10 Encryption and Decryption interview Q&As

Q1. What do you understand by the terms encryption and decryption?
A1. Encryption is the process of converting clear data (e.g. database password, credit card number, etc) to incomprehensible cyberyext like “š£”Œz_fÓe©ˆ»[” by applying mathematical transformations. These transformations are known as encryption algorithms and require an encryption key.

Decryption is the reverse process of getting back the original data from the cipher-text like “š£”Œz_fÓe©ˆ»[” using a decryption key. The encryption key and the decryption key could be the same as in symmetric or secret key cryptography, or different as in asymmetric or public key cryptography.

Q2. How will you make the above encrypted String more readable?
A2. If you want to put the encrypted password on a .properties file, it should be more readable and typable. You can encode it using

In Java 6 & 7: import javax.xml.bind.DatatypeConverter;

Encrypting and encoding:

Decoding & Decrypting:

Q3. What do you understand by the term cryptographic salt?
A3. A salt is added to make a common password uncommon. A salt can be stored separately in clear in the code, file system, or a database table.

Q4. What are the different encryption algorithms?
A4. AES (Advanced Encryption Standard), DES, Triple DES, etc. Here is a sample code using DEC algorithm with a SALT in Java.

Q5. What is the Public Key Encryption?
A5. Public key encryption make use of public and private key pairs for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

For example, PGP encryption, which stands for Pretty Good Privacy where “public key” is used for encryption & a “private key” is used for decryption as depicted below:

source: https://www.varonis.com/blog/pgp-encryption/

PGP encryption is used for sending & receiving encrypted emails, files stored in your devices or cloud and for verifying the id of a sender who sent you a message.

Q6. How does SFTP encrypts files in motion?
A6. SFTP encrypts files by working over the SSH data stream to establish a secure connection and provide organisations with an increased level of file transfer protection due to its encryption capabilities. SSH public/private key pairs are generated and the “public key” is shared with the receiver of the file(s). The sender needs to keep the “private key“. The sender (i.e. SFTP client) encrypts the file(s) with a private key, and the receiver (i.e. SFTP server) decrypts the file with the public key. Note: The file(s) will be encrypted only whilst in motion and NOT at rest.

source: https://medium.com/@ExaVault/what-is-sftp-the-smart-business-file-transfer-solution-3763174503c0

Q7. What is a digital signature?
A7. The digital equivalent of a handwritten signature or stamped seal. A digital signature is an attachment to an electronic message used for a security purpose. It is used to verify the authenticity of the sender and to solve the problem of data tampering.

Digital signatures are based on public key cryptography where one can generate two keys that are mathematically linked: one private and one public. A digital signature can be used with any kind of message — whether it is encrypted or not.

Q8. What is the advantage of public key encryption over secret-key encryption?
A8. In a public key encryption the private key is not required to be transmitted in contrast to the secret key encryption where the secret key must be transmitted. Transmitting keys has a risk of being intercepted and stolen.

Q9. What is the key difference between digital certificates and digital signatures?
A9. Digital certificates ensure that only systems or persons with the private key can decrypt and read the messages or text. Anyone can encrypt with the public key, but need the private key to decrypt. With the digital signatures only systems or people with the private key can encrypt, and anyone (i.e. with the public key) can decrypt. A digital certificate is used to validate the trustworthiness of a site whereas a digital signature is used to ensure that the data is not tampered with.

The digital signatures use “one way” hashing algorithms, which means that it’s nearly impossible to derive the original text from the string.

Q10. Why is it recommended to use a 14 character SALT to hashing algorithms like MD5 or SHA256?
A10. In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase.

Adding random data (i.e. SALT) to the input of a hash function to guarantee a unique output, the hash, even when the inputs are the same. Consequently, the unique hash produced by adding the salt can protect you against different attacks such as rainbow table attacks, whilst slowing down dictionary and brute-force attacks.

Categories Menu - Q&As, FAQs & Tutorials