InterviewStack.io LogoInterviewStack.io

Protocol Security Verification Questions

Learn to analyze cryptographic protocols for correctness: trace through message flows, verify each step accomplishes its goal, check that participants end with correct shared secrets, ensure authentication properties hold. Understand common protocol flaws: missing authentication, improper key derivation, incorrect ordering of operations. Be able to explain protocol logic: why must key exchange happen before encrypted communication, why do we need nonces, why does one-way functions matter for passwords.

HardTechnical
46 practiced
Case study: The Needham–Schroeder public-key protocol was shown to be vulnerable by Lowe's attack. Explain the Lowe attack trace in detail, show why BAN logic and early informal analyses failed to catch it, and describe Lowe's proposed fix. Finally, explain how modern formal tools (e.g., ProVerif, Tamarin) would detect the flaw and what intruder model they use.
MediumTechnical
56 practiced
How would you check that a protocol correctly separates keys for encryption and MAC to avoid key reuse? Describe both specification-level checks (what the spec must state) and implementation-level tests (unit tests, key derivation checks, runtime assertions) you would run.
EasyTechnical
50 practiced
Explain why a key-exchange must typically complete before sensitive encrypted communication begins. Provide two concrete failure modes that can occur if a party starts sending encrypted sensitive data before the key exchange has been authenticated or completed.
EasyBehavioral
46 practiced
Tell me about a time you discovered a protocol-level vulnerability or bug in a cryptographic implementation. Use the STAR method (Situation, Task, Action, Result). Focus on how you traced message flows, reproduced the issue, and validated the exploit's impact.
EasyTechnical
46 practiced
A protocol designer uses K1 = H(shared_secret || 1) and K2 = H(shared_secret || 2) as two separate keys for encryption and MAC. What checks would you perform to ensure this KDF usage is secure? Mention domain separation, output length, PRF assumptions, and how truncation affects security.

Unlock Full Question Bank

Get access to hundreds of Protocol Security Verification interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.