| Recommended for this list: 1. https://archiv.infsec.ethz.ch/education/fs08/secsem/bleichen... - This is necessary to scare newbies away from implementing textbook RSA 2. https://www.iacr.org/archive/eurocrypt2002/23320530/cbc02_e0... - Vaudenay's attack on CBC mode is essential to practitioners 3. https://mega-awry.io/pdf/mega-malleable-encryption-goes-awry... - A real world attack on Mega's encryption Unfortunately, most interesting cryptanalysis results are easier to find as blog posts than academic papers. For example: the Frozen Heart vulnerability in zero-knowledge proof systems that rely on the weak Fiat-Shamir transform. https://blog.trailofbits.com/2022/04/13/part-1-coordinated-d... https://blog.trailofbits.com/2022/04/15/the-frozen-heart-vul... https://blog.trailofbits.com/2022/04/18/the-frozen-heart-vul... These blog posts are great, but they aren't academic papers, so they may not qualify for your list. |