HACKER Q&A
📣 mfbx9da4

Seeking Cryptography Certification


I would like to do some training in cryptography and information security. The goal is that I would have the credentials, confidence and toolkit to write my own cryptographic protocols.

Are there any industry recognised courses or exams that I can sit?

Beyond doing a masters, as I don’t really have the option to ditch my full time work, as much as I would like to.

  👤 Darkstryder Accepted Answer ✓
For the specific topic of cryptography: every professional cryptographer I know not only started with a master in mathematics, but completed it with a PhD in cryptography afterwards. Trying to do it professionally with neither diplomas feels like a non-starter to me.

Of course, that doesn't mean you can't study the field on your own for the sake of knowledge. And it will certainly make you a better infosec professionnal, whatever subfield you want to specialize in.

Also, keep in mind there are maybe 1000 people working in information security for 1 person working as a professional cryptographer. Cryptography is a bit tricky, but information security is a broad field with many interesting things to do.

👤 als0
With respect, you really shouldn't be designing your own cryptographic protocols if they are going into a product. Even the best of the best make serious mistakes. A course is not going to give you the confidence that you need. There are so many peer reviewed protocols out there that there's almost no need to make one yourself unless you're in a very specialised or niche scenario. That said, if you just want to learn about them, there are plenty of good, readable books like Real World Cryptography and Applied Cryptography (Schneier).
👤 cpach
https://cryptopals.com/
👤 pluc
https://toc.cryptobook.us/

http://swarm.cs.pub.ro/~mbarbulescu/cripto/Understanding%20C...

and "Applied cryptography" by Bruce Schneier.

the credential is "I understand cryptography" which you can print on a piece of paper if you like

👤 rg111
> confidence and toolkit to write my own cryptographic protocols

One of the first things I ever learned in Dan Boneh's Crypto MOOC is to not write your own crypto protocols for your product.

Because old solutions exist for a long time, and have been open for a long time, experts and scholars have had much more time to find faults in them. They are also tested in the industry.

No matter how smart you are, you shouldn’t use your own cryptographic solution.

Use open, long-existed, tried and true solutions.

👤 noodlesUK
Depending on which country you’re in, it’s possible to do a masters degree part time. I’ve known a few people who have done this. Even with a masters degree you’re probably not going to want to run around solo doing crypto protocol design though. These things are usually better done as part of a team or with years of experience.
👤 MacsHeadroom
A masters isn't even enough. The industry recognizes PhDs. "Your own cryptographic protocol" would be a doctoral dissertation or postdoctoral work.

You may as well ask about a certification to give you "the confidence to make your own neurosurgery protocols."

At least the damage is much more limited with faulty brain surgery.

👤 sshine
Join a study group around the book Real World Cryptography?

https://community.zeroknowledge.fm/t/new-study-group-real-wo...

👤 Omavel
Writing your own cryptoprotocol has nothing in common with infosec certification...
👤 dboreham
This is a bit like asking if you can become a neurosurgeon by taking online classes. But if you're aiming to do it for fun, just jump in and study the field (deeply) on your own.