InterviewStack.io LogoInterviewStack.io

Symmetric Cryptography Fundamentals Questions

Comprehensive coverage of symmetric encryption theory, algorithms, modes of operation, and secure implementation and usage patterns. Topics include block cipher and stream cipher design principles such as Feistel networks and substitution permutation networks and the design goals of confusion and diffusion. Candidates should know major algorithms including the Advanced Encryption Standard and legacy ciphers such as the Data Encryption Standard, as well as modern stream ciphers such as ChaCha20, and be able to reason about key size choices and security margins. Explain block cipher internals at a high level including key schedule and round function basics. Understand and compare modes of operation including electronic codebook, cipher block chaining, counter mode, cipher feedback, output feedback, and authenticated modes such as Galois counter mode and other Authenticated Encryption with Associated Data constructions. Explain security goals such as semantic security and indistinguishability under chosen plaintext attack, why naive modes fail, and the importance of authentication. Discuss composition strategies and differences between using a message authentication code then encryption versus using an authenticated encryption with associated data primitive, and best practices such as encrypt then authenticate where appropriate. Demonstrate correct handling of nonces and initialization vectors, consequences of nonce or initialization vector reuse, padding schemes and padding oracle vulnerabilities, and other common misuse patterns such as using electronic codebook. Cover performance and implementation trade offs including parallelizability and hardware acceleration, platform specific considerations, side channel risks such as timing attacks and power analysis, key management and rekeying strategies, and real world selection criteria and use cases such as transport protocols, disk encryption, and secure messaging.

MediumTechnical
42 practiced
List and explain software and hardware mitigation techniques against common side-channel attacks (timing attacks, cache attacks, power analysis) when implementing symmetric ciphers. For each technique explain deployment complexity, typical performance overhead, and residual risks.
HardTechnical
72 practiced
Technical: Evaluate performance and security trade-offs between using hardware-accelerated AES (AES-NI) and a software cipher like ChaCha20. Discuss throughput metrics (cycles/byte), microarchitectural side-channel risks, portability across platforms, and how to detect CPU support (e.g., CPUID) and safely select the optimal primitive at runtime without introducing security regressions.
HardTechnical
41 practiced
Problem-solving: You observe microsecond-level timing differences in an otherwise uniform decryption API that correlate with padding validation steps, effectively providing a timing-based padding oracle even though error messages are unified. Describe how an attacker could exploit this channel, how you would measure and confirm the oracle in noisy networks, and practical countermeasures both at the API boundary and inside the crypto library.
EasyTechnical
44 practiced
Explain the design goals of confusion and diffusion in symmetric block ciphers. Compare Feistel networks and substitution-permutation networks (SPNs) as high-level design paradigms: how each achieves confusion and diffusion, how invertibility is implemented, practical trade-offs (round-function complexity, implementation efficiency, parallelism), and give one real-world cipher example for each paradigm.
HardTechnical
38 practiced
Coding & analysis: Provide constant-time C-style pseudo-code for AES-CBC decryption that validates PKCS#7 padding and an accompanying MAC/tag without early returns that leak timing differences. Explain why naive early-return on padding failure or tag mismatch creates oracles and how your code avoids such leaks. You may assume helper functions aes_cbc_decrypt_block() and constant_time_compare().

Unlock Full Question Bank

Get access to hundreds of Symmetric Cryptography Fundamentals interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.