Cryptography Study Plan
This page is updated based on jassics/security-study-plan/cryptography-study-plan
This plan assumes you already have basic computer science skills (Linux basics, common Windows/macOS use, editing a file, searching the internet). Also check the Common Security Skills study plan if you haven't already.
What is cryptography? The practice and study of techniques for secure communication in the presence of adversarial behavior. Pair this plan with the site's own Cryptography guide for a practical, code-level summary.
This plan has three objectives:
- Learn cryptography's theoretical concepts
- Become familiar with useful cryptography tools
- Apply that knowledge in the context of cybersecurity
ToC
- Theoretical Concepts - 2 weeks
- Applied Cryptography - 2 weeks
- Cryptography Tools - 2 weeks
- Cryptanalysis & Challenges - 2 weeks
- Resources
Theoretical Concepts
Duration: 2 weeks
Week 1-2: Core Concepts
- Symmetric vs Asymmetric Encryption - DES, AES, RSA, ECC
- Hashing Algorithms - MD5, SHA-1, SHA-256, SHA-3
- Public Key Infrastructure (PKI) - Certificates, CAs, Chain of Trust
- Digital Signatures - how they work and why they matter
Resources:
- Basic Cryptography playlist by Sunny Classroom
- Cryptography Module on TryHackMe
Applied Cryptography
Duration: 2 weeks
Week 3-4: Protocols & Implementation
- SSL/TLS - handshake process, versions, security
- SSH - secure remote access, key management
- Email Security - PGP, GPG, S/MIME
- Data at Rest vs Data in Transit
Resources:
Cryptography Tools
Duration: 2 weeks
Week 5-6: Hands-on Tools
- OpenSSL - generating keys, CSRs, testing connections
- GPG - encrypting and signing files
- John the Ripper / Hashcat - password cracking basics (to understand password strength, not for unauthorized use)
- CyberChef - the "Swiss Army Knife" for encoding/decoding/encryption
Resources:
Cryptanalysis & Challenges
Duration: 2 weeks
Week 7-8: Breaking Codes
- Classical Ciphers - Caesar, Vigenère (historical context)
- Modern Attacks - Padding Oracle, POODLE, Heartbleed (understand the underlying flaws)
- CTF Challenges - solve crypto challenges on dedicated platforms
Resources:
Resources
Platforms
Books
- Serious Cryptography by Jean-Philippe Aumasson
- Real-World Cryptography by David Wong
Interview Questions
Cryptography questions frequently show up inside broader Application Security interview questions - review that set alongside this plan.
Practice next: Application Security interview questions, and jassics/security-study-plan for the latest updates to this plan.