Write pseudocode for the password guessing algorithm, Computer Network Security

Write Pseudocode for the password guessing algorithm:

Consider the following authentication protocol:

Client

Transmission

Host

Explanation

U, user

U à

 

I am user U

 

ß {n, DES, SHA-1}

n, random challenge, DES, SHA-1

- I have SHA_1(P(U)), where P(U) is password of user U

 

- Here is a random challenge n, please use DES and SHA-1 to generate a response

r=DES(n, SHA-1(P))

U, rà

 

Response r is the encryption of the hash of the password P of user U using key n, DES for encryption, and SHA-1 for hashing.

 

 

ß yes/no

Compare: DES-1(n, r) to SHA_1(P(U))

Can the password of user U be obtained by using an offline password guessing attack? If your answer is yes, describe the attack and write pseudocode for the password guessing algorithm.  If your answer is no, describe why the protocol is resistant to an offline guessing attack.

2) Using RSA, perform an encryption then a decryption of the message M=5 using p=3, q=11, and e=7. (please add explanation, Show all your work, not just the final answer.)

3) You are the designer of a password security policy that requires passwords to expire once they have a probability of 0.001 of being guessed.  A potential attacker can test 1,000,000 passwords per second. If you chose passwords to be alphanumeric ("A" through "Z", "a" through "z", and "0" through "9"), what would you have to set the maximum lifetime of a password to in order to meet the required guessing probability (represent in days)?Assume the password size is 9 characters.

Posted Date: 2/15/2013 2:20:40 AM | Location : United States







Related Discussions:- Write pseudocode for the password guessing algorithm, Assignment Help, Ask Question on Write pseudocode for the password guessing algorithm, Get Answer, Expert's Help, Write pseudocode for the password guessing algorithm Discussions

Write discussion on Write pseudocode for the password guessing algorithm
Your posts are moderated
Related Questions
Question: (a) Your office administrator is being trained to take server backups. Which authorization model could be ideal for this situation: MAC, DAC or RBAC? Justify your a

QUESTION (a) Briefly explain the contents of the Needs Analysis, which is step in the process of network design. (b) Describe on the three ways of improving the performan

Problem (a) Describe RSA algorithm with an example. (b) Answer the following RSA encryption, given the values of the primes are: p = 17, q = 11 and choosing e = 7. (c)

ASSET IDENTIFICATION AND VALUATION This process begins with identification of assets that includes all elements of an organization’s system (people, procedures, data and informa

CRC can detect the following errors better than check sums. a) Vertical errors b) Burst errors a) VERTICAL ERRORS:  This kind of error happens due to a hardware fai

crack the secret message and explain how the code works. The clue is that it has something to do with the computer keyboard. J-Q-H-6 Q-E-F-Q-H-D-3-W 8-H 5-Y-3 7-W-3 9-R--D-9-J

Question (a) A CRC is constructed to generate a 4-bit FCS for an 11-bit message. The divisor polynomial is X 4 + X 3 + 1 (i) Encode the data bit sequence 00111011001 using po

IDS Deployment Overview The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should s

(a) Describe DES encryption with a block diagram and brief steps. (b) How does triple DES improve security. What is the effective key length of triple DES? How can 3DES be compa

a. PKI and PGP are two methods for generating and managing public keys for use in protocols such as secure email. Compare and contrast the trust models for public keys used in PKI