Last week, I came across an interesting website named The Cryptopals Crypto Challenges (also known as The Matasano Crypto Challenges) that hosts cryptographic challenges based on real-world cryptography that makes use of various ciphers and secure protocols.
What is it about?
These challenges were developed by a security team called NCC Security, which is developed as a tool for teaching Cryptography.
Currently, there are eight sets of problems in which each set gets progressively harder as you solve them. As I'm writing this post, I'm solving the first set of problems, these problems are designed in such a way that you get to build own cryptographic functions/utilities and exploit them. Most importantly, not only do these challenges give you an overview on how to build secure cryptographic systems but also you'll get an understanding on how they're being attacked.
In the first few challenges, I was exposed to some crypto math but these concepts weren't that hard as it was more practical and gentler:
- Modular arithmetic
- Working with different bases such as Base 2 and Base 16
- Hamming Distance
- Standard Deviation and Variance
- Frequency
Also, I found myself using different techniques to solve these challenges such as:
- String manipulation
- Lookup tables / Hashmaps
- Conversion of string to integer and vice-versa
- Bitwise operators
Like I had mentioned above, this is also designed as a tool to learn cryptography, which means you don't really need to have prior knowledge of cryptography and security. It's all about doing your own research on various algorithms, implementing the solution and then breaking your own solution.
Why do I want to do this?
I found it as a good opportunity to sharpen my C++ programming skills and learn more about cryptographical theory and it's applications. If you're curious and passionate enough to solve puzzles, this is your chance!
What's next?
I will be posting walkthroughs (on how I solved every problem in each set) on my blog and also provide solutions to those problems on my GitHub repository.
Stay tuned!