation is the same thing as a threshold cryptosystem, but I haven't really been around long enough to know what goes into page merging. Can anyone help me out with this? Thanks! Farabeeandrew (talk) 05:07, 31 October 2014 (UTC)

Marian Rejewski FAREdit

I have nominated Marian Rejewski for a featured article review here. Please join the discussion on whether this article meets featured article criteria. Articles are typically reviewed for two weeks. If substantial concerns are not addressed during the review period, the article will be moved to the Featured Article Removal Candidates list for a further period, where editors may declare "Keep" or "Delist" the article's featured status. The instructions for the review process are here. SandyGeorgia (Talk) 10:37, 12 January 2015 (UTC)

WikiProject X is live!Edit

Hello everyone!

You may have received a message from me earlier asking you to comment on my WikiProject X proposal. The good news is that WikiProject X is now live! In our first phase, we are focusing on research. At this time, we are looking for people to share their experiences with WikiProjects: good, bad, or neutral. We are also looking for WikiProjects that may be interested in trying out new tools and layouts that will make participating easier and projects easier to maintain. If you or your WikiProject are interested, check us out! Note that this is an opt-in program; no WikiProject will be required to change anything against its wishes. Please let me know if you have any questions. Thank you!

Note: To receive additional notifications about WikiProject X on this talk page, please add this page to Wikipedia:WikiProject X/Newsletter. Otherwise, this will be the last notification sent about WikiProject X.

Harej (talk) 16:57, 14 January 2015 (UTC)

NEM - New Economy Movement listed at Requested movesEdit

A requested move discussion has been initiated for NEM - New Economy Movement to be moved to NEM (cryptocurrency). This page is of interest to this WikiProject and interested members may want to participate in the discussion here. —RMCD bot 23:21, 28 May 2015 (UTC)

Block chain (transaction database) listed at Requested movesEdit

A requested move discussion has been initiated for Block chain (transaction database) to be moved to Block chain. This page is of interest to this WikiProject and interested members may want to participate in the discussion here. —RMCD bot 23:23, 28 May 2015 (UTC)

"Deep Web"Edit

The usage and primary topic of Deep Web is under discussion, see talk:Dark Web -- (talk) 05:16, 10 August 2015 (UTC)


I've created an article on the DROWN attack: it's very basic at the moment, and needs both expansion and fact-checking. -- Markshale (talk) 00:36, 2 March 2016 (UTC)

Double ratchet article may need to be generalizedEdit

Do any of you know of other double ratchet constructions than the one developed by Trevor Perrin and Moxie Marlinspike in 2013? It has been suggested on Talk:Double ratchet that there are "numerous double ratchet constructions possible", in which case the Double ratchet article may need to be generalized. --Dodi 8238 (talk) 09:16, 9 April 2016 (UTC)

I've now renamed the article as "Double Ratchet Algorithm" because it is mainly about the algorithm that was developed by Perrin and Marlinspike. The term "double ratchet" now redirects there, but that page can be converted into a general article about double ratchet constructions if enough secondary sources are found. --Dodi 8238 (talk) 10:16, 9 April 2016 (UTC)


I have nominated OpenBSD for a featured article review here. Please join the discussion on whether this article meets featured article criteria. Articles are typically reviewed for two weeks. If substantial concerns are not addressed during the review period, the article will be moved to the Featured Article Removal Candidates list for a further period, where editors may declare "Keep" or "Delist" the article's featured status. The instructions for the review process are here. Tonystewart14 (talk) 15:10, 11 May 2016 (UTC)

Hi experts, help requested on the Holy Shrine of cryptography!Edit

Hi all, I don't know how active this WikiProject (still) is, but a request for help can be found here: Talk:Voynich manuscript#The Holy Shrine of cryptography - expert eyes requested, any help is welcome to solve this help clean-up the page and get rid of the citation needed tags. I've done some 15 myself, but I lack the experience on cryptography to touch those, so if anybody can help, please! Cheers, Tisquesusa (talk) 01:15, 12 June 2016 (UTC)


There is a current AfD on ShapeShift (company), at Wikipedia:Articles for deletion/ShapeShift (company). More input from coummunity editors would be appreciated. N2e (talk) 18:04, 3 July 2016 (UTC)

List of WWII cipher divisions of the WehrmachtEdit

I know very little about cryptography compared with, no doubt, any member of this project. But I do a lot of WP copyediting, and when Scope creep asked me to copyedit some articles for them, starting with Pers Z S, I was happy to comply. Much of the text in these articles seems to have been translated, I suppose from German, by a German-speaker with good but not perfect English, so there's more copyediting than I expected. (I'm a linguist, by the way.)

Point here is, I've found a list of abbreviations for many (all?) of the cipher divisions of the Wehrmacht in WWII and put it into Talk:Cipher Department of the High Command of the Wehrmacht § Sections and abbreviations. It may be useful as a reference and source of topics for this project.

