Cryptography

technical

The mathematical science of secure communication — designing and analyzing encryption algorithms, digital signatures, zero-knowledge proofs, and protocols that protect information.

Max Level

250

XP Multiplier

1.10×

Attribute Contributions

Intelligence 65% Wisdom 30% Creativity 5%

Prerequisites

Mathematics Lv 15

Overview

Cryptography is the mathematical science of designing communication systems that are secure against adversaries — enabling confidentiality (only intended recipients can read messages), integrity (messages cannot be altered undetected), authentication (verifying identity), and non-repudiation (preventing later denial of sent messages). Modern cryptography is grounded in rigorous mathematical formalism, defining security in terms of computational hardness assumptions and proving that breaking a protocol would require solving problems believed to be intractable.

The field divides into symmetric cryptography (where the same secret key is used for encryption and decryption) and asymmetric or public-key cryptography (where a public key can encrypt but only the corresponding private key can decrypt). Public-key cryptography, developed independently by Diffie, Hellman, Rivest, Shamir, and Adleman in the 1970s, solved the key distribution problem that had limited classical cryptography and enabled secure communication over public networks — making modern e-commerce, encrypted messaging, and digital signatures possible.

Getting Started

Number theory is the mathematical foundation of public-key cryptography. Modular arithmetic — arithmetic performed within a fixed modulus, where numbers wrap around — is the essential tool. The properties of prime numbers, Euler's theorem, and the discrete logarithm problem (the difficulty of finding x given g, p, and g^x mod p) underlie RSA encryption and Diffie-Hellman key exchange. Understanding these mathematical structures, not just as algorithms but as number-theoretic problems, provides the foundation for understanding why the cryptographic constructions work.

The RSA cryptosystem is the standard starting point for learning public-key cryptography. Its security relies on the difficulty of factoring large semiprime numbers (products of two large primes). Understanding the key generation, encryption, and decryption operations — and why they work correctly — requires working through the modular arithmetic by hand for small examples before applying it to the large numbers used in practice.

Block ciphers — AES (Advanced Encryption Standard) in particular — are the fundamental tool of symmetric cryptography. Understanding how AES operates through substitution, permutation, and key mixing in multiple rounds builds intuition about why the cipher resists known attacks. The concepts of confusion (obscuring the relationship between plaintext and ciphertext) and diffusion (spreading the influence of each plaintext bit across many ciphertext bits) — introduced by Claude Shannon — explain the design principles behind all modern block ciphers.

Common Pitfalls

Attempting to design novel cryptographic protocols without deep expertise is the most dangerous error in applied cryptography. Cryptography is notoriously difficult to get right — schemes that appear secure on informal analysis frequently have subtle flaws that experts exploit. The standard advice for practitioners is to use well-audited, standardized protocols (TLS, AES, RSA with proper padding) rather than designing new ones. Rolling your own crypto is a red flag in any security context.

Confusing cryptographic security with implementation security leads to false confidence. A mathematically sound cipher can be completely defeated by poor implementation — failing to use authenticated encryption, improper random number generation, timing side-channels, or incorrect key management are common practical vulnerabilities that bypass the mathematical security properties entirely.

Neglecting the security model — the specific threat the cryptographic construction is designed to protect against — produces deployments where the security guarantees don't match the actual threats. Understanding what a protocol protects against (and what it explicitly does not protect against) is essential for using it correctly.

Milestones

Implementing RSA encryption and decryption from scratch — key generation, encryption, decryption, using modular exponentiation — with correct understanding of the underlying number theory marks foundational cryptography literacy. Implementing a simple authenticated encryption scheme — combining AES-GCM or a cipher with HMAC correctly — marks practical symmetric cryptography competency. Understanding and implementing the Diffie-Hellman key exchange protocol and explaining the discrete logarithm hardness assumption it relies on marks public-key cryptography depth.

Advanced cryptography engages with elliptic curve cryptography, post-quantum algorithms, zero-knowledge proofs, and the formal security proof frameworks used in research.

Where to Specialize

Public-key cryptography develops RSA, elliptic curve, and post-quantum algorithm expertise. Protocol design and analysis applies cryptographic primitives to secure communication protocols. Zero-knowledge proofs enable privacy-preserving verification. Hash functions and MACs build message integrity and authentication. Cryptanalysis studies attacks on cryptographic systems — the other side of design.

Tips for Success

  • Build modular arithmetic intuition before studying specific algorithms — all public-key cryptography reduces to number-theoretic operations that modular arithmetic makes tractable.
  • Implement RSA from scratch for small numbers before using a library — working through key generation, encryption, and decryption by hand builds the understanding that API usage alone never provides.
  • Never design your own cryptographic protocols for production use — use well-audited, standardized algorithms and follow implementation guidance carefully.
  • Distinguish mathematical security from implementation security — side-channel attacks, improper padding, and poor key management defeat mathematically sound ciphers.
  • Understand what each primitive protects against — encryption provides confidentiality but not integrity; authentication provides integrity but not confidentiality; confusing these produces insecure systems.
  • Study classic attacks alongside cryptographic constructions — understanding how protocols were broken historically gives intuition for what makes current designs secure.
  • Read the actual cryptographic standards (NIST documents, RFCs) for any protocol you deploy — summaries and tutorials frequently omit implementation-critical details.

Practice Quests

Suggested activities for building your Cryptography skill at different intensities.

Daily Quests

Algorithm Implementation 1.00 hr

Implement one component of a cryptographic algorithm in code — modular exponentiation, key generation, or encryption — with tests confirming correct output.

Number Theory Practice 0.50 hrs

Work through five number theory problems — modular arithmetic, Euler's theorem, or prime factorization — directly relevant to a cryptographic algorithm you are studying.

Protocol Study 0.50 hrs

Study one cryptographic protocol — TLS handshake, Diffie-Hellman, or certificate chain — reading the specification and tracing each step's mathematical operation.

Weekly Quests

Attack Analysis 3.00 hrs

Study one historical cryptographic attack — padding oracle, timing side-channel, or birthday attack — implementing a simplified version and explaining the vulnerability.

Cryptopals Challenge 4.00 hrs

Complete one Cryptopals challenge, implementing a cryptographic attack or construction from scratch and verifying the result against the challenge's expected output.

Monthly Quests

Complete System Implementation 15.00 hrs

Implement a complete cryptographic system — a secure messaging protocol or digital signature scheme — using only standard libraries and following best practice guidelines.

Research Paper Study 10.00 hrs

Read and understand one foundational cryptography paper — Shannon's secrecy paper, Diffie-Hellman, or a zero-knowledge proof paper — and write a clear explanation of its argument.

Notable Practitioners

Claude Shannon

American mathematician whose 1949 paper Communication Theory of Secrecy Systems established the mathematical foundations of modern cryptography and information-theoretic security.

Whitfield Diffie and Martin Hellman

American cryptographers who published the concept of public-key cryptography and key exchange in 1976, enabling secure communication without prior shared secrets.

Rivest, Shamir, and Adleman

American computer scientists who developed the RSA algorithm in 1977, the first practical public-key cryptosystem, which remains foundational to internet security.

Bruce Schneier

American cryptographer and security technologist whose Applied Cryptography became the standard reference for cryptographic implementation and whose public commentary shapes security policy.

Learning Resources

Website Crypto101
Website Wikipedia: Cryptography
Website Coursera — Cryptography I (Stanford)
Website Cryptopals Challenges

Ready to start tracking Cryptography?

Start Tracking Cryptography