CS166 HW6
pdf
keyboard_arrow_up
School
San Jose City College *
*We aren’t endorsed by this school
Course
024
Subject
Information Systems
Date
Apr 3, 2024
Type
Pages
7
Uploaded by ElderFreedomDuck16
Assignment 6: Due Thursday, March 21
Chapter 6, problems 1, 3, 6, 7, 8, 9, 11,
19,
23, 26, 30.
1. As mentioned in this chapter, it is recommended to choose a passphrase consisting of
words (e.g., servenoterampartoriginal), and there is no need to include numbers, special
symbols, or change case. Previously, it was recommended to choose a password based
on a passphrase, such as FS&7Yago, which can be derived from the phrase “four score
and seven years ago.” used chatGPT
a) Suppose that Alice chooses her password so that it consists of four randomly selected words,
and suppose that Alice’s vocabulary is of size 215 . How many passwords must Trudy test to
conduct an exhaustive search for Alice’s password?
This is an example of case 1: work = (2^15)(2^15)(2^15)(2^15)/2 = 2^60/2 = 2^59
There are 4 words and the vocab size is 2^15. For an exhaustive search, expected
passwords are 2^59
b) Suppose that Bob chooses a password that consists of eight characters, including five
lower-case letters, one upper-case letter, one digit, and one special symbol. There are 10 digits,
26 uppercase, and 26 lowercase letters. Assuming there are 32 special symbols, how many
passwords must Trudy test to conduct an exhaustive search for Bob’s password?
(10^1 * 26^5 * 26 * 32) = 2^39/2 = 2^38
c) According to these numbers, which is better, Alice’s method of choosing a password or
Bob’s? Discuss other possible benefits of each of these methods of choosing passwords, as
compared to the other.
Alice’s method is probably safer but also likely harder to remember.
d) Currently, periodic password changes are generally not recommended. Why?
Frequent changes sometimes lead to weaker passwords because users might resort to
patterns. It can also cause passwords to be forgotten. Also, most tech nowadays relies
on 2FA rather than resorting to changing a password.
3. This problem deals with storing passwords in a file. Used chatGPT
a) Why is it a good idea to hash passwords that are stored in a file?
From the book:
“it will still only take a fraction of a second to hash one specific putative
password, which will yield no noticeable effect when verifying a password. Yet, when
Trudy attempts to crack passwords, she will typically need to compute large numbers of
hashes, and the time factor might grow to the point where it is infeasible to attack
reasonably well-chosen passwords.”
b) Why is it a much better idea to hash passwords that are stored in a file rather than to encrypt
the password file?
Hashing passwords is a much better idea than encrypting the password file. Encryption
involves converting data into a ciphertext using a cryptographic algorithm and a key.
However, encryption is reversible, meaning that if the encryption key is compromised, an
attacker can decrypt the entire file and obtain the passwords. Hashing, on the other
hand, is a one-way function, making it much more secure because it's computationally
infeasible to reverse the hash and obtain the original passwords, even if the hash
function is known
.
c) What is a “salt” and why should a salt be used whenever passwords are hashed?
A "salt" is a random value that is combined with a password before it is hashed. The salt
value ensures that even if two users have the same password, their hashed passwords
will be different. This prevents attackers from using precomputed tables (rainbow tables)
to quickly crack multiple hashed passwords simultaneously. Salting significantly
increases the computational effort required to crack hashed passwords, thus enhancing
the security of the stored passwords.
6. Research has shown that most people cannot accurately identify an individual from a
drivers license photo. For example, one study found that most people will accept an ID
with any photo that has a picture of a person of the same gender and race as the
presenter.
a) It has also been demonstrated that when photos are included on credit cards, the fraud rate
drops significantly. Explain this apparent contradiction.
It is likely because people are simply scared of this extra precaution involving the picture
and the fear leads them not to commit fraud when in reality, the chances of the picture
causing them to get caught is very small.
b) Your easily amused author frequents an amusement park that provides each season
passholder with a plastic card similar to a credit card. The park takes a photo of each season
passholder, but the photo does not appear on the card. Instead, when the card is presented for
admission to the park, the photo appears on a screen that is visible to the park attendant. Why
might this approach be better than putting a visible photo on the card?
This way, fraud will happen less since the intruder will know that the face of the real
person will more likely be checked by the admission assuming it gets displayed on the
screen as they walk in.
7. Suppose all passwords on a particular system are 8 characters and that each character
can be any one of 64 different choices. The passwords are hashed (with a salt) and
stored in a password file. Further, suppose Trudy has a password cracking program that
can test 64 passwords per second. In addition, Trudy has a dictionary of 2 30 common
passwords, and the probability that any given password is in her dictionary is 1/4. Finally,
the password file on this system contains 256 password hashes, and the corresponding
salt values. Used coursehero
a) How many different passwords are possible?
64^8 different combinations = 2^256
b) How long, on average, will it take Trudy to crack the administrator’s password?
