Write pseudocode for the password guessing algorithm, Computer Network Security

Write Pseudocode for the password guessing algorithm:

Consider the following authentication protocol:

Client

Transmission

Host

Explanation

U, user

U à

 

I am user U

 

ß {n, DES, SHA-1}

n, random challenge, DES, SHA-1

- I have SHA_1(P(U)), where P(U) is password of user U

 

- Here is a random challenge n, please use DES and SHA-1 to generate a response

r=DES(n, SHA-1(P))

U, rà

 

Response r is the encryption of the hash of the password P of user U using key n, DES for encryption, and SHA-1 for hashing.

 

 

ß yes/no

Compare: DES-1(n, r) to SHA_1(P(U))

Can the password of user U be obtained by using an offline password guessing attack? If your answer is yes, describe the attack and write pseudocode for the password guessing algorithm.  If your answer is no, describe why the protocol is resistant to an offline guessing attack.

2) Using RSA, perform an encryption then a decryption of the message M=5 using p=3, q=11, and e=7. (please add explanation, Show all your work, not just the final answer.)

3) You are the designer of a password security policy that requires passwords to expire once they have a probability of 0.001 of being guessed.  A potential attacker can test 1,000,000 passwords per second. If you chose passwords to be alphanumeric ("A" through "Z", "a" through "z", and "0" through "9"), what would you have to set the maximum lifetime of a password to in order to meet the required guessing probability (represent in days)?Assume the password size is 9 characters.

Posted Date: 2/15/2013 2:20:40 AM | Location : United States







Related Discussions:- Write pseudocode for the password guessing algorithm, Assignment Help, Ask Question on Write pseudocode for the password guessing algorithm, Get Answer, Expert's Help, Write pseudocode for the password guessing algorithm Discussions

Write discussion on Write pseudocode for the password guessing algorithm
Your posts are moderated
Related Questions
What is Authentication/confirmation?  How it is different from  the Authorization/approval?  Explain in brief different authentication protocols along with their merits and demerit

Question An organization is planning to connect its networks to the Internet. The network is located within a four story building. A web server supporting online sales is also

QUESTION (a) Define and distinguish between Electronic Commerce and Electronic Business (b) According to you what are the benefits that Electronic Commerce can brings to org

Encryption Key Size When using ciphers, the size of crypto variable or key is quite important as the strength of many encryption applications and cryptosystems were measured by

Question a) From the capture below: Give the datagram source IP address, upper layer protocol, Total length in decimal and header checksum in hexadecimal; the segment source po

Need Assignemnt help in Information security assignemnt

QUESTION a) Determine the RTT (round trip time) between a client requesting a web page of 1024 bytes in size from an internal web server on a 100 Base-T Ethernet. Consider a o

Question (a) For the bit stream 010011, show the waveforms for each of the code indicated. Consider that the signal level for NRZ-L for mark is positive; the signal level for t

Your rules should ensure that Internet access will be restricted to the following: Only the following services will be permitted as OUTBOUND traffic (to the Internet from the DM

Question: A regional police force has the following corporate objectives: ? to reduce crime and disorder; ? to promote community safety; ? to contribute to delivering just