Write pseudocode for the password guessing algorithm, Computer Network Security

Write Pseudocode for the password guessing algorithm:

Consider the following authentication protocol:

Client

Transmission

Host

Explanation

U, user

U à

 

I am user U

 

ß {n, DES, SHA-1}

n, random challenge, DES, SHA-1

- I have SHA_1(P(U)), where P(U) is password of user U

 

- Here is a random challenge n, please use DES and SHA-1 to generate a response

r=DES(n, SHA-1(P))

U, rà

 

Response r is the encryption of the hash of the password P of user U using key n, DES for encryption, and SHA-1 for hashing.

 

 

ß yes/no

Compare: DES-1(n, r) to SHA_1(P(U))

Can the password of user U be obtained by using an offline password guessing attack? If your answer is yes, describe the attack and write pseudocode for the password guessing algorithm.  If your answer is no, describe why the protocol is resistant to an offline guessing attack.

2) Using RSA, perform an encryption then a decryption of the message M=5 using p=3, q=11, and e=7. (please add explanation, Show all your work, not just the final answer.)

3) You are the designer of a password security policy that requires passwords to expire once they have a probability of 0.001 of being guessed.  A potential attacker can test 1,000,000 passwords per second. If you chose passwords to be alphanumeric ("A" through "Z", "a" through "z", and "0" through "9"), what would you have to set the maximum lifetime of a password to in order to meet the required guessing probability (represent in days)?Assume the password size is 9 characters.

Posted Date: 2/15/2013 2:20:40 AM | Location : United States







Related Discussions:- Write pseudocode for the password guessing algorithm, Assignment Help, Ask Question on Write pseudocode for the password guessing algorithm, Get Answer, Expert's Help, Write pseudocode for the password guessing algorithm Discussions

Write discussion on Write pseudocode for the password guessing algorithm
Your posts are moderated
Related Questions
Question: a. State briefly three reasons why computer networks are used? b. Differentiate between simplex, half-duplex and full-duplex mode of transmission. c. State any

Public Key Infrastructure (PKI) It is integrated system of software, encryption methodologies, protocols, legal agreements, and 3rd-party services enabling users to communicate

QUESTION (a) Consider the following authentication options A. Using password B. Using pin and fingerprint Which option A or B provides stronger security and why? (b

Describe the process a proposed standard goes through to become an RFC

Ask You have been asked by a new client to assist in setting up a new computer for her coffee shop. She has just purchased the newest Apple computer from an online site. Should wou

define .

Consider the details of the X.509 certificate shown below. a. Identify the key elements in this certificate, including the owner''s name and public key, its validity dates, the nam

CYCLIC REDUNDANCY CHECK (CRC) To activate a network system to check move error without increasing the amount of information in every packet another most successful method is m

Proof that the sender forwards the message. It also prohibits the author of the code from falsely denying that he forward the message. This is achieved by record using the exact ti

Problem: (a) Assume that a new application layer protocol is developed for video conferencing application. Which transport layer protocol, between TCP and UDP, will you u