InterviewStack.io LogoInterviewStack.io

Cryptography Background Questions

Experience working with cryptographic algorithms, protocols, and secure design practices. Candidates should describe algorithms and protocols they have used or implemented, threat modeling and key management experience, compliance considerations, and concrete projects that demonstrate applied cryptography knowledge and practical trade offs.

EasyTechnical
32 practiced
What is Perfect Forward Secrecy (PFS)? Explain how PFS prevents retroactive decryption after a long-term key compromise, which protocols provide PFS by default, and situations where PFS might be impractical to use.
MediumTechnical
32 practiced
Walk through the PKI lifecycle for TLS certificates in a large-scale environment: issuance, renewal automation (e.g., ACME), revocation mechanisms (CRL, OCSP, OCSP stapling), certificate transparency, and common operational pitfalls that cause outages or security issues. Include automation and testing best practices.
EasyTechnical
39 practiced
Implement (or describe in clear Python pseudocode) a function verify_hmac(key: bytes, message: bytes, mac: bytes) that computes HMAC-SHA256 and compares it to mac in constant time. Do not rely on a black-box timing-safe comparison library in your explanation; show how you would avoid early-exit comparisons and explain why constant-time comparison matters.
HardTechnical
30 practiced
You are responsible for migrating a large financial institution to post-quantum-safe cryptography. Propose a high-level migration plan that includes inventory of cryptographic assets, prioritization (what to migrate first), hybrid deployments, testing and interoperability, vendor coordination, regulatory/compliance considerations, performance testing, and rollback strategies.
MediumTechnical
27 practiced
Perform a threat model for a client-side end-to-end encrypted (E2EE) messaging app. Specify the adversary capabilities (network attacker, compromised server, compromised client), assets, trust boundaries, and design decisions for key generation, storage, forward secrecy, message replay protection, and metadata minimization. State assumptions and how they affect design.

Unlock Full Question Bank

Get access to hundreds of Cryptography Background interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.