Cryptography

Cryptography Study Plan

Milestone-based roadmap for cryptography theory, secure communication protocols, practical tools, and cryptanalysis challenges.

Cryptography is the practice and study of techniques for secure communication in the presence of adversarial behavior. This plan assumes basic computer skills such as Linux basics, everyday OS usage, internet research, and file editing.

Expected pace

8 weeks

Assuming basic computer science comfort.

Focus areas

Learn core cryptography theory and concepts.

Understand how cryptography supports secure communications.

Become familiar with common cryptography tools.

Apply cryptography knowledge in cybersecurity contexts.

In short

Start with encryption, hashing, PKI, and signatures.

Learn TLS, SSH, email security, and data protection use cases.

Practice with OpenSSL, GPG, Hashcat, John the Ripper, and CyberChef.

Use CTF-style challenges to recognize cryptographic weaknesses.

Focus on correct use, not inventing algorithms.

Theoretical Concepts Applied Cryptography Cryptography Tools Cryptanalysis and Challenges Resources

Section 1

Theoretical Concepts

2 weeks

Learn foundational cryptography concepts: algorithms, keys, hashing, PKI, and digital signatures.

Week 1-2: Core Concepts

Build vocabulary and mental models before using cryptography in real systems.

Symmetric vs asymmetric encryption and when each is used.

Symmetric encryption examples: DES for history and AES for modern use.

Asymmetric encryption examples: RSA and ECC.

Hashing algorithms: MD5, SHA-1, SHA-256, and SHA-3.

Understand collision resistance, preimage resistance, and why old hashes fail.

Public Key Infrastructure: certificates, certificate authorities, and chain of trust.

Digital signatures: how they work and why integrity and authenticity matter.

Practice: map common cybersecurity tasks to encryption, hashing, or signing.

Basic CryptographySunny Classroom Cryptography Module on TryHackMe

Section 2

Applied Cryptography

2 weeks

Apply cryptography to secure communications, remote access, email, and data protection.

Week 3-4: Protocols and Implementation

SSL/TLS: handshake process, certificates, versions, and security properties.

Understand deprecated TLS/SSL versions and why they should be disabled.

SSH: secure remote access, public key authentication, and key management.

Email security: PGP, GPG, and S/MIME.

Data at rest vs data in transit.

Common implementation mistakes: weak randomness, hardcoded keys, insecure modes, and broken certificate validation.

Practice: inspect a real website certificate chain and TLS configuration.

Practice: create SSH keys and understand public vs private key handling.

Hak5: SSH Inside and Out Real-World CryptographyBook by David Wong

Section 3

Cryptography Tools

2 weeks

Become comfortable with practical tools used for crypto analysis, testing, encryption, signing, and decoding.

Week 5-6: Hands-on Tools

OpenSSL: generate keys, create CSRs, inspect certificates, and test TLS connections.

GPG: encrypt, decrypt, sign, and verify files.

John the Ripper basics for understanding password strength.

Hashcat basics for password cracking concepts in lab contexts.

CyberChef for encoding, decoding, hashing, and crypto experiments.

Practice: generate a key pair and sign a file.

Practice: compare weak vs strong password hashes in a lab.

Practice: use CyberChef to identify encodings and transformations.

TryHackMe Practice CyberChef

Section 4

Cryptanalysis and Challenges

2 weeks

Use puzzles and CTF challenges to recognize flawed cryptographic designs and unsafe implementations.

Week 7-8: Breaking Codes

Classical ciphers: Caesar and Vigenere for historical context.

Understand why classical ciphers are not secure today.

Modern attack examples: padding oracle, POODLE, and Heartbleed.

Learn how implementation flaws break otherwise strong cryptographic systems.

Solve beginner crypto challenges on CTF platforms.

Write short notes for each solved challenge: clue, weakness, method, and lesson.

Practice: identify whether a challenge involves encoding, hashing, encryption, or signing.

Root-Me Cryptanalysis Challenges Cryptopals Crypto Challenges

Section 5

Resources

Use platforms and books that connect cryptographic concepts to practical security work.

pwn.guide TryHackMe Root-Me

Serious Cryptography by Jean-Philippe Aumasson.

Real-World Cryptography by David Wong.

Keep a lab notebook of commands, certificates, keys, hashes, and challenge lessons.