There are tens of millions of pages of content on the web that address encryption or cryptography; that means two things: first, there is no shortage of good content explaining what encryption and cryptography are; second, there is also no shortage of not-so-good content that can be confusing at best, if not misleading or outright wrong and harmful at worst.
As with any specialty, one must consider the source before deciding whether the content is actually worthy of consideration. Reputation is crucial, especially when the information being provided will be used for security purposes.
Here are a handful of links to people and organizations that I consider trustworthy, either directly from personal interactions or from their public reputations as highly-regarded cryptographers:
- Bruce Schneier is the internationally-renowned security technologist and author, and the author of Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition, for almost 20 years the canonical resource for programmers who need to implement cryptographic functions. Schneier’s personal blog is an excellent source for current and correct discussion of cryptography and security issues.
- Philip Zimmermann is the creator of PGP (Pretty Good Privacy), first published on the Internet in 1991, and the inspiration for the now standard Gnu Privacy Guard (GPG) encryption tool. Zimmermann’s crypto bibliography page is an excellent resource for learning more about cryptography as well as for links to reputable crpytography resources.
- Gary Kessler’s An Overview of Cryptography is a comprehensive discussion of what modern cryptography is, what it’s for, and what tools are currently available.