Suppose a user employs one-time passwords as above (or, for that matter, reusable passwords), but that the password is transmitted sufficiently slowly. (a) Show that an eavesdropper can gain access to the remote server with a relatively modest number of guesses. (Hint: The eavesdropper starts guessing after the original user has typed all but one character of the password.) (b) To what other attacks might a user of one-time passwords be subject?

Suppose a user employs one-time passwords as above (or, for that matter, reusable passwords), but that the password is transmitted sufficiently slowly. (a) Show that an eavesdropper can gain access to the remote server with a relatively modest number of guesses. (Hint: The eavesdropper starts guessing after the original user has typed all but one character of the password.) (b) To what other attacks might a user of one-time passwords be subject?

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

Give an example of a method for detecting each other on a network: (a) Network sniffing is a kind of network reconnaissance. (a) Wiretapping is a kind of surveillance.
An adversary makes use of a MAC in an effort to modify both the Tag (the ciphertext) and the MAC (message authentication code). What are some of the possible outcomes if I performed this? In the event that this attack is successful, the receiver will always be capable to recognising a changed Tag or ciphertext.
What happens if an attacker changes the Tag (MAC) and ciphertext of a message in transit? Explain why this attack fails because the recipient can always tell whether the Tag or ciphertext has been tampered with.
Is it feasible to modify the Tag (the MAC) and the ciphertext using a MAC (message authentication code) while they are in transit? In this attack, the receiver can always recognize a modified Tag/ciphertext; thus, explain why it cannot succeed.
What happens if an attacker tries to tamper with the Tag (the MAC) and the ciphertext while they are in transit when a message authentication code (MAC) is being used? Give an explanation as to why this attack can never be successful, given that the ability of the target to identify a tampered Tag/ciphertext ensures that it will succeed every time.
What happens when a MAC (message authentication code) is utilised and an attacker tries to tamper with the Tag (the MAC) and the ciphertext while it is in transit? Explain why this attack can never succeed since the target's ability to identify a modified Tag/ciphertext ensures success.
What happens if an attacker attempts to alter the Tag (the MAC) and ciphertext while the message is in transit? What happens? Let us know how and why this attack will fail; that is, we must show how and why this receiver will always recognize that the tag has been changed.
Is it possible for a threat actor to change both the encrypted data and the tag, which contains the MAC? Because the receiver can always determine if the Tag or ciphertext has been tampered with, this attack is fruitless.
When a MAC (message authentication code) is used, what happens if an attacker attempts to tamper with the Tag (the MAC) and the ciphertext while in transit? Provide an explanation for why this attack can never succeed since the target's ability to detect a tampered Tag/ciphertext guarantees success.
Give some examples of the many means through which a session may be taken over by an attacker. The question is how one would protect oneself against such an attack.
What happens if an attacker attempts to alter the Tag (the MAC) and ciphertext while the message is in transit? What happens? Let us know how and why this attack will fail; that is, we must show how and why this receiver will always recognize that the tag has been changed.
What happens if an attacker changes the Tag (MAC) and ciphertext of a message in transit? Explain why this attack fails because the recipient can always tell whether the Tag or ciphertext has been tampered with.