(2^256/64 seconds)/2 on average.
c) What is the probability that at least one of the 256 passwords in the password file is in Trudy’s
dictionary?
1/4th
d) Assuming that Trudy would be happy to recover any one of the passwords in the password
file, what is her expected work?
2^30 * ¼ = 2^32/64
8. Let h be a secure cryptographic hash function. For this problem, a password consists
of a maximum of 14-characters and there are 32 possible choices for each character. If a
password is less than 14 characters, it’s padded with nulls until it is exactly 14
characters. Let P be the resulting 14 character password. Consider the following two
distinct password hashing schemes: used coursehero
i) The password P is split into two parts, with X equal to the first 7 characters and Y
equal to the last 7 characters. The password is stored as (h(X),h(Y )). No salt is used.
ii) The password is stored as h(P ). Again, no salt is used. Note that the method in
scheme i) was used in Windows to store the so-called LANMAN password.
a) Assuming a brute force attack, how much easier is it to crack the password if scheme i) is
used as compared with scheme ii)?
(i) would be ((h(7), h(7)) (ii) would be h(14).
Brute force attack, (i) would be a lot easier to crack, because it’s a much smaller hash function.
It’s like an algorithm that sorts things by dividing by 2 over and over again, except (ii) cannot be
divided since it is hashed, but (i) is divided and hashed, so exponentially less work.
b) If scheme i) is used, why might a 10-character password be less secure than a 7-character
password?
Because the password is split into halves. Perhaps a 10 character would be h(7),(3-4fill)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
and the 7 character would be h(7),(7-fill). I’m guessing the (7-fill) null character would
serve as a red herring for the cracker. The 10-character would just mean cracking both
and then applying, 7-character would mean cracking both and maybe being confused
because the second part has nothing you need, especially if you started on that part first
9. Many websites require users to register before they can access information or
services. Suppose that you register at such a website, but when you return later you’ve
forgotten your password. The website then asks you to enter your email address, which
you do. The website then sends you your original password via email. Used coursehero
a) Discuss several security concerns with this approach to dealing with forgotten passwords.
“Compromised email means someone can just get your password by saying you forgot
your password, would need security questions to stop this. Also, by sending original
password in text, if intercepted or broken into, they have your password, that easy. That’s
why there’s usually password reset links, etc. Safer.”
b) The correct way to deal with passwords is to store salted hashes of passwords. Does this
website use the correct approach? Explain.
“Nope. If they stored salted hashes of your password, they wouldn’t have your password
on the database, just a salted hash to compare to, that’s why, usually, when you forget
your password, you a password reset link and not your actual password from before.”
11. Consider the smartphone based authentication protocol in Figure 6.5.
a) If R is repeated, is the protocol secure?
No, because Alice might be watching the communications. The whol point of R is that it’s
a random number that changes and is different at all times.
b) If R is predictable, is the protocol secure?
No, because Alice might be watching the communications and may be able to predict R.
The whole point of R is that it’s a random number that changes and is different at all
times.
19. Ashley Madison is an online dating service for people seeking extramarital
affairs—their motto is “Life is short. Have an affair.” 14 In the summer of 2015, a hacking
group known as “The Impact Team” released files that it claimed included all Ashley
Madison customer data as well as a trove of the CEO’s email messages.15 One of the
files included approximately 36 million hashed passwords. These passwords were each
hashed, with a salt, using bcrypt, which is a hash function based on the Blowfish block
cipher. The bcrypt hash includes a “cost” parameter, and each hash uses 2cost rounds
of a modified form of the Blowfish key schedule algorithm. For the Ashley Madison
passwords, cost = 12, so the time required to crack passwords should be about 4096
times greater, as compared to an optimized version of the hash. Answer the questions in
parts a) through c) based on the information in the article [48]. Used chatgpt
a) For the particular hardware configuration discussed in the article, how many Ashley Madison
passwords (i.e., bcrypt hashes with cost = 12) could be tested per second? With the same
hardware, how many MD5 hashes could be tested per second?
The article states that with the particular hardware configuration discussed,
approximately 100 hashes per second could be tested for bcrypt with cost = 12. For MD5
hashes, the article does not provide a specific number, but it does mention that MD5
hashes are significantly faster to compute compared to bcrypt. For context, on modern
hardware, MD5 hashes can typically be computed in the range of millions to billions per
second, depending on the specific hardware and optimization techniques used.
b) Within a few days of the release of the Ashley Madison password files, about 4000
passwords were cracked. Using the numbers from part a), and assuming the same rate of
success, how many passwords could have been cracked in this same amount of time, assuming
that MD5 (with salting) had been used instead of bcrypt? The article also states that if MD5 had
been used, it would have taken “only” 3.7 years to crack all of the passwords. Explain any
discrepancy between this number and your estimate.