Please {{Ping}} me to discuss. --Thnidu (talk) 05:20, 25 September 2016 (UTC)

What is meant by "Break"?Edit

I suspect that the majority of readers assume that once a cryptosystem is broken, all intercepted messages can then be read quickly. Certainly in the pre-computer era, this was not the case. A system might be broken in the sense of the mechanisms being diagnosed, but thereafter each message or group of messages could require laborious key-finding which might take a long time and might fail. The usefulness of breaking World War II systems depended on timeliness and completeness. It would be helpful if articles saying that systems were broken stated how quickly messages were read, whether some could not be read with the resources available and what proportion of messages yielded useful information. This may be difficult, but it seems to me to be a worthwhile aim. --TedColes (talk) 07:43, 1 October 2016 (UTC)

Pseudorandom permutation mergeEdit

There is a long-standing merge proposal for Pseudorandom permutation and Unpredictable permutation that would benefit from some expert help. Are these sufficiently similar to merge? Please respond on the merge discussion. Klbrain (talk) 17:17, 10 December 2016 (UTC)

It looks like this has been resolved through the completion of a merge. Klbrain (talk) 12:14, 22 February 2017 (UTC)

RfC Announce: Wikimedia referrer policyEdit

In February of 2016 the Wikimedia foundation started sending information to all of the websites we link to that allow the owner of the website (or someone who hacks the website, or law enforcement with a search warrant / subpoena) to figure out what Wikipedia page the user was reading when they clicked on the external link.

The WMF is not bound by Wikipedia RfCs, but we can use an advisory-only RfC to decide what information, if any, we want to send to websites we link to and then put in a request to the WMF. I have posted such an advisory-only RfC, which may be found here:

Wikipedia:Village pump (policy)#RfC: Wikimedia referrer policy

Please comment so that we can determine the consensus of the Wikipedia community on this matter. --Guy Macon (talk) 21:45, 10 June 2017 (UTC)

Autokey cipherEdit

I'm trying to clean up the Autokey cipher page, which has some jargon and leaves some things unexplained. In particular, there is a section on decryption that was added by user Frankd about a decade ago that has several parts that baffle me. In the section that starts "Trying this with "OUN"", the examples that follow don't seem to make sense - each one replaces the first three letters of the partial key with a different part of the results from the previous step. For instance, in "by 5", the three letters in question are chosen from the "unlikely" pile. My confusion is that the section starts with "Trying this with OUN" and then doesn't try it with OUN. Can someone that better understand this example explain this? Maury Markowitz (talk) 21:46, 23 November 2017 (UTC)

Splitting public-policy from technical material at Computer securityEdit

  FYI: Pointer to relevant discussion elsewhere.

Please see Talk:Computer security#Some initial ideas on a split and an overhaul.

Summary: The present article is a mish-mash of material of a general nature (technical, academic, practices, history, terms, incidents, notable-figures) and material of a socio-political nature (infrastructural, regulatory, legal, corporate, financial, espionage and cyberwar, public impacts).

This started as an RM discussion but turned into a scope one. I've proposed that a Cybersecurity article (using the term favored in technology-and-public-policy circles) should be a spinoff, per WP:SUMMARY, for the second group of material, leaving the bulk of the more general info at Computer security (the basic, non-jargon, descriptive term for the field). This would be in keeping with Cyberwarfare, Internet privacy, Internet censorship, Genetically modified food controversies, and numerous other clear splits between technology and technology policy articles (sometimes multiple such articles, e.g. Electronic cigaretteRegulation of electronic cigarettes, Safety of electronic cigarettes, and several others – but let's just start with one here).

I've done a section-by-section review of what needs to be done, but it's just one opinion, so additional input is sought.

Crypto: In particular, cryptography has had a huge but radically different role in both actual computer security (which would be essentially impossible without it), and computing and telecommunications policy (where its been subject to attempts to suppress public availability of the good stuff, from the Clipper Chip fiasco, to CALEA, to "Apple, give us an iPhone back door or else", to the US govt. for years classifying strong crypto as a "munition" and threatening prosecution of software deveopers for not having a "munitions export license" to have non-trivial crypto in their downloadable products, and so on). Perhaps in crypto we have the sharpest indication of a distinction between computer science as a technical topic versus governmental ideas about "cybersecurity" (which may equate to "you shouldn't have any we can't break") in the technology policy realm.  — SMcCandlish ¢ >ʌⱷ҅ʌ<  10:43, 18 December 2017 (UTC)

Bitcoin RFCEdit

Please stop by and vote on an RFC Talk:Bitcoin_scalability_problem#RFC_article_naming,_removing_"problem"_from_article_name_for_NPOV . Thanks Jtbobwaysf (talk) 11:49, 5 January 2018 (UTC)

Return to the project page "WikiProject Cryptography".