User Account

All Pages

Calculate the timing of password-guessing attacks

Assignment Help Basic Computer Science
Reference no: EM132636447

1. Calculate the timing of password-guessing attacks:

a. If passwords are three uppercase alphabetic characters long, how much time would it take to determine a particular password, assuming that testing an individual password requires 5 seconds? How much time if testing requires 0.001 seconds?

b. Argue for a particular amount of time as the starting point for "secure." That is, suppose an attacker plans to use a brute-force attack to determine a password. For what value of x (the total amount of time to try as many passwords as necessary) would the attacker find this attack prohibitively long?

c. If the cutoff between "insecure" and "secure" were x amount of time, how long would a secure password have to be? State and justify your assumptions regarding the character set from which the password is selected and the amount of time required to test a single password.

2. Describe each of the following four kinds of access control mechanisms in terms of (a) ease of determining authorized access during execution, (b) ease of adding access for a new subject, (c) ease of deleting access by a subject, and (d) ease of creating a new object to which all subjects by default have access.

• per-subject access control list (that is, one list for each subject tells all the objects to which that subject has access)

• per-object access control list (that is, one list for each object tells all the subjects who have access to that object)

• access control matrix

• capability

3. Design a protocol by which two mutually suspicious parties can authenticate each other. Your protocol should be usable the first time these parties try to authenticate each other.

4. List three reasons people might be reluctant to use biometrics for authentication. Can you think of ways to counter those objections?

5. If you forget your password for a website and you click [Forgot my password], sometimes the company sends you a new password by email but sometimes it sends you your old password by email. Compare these two cases in terms of vulnerability of the website owner.

6. Defeating authentication follows the method-opportunity-motive paradigm described in Chapter 1. Discuss how these three factors apply to an attack on authentication.

7. Suggest a source of some very long unpredictable numbers. Your source must be something that both the sender and receiver can readily access but that is not obvious to outsiders and not transmitted directly from sender to receiver.

8. Humans are said to be the weakest link in any security system. Give an example for each of the following:

a. a situation in which human failure could lead to a compromise of encrypted data

b. a situation in which human failure could lead to a compromise of identification and authentication

c. a situation in which human failure could lead to a compromise of access control.

9. Explain why hash collisions occur. That is, why must there always be two different plaintexts that have the same hash value?

10. What property of a hash function means that collisions are not a security problem? That is, why can an attacker not capitalize on collisions and change the underlying plaintext to another form whose value collides with the hash value of the original plaintext?

Reference no: EM132636447

Questions Cloud

Find the cost that should be assigned to Alpha : Material costs for the month of October were $27,000 and conversion costs were $46,800. Find the cost that should be assigned to Alpha
Describing potential computer security problem : You have recently had experience with and prepare and attach a PowerPoint presentation describing a potential computer security problem related to that system.
Write letter to the IRS regarding their notice : The amount of the payment was $5,400, it was paid on 1/31/16, Please prepare the letter you would write to IRS regarding their notice #24587697 dated 3/14/16
Distinguish between vulnerability-threat and control : Distinguish between vulnerability, threat, and control. List at least three kinds of damage a company could suffer when the integrity of a program
Calculate the timing of password-guessing attacks : Calculate the timing of password-guessing attacks. Design a protocol by which two mutually suspicious parties can authenticate each other.
Mapping business challenges to types of control : Mapping Business Challenges to Types of Control. Identify mitigation techniques for weaknesses of each of the access controls.
Benefits of having web-based access to cloud storage area : Most users today manage their content on a variety of devices. discuss the benefits of having web-based access to a cloud storage area.
Designing data communications network : How can a network designer determine if they are important, and how are they taken into account when designing a data communications network?
Emerging Threats-Identify the conclusions of the authors : What did the authors investigate, and in general how did they do so? Summarize the overall article. Identify the conclusions of the authors

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd