The Cryptopals challenges

Starting today I kick off a series on the cryptopals crypto challenges, with my implementations in PHP. Feel free to join in the fun!

I really enjoy cryptography. Being able to write in such a way that others can’t decode what you’ve written is a powerful feeling. Knowing that you can selectively share knowledge about how to understand something even more so.

But the best thing about cryptography is the inherent goal and promise of privacy.

Unfortunately, cryptography is also very hard.

Learning cryptography

While I have a math degree, I do not consider myself an expert mathematician. I know enough to follow some technical papers with a modicum of understanding, but I doubt I will be penning a formal proof of anything any time soon. All the same, this background has helped me understand some of the more important concepts underlying cryptography.

But the best way to learn cryptography is to practice it.

A few years ago, a colleague introduced me to the Cryptopals crypto challenges. This set of challenges helped immensely to build my understanding of what was going on under the hood with the APIs I was using.

One day, we even set aside a chunk of time during lunch to vet our approaches and solutions (in different languages) together. This happened to be the same day a former colleague of the CEO stopped by to visit. He saw us working through a simple attack on ECB mode encryption and was impressed.

He later referred us to a grant-driven project to implement strong crypto in the public sector. It was a serendipitous event, and it helped further build my interests in learning and understanding cryptography.

Content to come

I am not an expert mathematician, nor am I an expert cryptographer. I know enough in each field to understand their importance and to use proven, well-studied tools built by true experts.

Over the next few articles, though, let’s begin working through the cryptopals challenges together. We might pause partway through (some are truly hard and not well-suited for a daily blog), but let’s push as hard as we can to get to the end.

I’ve worked through these problems in JavaScript, Golang, and Python in the past. This time I’ll leverage PHP – if you plan to follow along, feel free to use whatever language in which you’re the most comfortable.

Future content in this series will be marked with a “cryptopals” tag to make it easier to find.

This will be fun!