Write pseudocode for the password guessing algorithm, Computer Network Security

Assignment Help:

Write Pseudocode for the password guessing algorithm:

Consider the following authentication protocol:

Client

Transmission

Host

Explanation

U, user

U à

 

I am user U

 

ß {n, DES, SHA-1}

n, random challenge, DES, SHA-1

- I have SHA_1(P(U)), where P(U) is password of user U

 

- Here is a random challenge n, please use DES and SHA-1 to generate a response

r=DES(n, SHA-1(P))

U, rà

 

Response r is the encryption of the hash of the password P of user U using key n, DES for encryption, and SHA-1 for hashing.

 

 

ß yes/no

Compare: DES-1(n, r) to SHA_1(P(U))

Can the password of user U be obtained by using an offline password guessing attack? If your answer is yes, describe the attack and write pseudocode for the password guessing algorithm.  If your answer is no, describe why the protocol is resistant to an offline guessing attack.

2) Using RSA, perform an encryption then a decryption of the message M=5 using p=3, q=11, and e=7. (please add explanation, Show all your work, not just the final answer.)

3) You are the designer of a password security policy that requires passwords to expire once they have a probability of 0.001 of being guessed.  A potential attacker can test 1,000,000 passwords per second. If you chose passwords to be alphanumeric ("A" through "Z", "a" through "z", and "0" through "9"), what would you have to set the maximum lifetime of a password to in order to meet the required guessing probability (represent in days)?Assume the password size is 9 characters.


Related Discussions:- Write pseudocode for the password guessing algorithm

What do you understand by the concept web of trust, Question: a) Name ...

Question: a) Name a method to allow a person to send a confidential email to another person, without risks of a third-party reading the email. Describe briefly the operations

Risk management discussion points, Risk Management Discussion Points Org...

Risk Management Discussion Points Organizations should define level of risk it can live with Risk appetite: it defines quantity and nature of risk which organizations are wil

Pgp encryption, Produce a short report of your experiences in installing an...

Produce a short report of your experiences in installing and using PGP. The report should be written in the form of a journal that contains at least the following items: A de

Risk control strategies-, Risk Control Strategies Once the ranked vulner...

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •Apply safeguards which

Systems development life cycle security-information security, The Role of t...

The Role of the Investigation The first phase, investigation is the most significant. What problem is the system being developed to solve? During investigation phase, objectives

Discuss five alternative testing techniques, QUESTION Testing of a Busi...

QUESTION Testing of a Business Continuity Plan (BCP) does not need to be costly or to interrupt the daily operations of the business. The result of the test should also be look

Network security, Network security has become much more complex than ever b...

Network security has become much more complex than ever before. New types and sources of network security threats, always-on high-speed Internet connections, wireless networking, a

Spambot detection - spam mail, Spambot Detection: The  previous studie...

Spambot Detection: The  previous studies in this field  have focused on content and meta-content based features.  The main assumption in this area of spam detection of late is

Ip datagram, IP DATAGRAM Various options can be included to IP header,...

IP DATAGRAM Various options can be included to IP header, e.g., source route, record route and timestamp. Header with no function has H. LEN field value 5; data starts immedia

Develop firewall rules based on a fictitious organisation, Question requir...

Question requires you to develop firewall rules based on a fictitious organisation. Scenario: You work for a security-conscious company, xC-Cure, who develop encryption te

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd