Suppose that passwords are stored as follows, where there are 128 possible choices for each character: If a password exceeds 16 characters, it is truncated to 16 characters. If à password is less than...


Suppose that passwords are stored as follows, where there are 128 possible choices for each character: If a password exceeds 16 characters, it is truncated to 16 characters. If à password is less than 16 characters, it is padded with "A" until it is exactly 16 characters. The resulting 16- character password is split into two parts, Xo
and X1, where XQ consists of the first six characters and X\ consists of the last 10 characters. The password is hashed as lo = h(Xo,So) and Y1
= h(Xi,Si), where So and Si are each 64-bit salt values. The values (Yo,So) and (Y\,Si) are stored for use in password verification


a. Precisely how are (YO,S0) and (Yi,S\) used to verify an entered password?


b. What is the expected work for an exhaustive search to recover one particular password (for example, the administrator's password)?


c. How would you attack a password in a way that could provide a significant shortcut over an exhaustive search or a standard dictionary attack? Explain.



Dec 10, 2021
SOLUTION.PDF

Get Answer To This Question

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here