With the given rate of success, assuming the same hardware configuration, and
considering the much faster computation speed of MD5 hashes compared to bcrypt, it's
reasonable to estimate that significantly more passwords could have been cracked in the
same amount of time if MD5 had been used instead of bcrypt. However, the actual
number would depend on the specific rate of computation for MD5 hashes on the
hardware in question, which is not provided in the article. The discrepancy between the
estimated number and the actual number of cracked passwords likely arises from the
fact that MD5 hashes can be computed much faster than bcrypt hashes, leading to a
higher rate of successful cracking.
The statement that it would have taken "only" 3.7 years to crack all passwords with MD5
refers to a theoretical scenario assuming ideal conditions and constant computation
speed. In reality, the actual time required could be significantly longer or shorter
depending on various factors such as hardware capabilities, optimization techniques,
and the difficulty of the passwords themselves.
c) The article also claims that it would have taken 116,958 years to crack all 36 million Ashley
Madison passwords. As mentioned above, the article claims that if MD5 had been used, it would
have taken only 3.7 years. This implies a ratio of 116,958/3.7 = 31,610, that is, the bcrypt hash
is 31,610 times slower to test on this specific hardware. Is this number consistent with the
results from part a)? Explain.
The ratio of 116,958 years to crack all bcrypt-hashed passwords compared to 3.7 years
for MD5-hashed passwords implies that bcrypt is approximately 31,610 times slower to
test on this specific hardware. This number is consistent with the result from part a),
where bcrypt is approximately 100 times slower than MD5 on the same hardware
configuration. The discrepancy between the two ratios may arise from the difference in
the specific hardware configurations used in the calculations and the actual computation
speeds observed in practice.
d) An alternative to bcrypt is the Password-Based Key Derivation Function (PBKDF2), which is
described in RFC 2898. Briefly compare and contrast PBKDF2 and bcrypt. Be sure to mention
any significant advantages that either algorithm enjoys over the other.
PBKDF2 (Password-Based Key Derivation Function 2) and bcrypt are both key derivation
functions designed for securely hashing passwords. However, they have some
differences:
●
PBKDF2: It is a more generic key derivation function that can be based on various
cryptographic primitives such as SHA-1, SHA-256, etc. PBKDF2 applies a
pseudorandom function multiple times to derive a key from a password and a salt.
One advantage of PBKDF2 is its flexibility in choosing the underlying
cryptographic hash function. However, PBKDF2 can be vulnerable to hardware
acceleration attacks, and its security depends heavily on the chosen hash
function.
●
bcrypt: It is specifically designed for password hashing and is based on the
Blowfish block cipher. bcrypt incorporates a "cost" parameter to control the
computational effort required to hash passwords, making it more resistant to
brute force attacks. One advantage of bcrypt is its slow computational speed,
which helps mitigate the effectiveness of brute force attacks and dictionary
attacks.
In comparison, bcrypt is often preferred for password hashing due to its specific design
for this purpose and its resistance to various attacks, including brute force attacks.
However, both PBKDF2 and bcrypt are considered secure choices for password hashing
when implemented correctly.
23. In the context of biometrics, answer the following.
a) Define fraud rate, insult rate, and equal error rate.
Fraud rate is when someone poses as you and it authenticates. Insult rate is when you
try to authenticate but it fails, and equal error rate is when fraud rate and insult rate are
equal.
b) Why is it useful to know the equal error rate?
It’s good for making sure security is balanced and ensures you don’t have too much
trouble being authenticated all the time but the system also has a pretty good (low) fraud
rate.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
26. In one episode of the television show MythBusters, three successful attacks on
fingerprint biometrics are demonstrated [87]. Used coursehero
a) Briefly discuss each of these attacks.
Etched latex fingerprint(licked), then ballstics gel, then even (licked) copy paper. All
three were put on an actual thumb. In the end, the myth-buster licks the latex fingerprint
and it ends up working. Apparently it just had a bad read at first.
b) Discuss possible countermeasures for each of the attacks in part a). That is, discuss ways
that the biometric systems could be made more robust against the specific attacks.
Use a lazer to check for the grooves in your finger, that would stop the photocopy. There
is a scanner I’ve seen that is set in a thumb shape, ovular, where your thumb actually
sinks in. Perhaps it’s also reading biological data and also the weight and size of your
thumb.
30. Suppose that a particular iris scan system generates 64-bit iris codes instead of the
standard 2048-bit iris codes mentioned in this chapter. During the enrollment phase, the
following iris codes (in hex) are determined. Suppose that during the recognition phase,
the following iris codes are obtained from unknown users. Use the iris codes above to
answer the following questions. Used coursehero
a) Use equation (6.1) to compute the following distances:
d(Alice, Bob) = 15/16, d(Alice, Charlie) = 16/16, d(Bob, Charlie) = 16/16
b) Assuming that the same statistics apply to these iris codes as the iris codes discussed in
Section 6.4.2.3, which of the users, U, V, W, X, and Y, is most likely Alice? Bob? Charlie? Which
are none of the above?
Based on the fact that overlap is nonexistent, then by checking for matches, not much.
Alice might be W, with 7/16, but the number is too big. For Bob and Charlie, they don’t
have any significant matches at all.