Those challenges teach vulnerabilities in old, low level cryptographic primitives. As much as I enjoyed those challenges, they are not a good place to start for a developer trying to build a secure application.
Low level, yes. But, old? We cover AES, HMAC, stream ciphers, GCM, RSA, DH, SRP, and elliptic curves. The criteria for inclusion on the first 6 sets of challenges was "had to be something we took advantage of on the job at Matasano". It's not textbook stuff.
Part of the point of the crypto challenges was to illustrate why people shouldn't work directly with low-level primitives, as a sort of antidote to the kind of advice OWASP gave out.
The first set of problems are all very simple, but you have to start somewhere.
I'm not sure that the cryptopals chalelnges are the best way to learn exactly how you should be implementing everything, but I've found the knowledge that I gained from doing the challenges very applicable in my daily job and definitely helped further my understanding of crypto in a way that reading a book just couldn't do.
Part of the point that I got with cryptopals is how easy it is to break stuff that you thought was hard to break.
There is a theory that we practice on my team that you don't really understand something unless you try to break it. And this team regularly tells developers facts about their programs and systems that previously unknown to them.
I don't know much about how a developer should try to build a secure application from the get-go. I don't think I've ever worked on or assessed a codebase where that plan worked.
I did the challenges years ago when you had to email in for them. Since then I can count at least five occasions where having done the challenges has allowed me to identify vulnerabilities in real-world crypto. I was usually able to recommend fixes that in theory made those codebases more secure. This is keeping in mind that I'm at best a hobbyist security researcher and just barely a professional developer.
I think there are about seven or eight people on Earth that I would trust to securely implement cryptography in their code. For the rest of us I'm happy with doing the best we can with libraries that make that easy (NaCl), and otherwise trying to find ways to break the thing. The cryptopals challenges help you do that, so that's where I'd recommend a developer start.
