InterviewStack.io LogoInterviewStack.io

Hash Functions and Digital Signatures Questions

Combines the relationship between cryptographic hashing and digital signature schemes and covers authentication and non repudiation. Candidates should understand how hashing is used together with signing to produce compact and secure signatures, and why message hashing is required before signing. Topics include signature algorithms and their security properties, for example RSA with Probabilistic Signature Scheme, elliptical curve signatures such as ECDSA and EdDSA, and differences in randomness and determinism across schemes. Understand verification workflows, signature malleability issues, replay and forgery attacks, use cases for authentication and non repudiation, and migration away from deprecated primitives. Candidates should also be able to explain practical considerations such as proper padding, deterministic versus randomized signatures, key management basics, and common pitfalls when implementing signing and verification in protocols.

EasyTechnical
64 practiced
What is signature malleability? Give a concrete explanation and show how an ECDSA signature (r, s) can be transformed into another valid signature for the same message (for example by mapping s to n - s). Explain why malleability matters for systems like blockchains, multi-signature protocols, or transaction identifiers.
EasyTechnical
59 practiced
Why are deterministic signatures like those produced under RFC 6979 used? Describe the advantages (eliminating RNG dependency, reproducibility for testing) and disadvantages (predictability across identical messages, possible correlation with key leakage) and how deterministic methods relate to side-channel resistance.
HardTechnical
55 practiced
Compare signature malleability across these schemes: RSA-PSS, RSA PKCS#1 v1.5, ECDSA, EdDSA, Schnorr, and BLS. For each scheme state whether malleability exists, give a concise example or rationale (e.g., s -> n-s for ECDSA), and explain how malleability impacts higher-level protocols like blockchain transactions, TLS handshakes, or certificate transparency logs.
HardTechnical
63 practiced
You have access to an ECDSA signing oracle that leaks one bit of information about each ephemeral nonce k (for example, whether k is even or odd). Design an attack to recover the signer’s private key. Describe the math behind your approach, estimate sample complexity (number of signatures needed), and explain practical obstacles and countermeasures.
EasyTechnical
61 practiced
Define and distinguish the three standard security properties of cryptographic hash functions: preimage resistance, second-preimage resistance, and collision resistance. For each property, give a concrete example of how a failure of that property could break a digital signature scheme or a MAC in a real system.

Unlock Full Question Bank

Get access to hundreds of Hash Functions and Digital Signatures interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.