**[Sch]**B. Schneier:*Applied Cryptography*. This book is a useful reference for software impelementation. Also provides a very intuitive approach to the underlying protocols.**[TW]**W. Trappe and L. C. Washington:*Introduction to Cryptography with Coding Theory*.**[BR]**M. Bellare and P. Rogaway:*Lecture Notes*for a graduate course at UCSD.**[GB]**S. Goldwasser and M. Bellare:*Lecture Notes on Cryptography*. Definitions and theoretical foundations of cryptography on a more advanced level.**[MvOV]**A.J. Menezes, P.C. van Ooorschot, and S.A. Vanstone:*Handbook of Applied Cryptography*. Comprehensive reference to all areas of cryptography.**[G]**O. Goldreich:*Fragments of a Book*. An excellent, but more advanced, overview of cryptography. Part I (containing chapters 1-4) has recently been published as a book.- Chapter 1: Introduction and Background.
- Chapter 2: One-Way Functions.
- Chapter 3: Pseudorandomness.
- Chapter 4: Zero-Knowledge Proof Systems.
- Chapter 5: Encryption.
- Chapter 6: Signatures and Message Authentication.

**[Ang]**D. Angluin:*Lecture Notes on the Complexity of Some Problems in Number Theory*. Available for download (ps | pdf).**[Ch]**L.N. Childs:*A Concrete Introduction to Higher Algebra*. An accessible reference to algebra and number theory, with many cryptographic applications.

(

**[AABN02]**M. Abdalla, J. An, M. Bellare, C. Namprempre.*From Identification to Signatures via the Fiat-Shamir Transform: Minimizing Assumptions for Security and Forward-Security*. Eurocrypt '02.**[ALO98]**W. Aiello, S. Lodha, and R. Ostrovsky.*Fast Digital Identity Revocation*. Crypto '98.**[BKR94]**M. Bellare, J. Kilian, and P. Rogaway.*The Security of the Cipher Block Chaining Message Authentication Code*. Crypto '94.**[BGR95]**M. Bellare, R. Guerin, and P. Rogaway.*XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions*. Crypto '95.**[BM88]**M. Bellare and S. Micali.*How to Sign Given Any Trapdoor Permutation*. J. ACM 39(1): 214-233 (1992).**[BR93]**M. Bellare and P. Rogaway.*Random Oracles are Practical: A Paradigm for Designing Efficient Protocols*. ACM Conference on Computer and Communications Security '93.**[BG84]**M. Blum and S. Goldwasser.*An Efficient Probabilistic Public-Key Encryption Scheme which Hides all Partial Information*. Crypto '84.**[CGH98]**R. Canetti, O. Goldreich, and S. Halevi.*The Random Oracle Methodology, Revisited*. STOC '98.**[DH76]**W. Diffie and M. Hellman.*New Directions in Cryptography*. IEEE Trans. Info. Theory 22(6): 644-654 (1976).**[E84]**T. El Gamal.*A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms*. Crypto '84.**[FS86]**A. Fiat and A. Shamir.*How to Prove Yourself: Practical Solutions to Identification and Signature Problems*. Crypto '86.**[GQ88]**L. Guillou and J.J. Quisquater.*A "Paradoxical" Identity-Based Signature Scheme Resulting from Zero-Knowledge*. Crypto '88.**[GGM84]**O. Goldreich, S. Goldwasser, and S. Micali.*How to Construct Random Functions*. JACM 33(4): 792-807 (1986).**[GM82]**S. Goldwasser and S. Micali.*Probabilistic Encryption*. JCSS 28(2): 270-299 (1984).**[GMR84]**S. Goldwasser, S. Micali, R.L. Rivest.*A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks*. Siam J. Computing 17(2): 281-308 (1988).**[LR85]**M. Luby and C. Rackoff.*How to Construct Pseudo-Random Permutations from Pseudo-Random Functions*. Siam J. Computing 17(2): 373-386 (1988).**[NY89]**M. Naor and M. Yung.*Universal One-Way Hash Functions and Their Cryptographic Applications*. STOC '89.**[O92]**T. Okamoto.*Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes*. Crypto '92.**[RSA78]**R.L. Rivest, A. Shamir, and L.M. Adleman.*A Method for Obtaining Digital Signatures and Public-Key Cryptosystems*. Comm. ACM 21(2): 120-126 (1978).**[S89]**C.P. Schnorr.*Efficient Identification and Signatures for Smart Cards*. Crypto '89.