
The Matasano Crypto Challenges (2013) - CarolineW
https://blog.pinboard.in/2013/04/the_matasano_crypto_challenges/
======
baby
These were initially created by a small group inside of Matasano, which ended
up growing into the Cryptography Services of NCC Group.

------
jaas
I've used these challenges in a few different contexts, they're great.

I taught myself rust by implementing solutions to these challenges, and I
taught a CS class in which I had students improve their C language skills by
implementing solutions to these challenges. Students got some crypto knowledge
on the side!

~~~
thenewwazoo
I also learned Rust by completing (the first couple of sets of) these
challenges. It was fan-damn-tastic. Way, way better than Project Euler, or
reimplementing Yet Another Blog Engine or whatever. I can't recommend them
highly enough, and I learned some useful crypto too!

~~~
sokoloff
I used them to teach myself F# (or more accurately, to force myself to apply
F#). Enjoyed the challenges and the learning (of both crypto and F#).

------
technion
I'll start by echoing thenewwazoo's comment - I learnt Ruby on these
challenges, and I would actually suggest the questions are better worded, more
generally educational and generally laid out than most of Hacker Rank. For
example, you're forced to write maintainable code, because your solution to
one question ends up adapted to a later question.

I hit two different Ruby segfault conditions someone patched just so I could
finish this challenge. You know you're deep in a language when that happens.

For anyone who finished Set 8: give yourself an exceptional pat on the back.
I'm looking forward to revisiting this at a time when it hopefully goes more
public.

Downsides: Extreme jadedness towards commercial encryption products and the
people that peddle them.

------
koolba
My favorite quote from this is:

> How practical these attacks were. A lot of stuff that I knew was weak in
> principle (like re-using a nonce or using a timestamp as a 'random' seed)
> turns out to be crackable _within seconds by an art major writing crappy
> Python_.

It shows the realization that "somewhat broken" in crypto usually means
horribly broken.

------
george_ciobanu
Favorite part:

"One final observation. Crypto is like catnip for programmers. It is hard to
keep us away from it, because it's challenging and fun to play with. And
programmers respond very badly to the insinuation that they're not clever
enough to do something. We see the F-16 just sitting there, keys in the
ignition, no one watching, lights blinking, ladder extended. And some infosec
nerd is telling us we're can't climb in there, even though we just want to
taxi around a little and we've totally read the manual."

------
dpflan
"You get the challenges in batches of eight by emailing cryptopals at
Matasano, and solve them at your own pace, in the programming language of your
choice. Once you finish a set, you send in the solutions and Sean unlocks the
next eight. (Curiously, after the third set, Gmail started rejecting my
tarball as malware.) "

The Challenges: Cryptopals -->
[http://cryptopals.com/](http://cryptopals.com/)

~~~
SilasX
Can you still submit them for some kind of recognition? I know you can get
them all now without emailing.

(FWIW I got stuck on getting an existing software package to get the correct
result from encrypting via AES with a given key.)

~~~
dpflan
I haven't checked. Do you mean can you receive some sort of certificate of
successful completion? I would think successful solutions with sharaebale code
(e.g. a github repo) would be adequate for recognition of completion and
competency.

~~~
SilasX
I meant if they still care if you complete them.

And I thought they asked not to publish solutions?

~~~
dpflan
Ah, I see. Well then, seems like it'd be good to ping them for some clarity
and perhaps share the answer(s) here. :)

------
avyfain
I worked through some of these[0] a while back as a way to learn property
based testing in Python with Hypothesis[1]. Never finished them, but it was a
fun exercise.

[0] [https://github.com/avyfain/Cryptopals-
Hypothesis](https://github.com/avyfain/Cryptopals-Hypothesis) [1]
[http://hypothesis.works](http://hypothesis.works)

------
sytringy05
The thing I loved about these challenges, aside from extracting the 90s hip
hop references from the ciphertext, was getting back to computing primitives.

I spend so much time in my day job dealing with high level abstractions and
objects it's a good reminder about how important the 0 and 1s are.

And the challenges are very well written, if only all teaching materials could
keep you engaged like these do.

------
joshschreuder
Does anyone have a preference to which languages are the best to implement in,
or is it more a case of what you're comfortable with?

I started the challenges in 2013 in Python, which I only have a very cursory
knowledge of, so if there's an easier language to implement in (even if it's
new to me), I would like to give it another go.

~~~
tptacek
Python is the language most used by people who successfully finished all 6
sets, followed by Ruby, Java, and Go. Ruby and Python are both good because
they have sane byte strings and automatically promote fixnums to bignums.

------
cryptbe
<shameless plug>

If you enjoy these challenges you might want to join my team at Google, to
analyze, break, design and implement real-world crypto solutions for products
used by billions of people.

Aside from short-term projects like analyzing and improving state-of-the-art
password hashing or end-to-end encryption schemes, we've started two long-term
that could use your help: Wycheproof [1] and Tink [2]. The former is a
revolutionary testing framework that has discovered 40+ bugs [1] in many
popular crypto libraries. The later provides a safe, simple, agile and fast
way to accomplish common crypto tasks.

If this sounds exciting, please send your resumes to thaidn@google.com.
Cheers!

[1]
[https://github.com/google/wycheproof](https://github.com/google/wycheproof)

[2] [https://github.com/google/tink](https://github.com/google/tink)

[3]
[https://github.com/google/wycheproof/blob/master/doc/bugs.md](https://github.com/google/wycheproof/blob/master/doc/bugs.md)

</shameless plug>

~~~
tptacek
I'd point out that Thai here is one of the inspirations for the crypto
challenges, but we already did on the front page. :)

This is a pretty amazing team, and if you're not familiar with it already,
Tink is Thai and Daniel Bleichenbacher's team's answer to Nacl.

------
SimonSelg
Thanks for including "(blog post about completing them)" in the title.

~~~
CarolineW
Ironically, that's been removed by the mods.

~~~
weaksauce
There is a reason for that and it's because the mods take a hard line on
editorializing the title of the submission. It's likely done automatically by
a bot though.

~~~
weaksauce
from the guidelines[0]: Please don't do things to make titles stand out, like
using uppercase or exclamation points, or adding a parenthetical remark saying
how great an article is. It's implicit in submitting something that you think
it's important. ... Otherwise please use the original title, unless it is
misleading or linkbait.

0\.
[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)

~~~
CarolineW
Indeed. In this case it is misleading simply to call it by the title "The
Matasano Crypto Challenges". Specifically, this is _a blog post about_ the
Matasano Crypto Challenges.

The modification wasn't intended to make the title stand out, and it wasn't
editorializing, it was deliberately adding information to help you, the
reader, know what it was you were clicking through to.

I understand the reasons, but I feel that sometimes the mods revert titles
without thinking, and without assessing why it might have been changed. Again,
I understand the reasons, and having yet _another_ time sink is perhaps
unwelcome, but I'd like to see some way - like the "vouch" mechanism - where
altered titles can be accepted.

------
teraflop
(2013)

