Write pseudocode for the password guessing algorithm, Computer Network Security

Assignment Help:

Write Pseudocode for the password guessing algorithm:

Consider the following authentication protocol:

Client

Transmission

Host

Explanation

U, user

U à

 

I am user U

 

ß {n, DES, SHA-1}

n, random challenge, DES, SHA-1

- I have SHA_1(P(U)), where P(U) is password of user U

 

- Here is a random challenge n, please use DES and SHA-1 to generate a response

r=DES(n, SHA-1(P))

U, rà

 

Response r is the encryption of the hash of the password P of user U using key n, DES for encryption, and SHA-1 for hashing.

 

 

ß yes/no

Compare: DES-1(n, r) to SHA_1(P(U))

Can the password of user U be obtained by using an offline password guessing attack? If your answer is yes, describe the attack and write pseudocode for the password guessing algorithm.  If your answer is no, describe why the protocol is resistant to an offline guessing attack.

2) Using RSA, perform an encryption then a decryption of the message M=5 using p=3, q=11, and e=7. (please add explanation, Show all your work, not just the final answer.)

3) You are the designer of a password security policy that requires passwords to expire once they have a probability of 0.001 of being guessed.  A potential attacker can test 1,000,000 passwords per second. If you chose passwords to be alphanumeric ("A" through "Z", "a" through "z", and "0" through "9"), what would you have to set the maximum lifetime of a password to in order to meet the required guessing probability (represent in days)?Assume the password size is 9 characters.


Related Discussions:- Write pseudocode for the password guessing algorithm

Explain symmetric and asymmetric encryption system, Question 1: (a) Dif...

Question 1: (a) Differentiate between symmetric and asymmetric encryption system. (b) Describe how a digital signature is created. (c) Explain briefly what SSL (secure so

Internet protocol(ip), Internet Protocol IP Gives computer-to-comp...

Internet Protocol IP Gives computer-to-computer communication. Host and receiver addresses are computers. This is also known machine-to-machine communication.

Non-repudiation and auditing, Proof that the sender forwards the message. I...

Proof that the sender forwards the message. It also prohibits the author of the code from falsely denying that he forward the message. This is achieved by record using the exact ti

Describe what the term session hijacking means, An overall rise in mobility...

An overall rise in mobility, coupled with the falling cost of Wi-Fi equipment, has led to a proliferation of Wi-Fi hot spots in public areas to provide Internet accessibility. Thus

Risk identification-information security, Risk Identification Risk manag...

Risk Identification Risk management comprises of identifying, classifying and prioritizing organization’s information assets, threats and vulnerabilities also. Risk Identificati

Understanding a business model of a spammer, The first and foremost need of...

The first and foremost need of  any business is a role to perform for its client base, and for the spammer this will typically be the role of advertising products which, due to the

What are the ethical issues and implications, An injunction to 'think ethic...

An injunction to 'think ethically' about a situation is not helpful. Perhaps if one has a background in moral philosophy this would work, but usually both students and IT professio

Explain the encryption model or symmetric cipher model, With explain the en...

With explain the encryption model the help of diagram. Symmetric cipher model uses the secret-key or a single-key for encryption/decryption purposes. It employs a symmetric encr

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd