InterviewStack.io LogoInterviewStack.io

Authenticated Encryption with Associated Data (AEAD) Questions

Comprehensive understanding of AEAD modes (AES-GCM, ChaCha20-Poly1305, AES-SIV) and why authenticated encryption is essential rather than separate encryption and MAC. Common implementation pitfalls and how they compromise security. When different AEAD schemes are appropriate.

EasyTechnical
31 practiced
Summarize AES-SIV (Synthetic IV) mode and its misuse-resistant properties. Explain the S2V construction at a high level, why AES-SIV is deterministic and provides nonce-misuse resistance, and describe scenarios where deterministic encryption is acceptable or desirable (and where it's not).
MediumSystem Design
36 practiced
You need to design a streaming AEAD approach for encrypting very large files or live video where random access and partial validation are required. Propose a chunking scheme with per-chunk nonces and explain how to maintain integrity across chunks (e.g., chaining tags, a merkle tree, or higher-level signing), how to handle seeking and partial reads, and how to limit state while preventing replay or reorder attacks.
MediumTechnical
32 practiced
Compare AES-GCM and ChaCha20-Poly1305 for use in TLS on servers, mobile devices, and IoT. Discuss performance (with and without AES/ARM acceleration), battery/power impact, side-channel resistance, implementation complexity, and when one should be preferred over the other.
EasyTechnical
36 practiced
List and explain five common implementation pitfalls when using AEAD in real systems (for example: nonce reuse in GCM, verifying tag after parsing plaintext, truncated tags, improper AAD handling, non-constant-time comparisons). For each pitfall describe the practical security consequence and a mitigation.
HardSystem Design
33 practiced
Design a streaming AEAD construction that supports authenticating a continuous stream with constant (or bounded) memory, allows real-time processing, and provides strong authenticity for the entire stream. Provide algorithmic steps, how to handle re-synchronization after loss, and sketch a security argument reducing forging the stream to forging an underlying AEAD chunk.

Unlock Full Question Bank

Get access to hundreds of Authenticated Encryption with Associated Data (AEAD) interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.