I taught myself rust by implementing solutions to these challenges, and I taught a CS class in which I had students improve their C language skills by implementing solutions to these challenges. Students got some crypto knowledge on the side!
I hit two different Ruby segfault conditions someone patched just so I could finish this challenge. You know you're deep in a language when that happens.
For anyone who finished Set 8: give yourself an exceptional pat on the back. I'm looking forward to revisiting this at a time when it hopefully goes more public.
Downsides: Extreme jadedness towards commercial encryption products and the people that peddle them.
> How practical these attacks were. A lot of stuff that I knew was weak in principle (like re-using a nonce or using a timestamp as a 'random' seed) turns out to be crackable within seconds by an art major writing crappy Python.
It shows the realization that "somewhat broken" in crypto usually means horribly broken.
"One final observation. Crypto is like catnip for programmers. It is hard to keep us away from it, because it's challenging and fun to play with. And programmers respond very badly to the insinuation that they're not clever enough to do something. We see the F-16 just sitting there, keys in the ignition, no one watching, lights blinking, ladder extended. And some infosec nerd is telling us we're can't climb in there, even though we just want to taxi around a little and we've totally read the manual."
The Challenges: Cryptopals --> http://cryptopals.com/
(FWIW I got stuck on getting an existing software package to get the correct result from encrypting via AES with a given key.)
And I thought they asked not to publish solutions?
I spend so much time in my day job dealing with high level abstractions and objects it's a good reminder about how important the 0 and 1s are.
And the challenges are very well written, if only all teaching materials could keep you engaged like these do.
I started the challenges in 2013 in Python, which I only have a very cursory knowledge of, so if there's an easier language to implement in (even if it's new to me), I would like to give it another go.
If you enjoy these challenges you might want to join my team at Google, to analyze, break, design and implement real-world crypto solutions for products used by billions of people.
Aside from short-term projects like analyzing and improving state-of-the-art password hashing or end-to-end encryption schemes, we've started two long-term that could use your help: Wycheproof  and Tink . The former is a revolutionary testing framework that has discovered 40+ bugs  in many popular crypto libraries. The later provides a safe, simple, agile and fast way to accomplish common crypto tasks.
If this sounds exciting, please send your resumes to email@example.com. Cheers!
This is a pretty amazing team, and if you're not familiar with it already, Tink is Thai and Daniel Bleichenbacher's team's answer to Nacl.
The modification wasn't intended to make the title stand out, and it wasn't editorializing, it was deliberately adding information to help you, the reader, know what it was you were clicking through to.
I understand the reasons, but I feel that sometimes the mods revert titles without thinking, and without assessing why it might have been changed. Again, I understand the reasons, and having yet another time sink is perhaps unwelcome, but I'd like to see some way - like the "vouch" mechanism - where altered titles can be accepted.