I was asked to define what a cryptographer does, and a small part of what I said appears here: https://www.techopedia.com/job-role-cryptographer/2/34169. My full answer was about 5 times longer (it's me, I always write long) because there are actually so many different things that cryptographers do. So, here is my full answer:

As in many professions, a cryptographer can do many different things. Furthermore, although a relatively small field, there are many different types of cryptographers doing different types of work and with very different skill sets.

Cryptanalysts are cryptographers whose job is to break cryptographic schemes. In some areas, the cryptanalysts are the ones with the best understanding of how to build secure schemes as well, and so they are both builders and breakers. Primarily, this is in the area of symmetric cryptography - stream ciphers, block ciphers, hash functions, and the like. However, in the area of asymmetric (public-key) cryptography, schemes are typically based on hard problems from number-theory and algebra. As in the symmetric world, these researchers are also the most qualified to propose new hard problems. However, their skill set is usually completely different from those doing symmetric cryptanalysis. Those working in the asymmetric setting typically have very deep math background. Having said that, I would argue that almost all cryptographers are pretty good at math.

An entirely different type of cryptographer doesn’t look at building the basic building blocks of cryptography. Rather, they build higher level schemes and protocols that use the building blocks. These higher level schemes could be types of encryption, signing, methods for password authentication, key exchange, and much more. These cryptographers usually formally prove the security of their constructions, assuming that the basic building blocks are secure. As such, their work is actually very different.

A lot of cryptographers also work on very advanced things like secure multiparty computation and fully homomorphic encryption. Some of this is being used in practice, but a lot is still very theoretical. And this brings us to the next distinction - applied cryptographers are interesting in building things that could be used today, or at least very soon. In contrast, theoretical cryptographers are interested in understanding the scientific foundations of the field. As with any field, there are plenty of people who dabble in theory and practice, or may be somewhere on the spectrum in the middle. Despite their differences, I personally think that they have a lot in common. The adversarial mindset that cryptographers need to do their job is the same whatever they are doing.

Finally, cryptographers may be working on implementations that are safe from side-channel and other attacks, or that can be proven secure as an implementation using formal methods. Building good cryptographic libraries is also something that cryptographers do.

I must admit that I am unhappy writing this since there are many cryptographers out there who will say “hey, you missed the type of work that I do”. I know this already, but I was already asked for a short answer, and gave a much too long one. So, just know that being a cryptographer isn’t one thing - you can be a cryptographer if you like pure mathematics and theoretical computer science, or if you like coding and low-level implementation, or if you like looking at hardware attacks, and much more.



