Techniques that combine cryptography and privacy engineering to enable secure computation and data protection. Core topics include homomorphic encryption for computing over encrypted data, secure multi party computation for collaborative computation without revealing inputs, differential privacy methods for statistical analysis with privacy guarantees, oblivious transfer and related secure protocol primitives, and zero knowledge proof systems for proving statements without revealing secrets. Coverage includes practical use cases, performance and scalability limitations, parameter and threat model selection, trade offs between privacy and utility, deployment challenges, and when to prefer one approach over another.
HardTechnical
0 practiced
You must recommend whether to use homomorphic encryption inference, a trusted enclave (SGX), or returning masked gradients for private predictions. Create a cost/latency/operational framework to compare options: estimate per-request latency, amortized hardware and development costs, compliance implications, and which approach is preferable for (a) low-latency consumer-facing predictions, (b) high-sensitivity regulated data, (c) high-throughput batch scoring.
MediumSystem Design
0 practiced
Compare the use of trusted execution environments (TEEs) such as Intel SGX versus fully cryptographic approaches (HE / MPC) for privacy-preserving ML. Cover threat models (hardware-based attacks, side-channels, supply chain), performance characteristics, developer complexity, attestation and key management requirements, and how compliance auditors view each approach.
MediumTechnical
0 practiced
You must deploy a predictive model that uses patient data across several hospitals where raw data cannot leave each site. Compare homomorphic encryption (HE), secure MPC, and differential privacy (DP) as candidate solutions. For each approach, describe the threat models it defends against, typical performance/latency expectations, impact on utility, and operational complexity. Recommend a single approach or hybrid strategy and justify your choice for healthcare.
MediumSystem Design
0 practiced
Design a production inference service that accepts encrypted inputs from clients and returns encrypted predictions using homomorphic encryption. Requirements: handle ~100k requests/day, average latency target ~100ms for small models (e.g., logistic regression), robust key management and revocation. Describe architecture components (client SDK, key lifecycle, batching, model preprocessing, activation approximations), scaling strategy, monitoring, and how to handle performance constraints of HE.
MediumTechnical
0 practiced
A production model protected by DP is suspected of leaking training membership information via a membership inference attack. An auditor suggests DP may have been misconfigured (wrong noise or missing clipping). Outline an incident response plan: triage steps to confirm the vulnerability, reproduce the attack in a safe environment, identify misconfigurations, mitigate immediate risk (e.g., rollback or model quarantine), communicate with stakeholders, and implement permanent fixes and monitoring.
Unlock Full Question Bank
Get access to hundreds of Privacy Preserving Cryptography interview questions and detailed answers.
