Cryptography and Encryption Fundamentals Questions

Comprehensive understanding of modern cryptography and encryption principles used to build secure systems. Candidates should be able to explain the differences between symmetric and asymmetric encryption, appropriate use cases for each, and common algorithms by full name such as Advanced Encryption Standard and Data Encryption Standard for symmetric ciphers and Rivest Shamir Adleman and elliptic curve based algorithms such as Elliptic Curve Digital Signature Algorithm and Elliptic Curve Diffie Hellman for public key operations. Describe hybrid encryption patterns in which asymmetric cryptography is used to protect a symmetric session key, and discuss block cipher modes of operation including cipher block chaining and authenticated encryption modes such as Galois Counter Mode, as well as the role of initialization vectors and nonces. Cover hash functions and integrity checks with properties such as collision resistance and preimage resistance, message authentication codes, authenticated encryption, and digital signatures for authentication and nonrepudiation. Include high level Public Key Infrastructure concepts including certificates and certificate authorities and how certificates are used to establish trust, together with foundational Transport Layer Security and Secure Sockets Layer principles without requiring deep certificate lifecycle management knowledge. Emphasize key management and operational concerns including secure key generation, secure storage, rotation and compromise handling, randomness and entropy sources, recommended key lengths and algorithm lifecycle considerations, and performance and scalability trade offs. Be prepared to discuss common implementation pitfalls and failures such as weak key sizes, poor random number generation, improper key reuse, and lack of authenticated encryption, plus threat models and practical applications including encrypting data at rest and in transit, secure channels, and signing and verification. Avoid deep mathematical proofs unless specifically requested, but be ready to reason about practical trade offs, algorithm selection, and secure implementation patterns.

MediumTechnical

57 practiced

Outline an approach to formally test whether an application's use of cryptography is correct: include test cases for IV/nonce uniqueness, key lifecycle (generation/storage/rotation), authenticated encryption verification, and integration tests to ensure correct protocol flows (e.g., TLS handshake). What automated checks would you include in CI/CD?

HardTechnical

62 practiced

You need to migrate on-prem TLS termination using RSA keys to a cloud provider that supports BYOK (bring-your-own-key) via KMS import. Describe step-by-step how to securely export/import keys (format conversion, secure transport), apply appropriate key protection policies in the cloud, manage rotation without downtime, and verify cryptographic equivalence post-migration.

MediumTechnical

70 practiced

Explain the differences between collision resistance, preimage resistance, and second-preimage resistance in hash functions. Provide practical attack complexity estimates for MD5, SHA-1, and SHA-256, and state at what point you would mandate deprecation of a hashing algorithm within an organization.

EasyTechnical

51 practiced

Provide a high-level explanation of TLS (Transport Layer Security) handshake steps and which cryptographic primitives are used at each stage (certificates, asymmetric key exchange, symmetric session keys, MAC/AEAD). Also outline what properties TLS aims to guarantee (confidentiality, integrity, authenticity) and a common failure scenario.

MediumTechnical

101 practiced

A third-party library you rely on offers both RSA-OAEP and RSAES-PKCS1-v1_5 key-wrapping options. Explain the difference and why RSA-OAEP is preferred for wrapping symmetric keys. Describe any compatibility, padding oracle, or interoperability concerns you should consider in an enterprise integration.

Unlock Full Question Bank

Get access to hundreds of Cryptography and Encryption Fundamentals interview questions and detailed answers.

Join thousands of developers preparing for their dream job.