If you can point me to a university curricula (and, especially, a syllabus) that has hugely better coverage of practical attacks on cryptographic implementations, I'd be interested in seeing it.
Nobody is going to come out of these challenges qualified to pick SHA-4 or AES-ng, or for that matter, prepared to design a new cipher or even a novel crypto construction. That's not the point of the challenges.
But we're covering what I think might be an odd corner of cryptography. Our approach to crypto is from a software security perspective. In a similar sense as 2013 software security researcher might be able to tell you a great deal about how Javascript objects are allocated a browser but not have any idea about best practices for organizing actual working Javascript code, we're covering an idiosyncratic set of implementation details but leaving all the theory out --- not least because we don't have the theory background.
> If you can point me to a university curricula (and, especially, a syllabus) that has hugely better coverage of practical attacks on cryptographic implementations, I'd be interested in seeing it.
Me, too. The courses I took were much more theoretical--lots and lots of number theory. I enjoyed them, and I enjoy your challenges, too.
The theory is fun, and I learned enough to understand some interesting attacks, but at the level of courses I studied the material at, we did not come up with any new attacks.
The distinction is a bit like theoretical computer science versus actually writing a programme.
P.S. I'll looking through material from my old university and see if I can find anything interesting.
