1. Suppose that as part of Bob’s early (unsuccessful) experiment with cloud based surveys, the authentication system allows the user to attempt 100 passwords per second, but the system locks when the authentication system has been open for 10 seconds, and the user must wait for a 5 second lockout period to resume attempting authentication. The password Bob used is 4 digits in length, only digits 0 - 9 allowed. 2. (a) Calculate the total amount of time required for the attacker to guarantee to guess the password, including delays and actual guessing time (b) Bob eventually adjusted his authentication system to make it more difficult using hashing and other techniques, but then he realized that Malice has been capturing the hashed passwords sent from his laptop to the cloud server for authentication, to try to replay the hashes. i. Explain which basic external attacks Bob’s authentication system is vulnerable to and ... ii. how you will improve the system.
1. Suppose that as part of Bob’s early (unsuccessful) experiment with cloud based surveys, the authentication system allows the user to attempt 100 passwords per second, but the system locks when the authentication system has been open for 10 seconds, and the user must wait for a 5 second lockout period to resume attempting authentication. The password Bob used is 4 digits in length, only digits 0 - 9 allowed.
2. (a) Calculate the total amount of time required for the attacker to guarantee to guess the password, including delays and actual guessing time (b) Bob eventually adjusted his authentication system to make it more difficult using hashing and other techniques, but then he realized that Malice has been capturing the hashed passwords sent from his laptop to the cloud server for authentication, to try to replay the hashes.
i. Explain which basic external attacks Bob’s authentication system is vulnerable to and ...
ii. how you will improve the system.
Trending now
This is a popular solution!
Step by step
Solved in 2 steps