Question 1. Let H: {0,1}* → {0, 1}" be a hash function that achievesthe one-way and collision resistance security properties.(b).Show that the new function H' achieves collision resistance.Suppose that we want to use H for the deployment of apassword-based user authentication mechanism that is a variant ofthe standard password hashing mechanism as follows: when loading anew password P selected by the user with ID U, instead of choosinga random salt, the password P is hashed. Then, the n-bit digestH(P) and password P serve as inputs to produce a fixed-length hashcode. Namely, the information that is stored in the password file is thetriple (U, H(P), H(H(P)||P)). During password verification for userID U, the system receives a password P* and (i) computes H(P*), (ii)computes H(H(P*)||P*), and (iii) checks if H(H(P*)||P*) matchesthe value H(H(P)||P) that is stored for U.1Does the aforementioned mechanism provide protection against offlinedictionary attacks? Justify your answer. Recall that in such an at-tack, the attacker obtains the system password file and compares thepassword hashes against precomputed hashes of commonly used pass-words.

The final answer is:H' achieves collision resistance because it is hard to find two different inputs…

Answered: Question 1. Let H: {0,1}* → {0, 1}" be…

Similar questions

security pr As we mentioned in class, a universal hash function is a function UH(K, M) that takes a key K, a message M and produces a fixed length digest. The universal hash is defined to be "secure" if for any two messages M₁ and M2, if K is selected uniformly at random, then the probability that UH(K, M₁) UH(K, M₂) is approximately zero. == Suppose that H is a secure hash function. Is UH(K, M) = H(K||M) a secure universal hash function? Either prove the answer is "yes" using the security properties of H (which can be assumed), or show how the security of UH could be violated. VO
a. What characteristics are needed in a secure hash function? b. What is the role of a compression function in a hash function? c. Suppose H(m) is a collision-resistant hash function that maps a message of arbitrary bit length into an n-bit hash value. Is it true that, for all messages x, x’ with x ≠ x’, we have H(x) ≠ H(x’)? Explain your answer.
1. Let (01, 02, 03,..., 026!} be the set of permutations of the alphabet A = {A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z}, and consider the simple substitution cryptosystem with ok = A B C D E F G H I J K L M X MTAK ZQB NO LES N O P Q R S T U V W X Y Z IF G R V JH CY UDP W and key k. (a) Compute C = e(AUBUR NUNIV ERSIT YATMO NTGOM ERY, k). (b) Compute M = d(NIZFV SXHNF IHBKF VPXIA KIHVF GP, k).
8. Insert the following keys one-by-one into an initially empty hash table of size 7. Use the hash function h(x) = x mod 7 Show the result for {10, 1, 18, 15, 26, 11, 19} (a) a separate chaining hash table (do not rehash if the load factor becomes too large). (b) a table with linear probing, i.e. using the probing function f(i) = i. For parts (c) and (d), it is possible that you will not be able to insert some of the keys into the table. If you find such a key, rehash the table into a new table of size 11. You need to modify the hash function h(x) accordingly to adjust for the new table size. You do not have to change g(x) for part (d). Do not rehash earlier for any of the tables (even if the load factor becomes too large). (c) a table with quadratic probing, i.e. using the probing function f(i) = i² (d) a table that uses double hashing with a secondary hash function, i.e. f(i) = i* g(x), where the secondary hash function is g(x) = 5 - (x mod 5).
I need the answer as soon as possible
Please do both questions. Thank you in advance. Subject- Security Governance Type 1: Calculation of hash values for given keys –In this type of questions, hash values are computed by applying given hash function on given keys. Que – 1. Given the following input (4322, 1334, 1471, 9679, 1989, 6171, 6173, 4199) and the hash function x mod 10, which of the following statements are true? i. 9679, 1989, 4199 hash to the same valueii. 1471, 6171 has to the same valueiii. All elements hash to the same valueiv. Each element hashes to a different value(A) i only(B) ii only(C) i and ii only(D) iii or iv Type 2: Insertion of keys into hash table using linear probing as collision resolution technique –In linear probing technique, collision is resolved by searching linearly in the hash table until an empty location is found. Que – 2. The keys 12, 18, 13, 2, 3, 23, 5 and 15 are inserted into an initially empty hash table of length 10 using open addressing with hash function h(k) = k mod 10 and…
Exercise 2 (MAC schemes derived from block ciphers( Let E denote the family of encryption functions for a block cipher where plaintext blocks, ciphertext blocks, and keys are each n = 80 bits in length. Let H {0, 1} {0, 1}" be a hash function. Assume that plaintext messages m all have bit-lengths that are multiples of n; we write m = (my, m₂,...,m), i.e. m is composed of t blocks m, of n bits each. Consider the following MAC schemes, each using an n-bit secret key k. 1. MAC (m) = ₁, where co = 0, and c, =c-1m, Ex(m) for 1 ≤ i ≤t. 2. MAC (m) Ek(H(m)). Are any of these MAC schemes secure? Justify your answer and clearly state any assumptions you make.
Ek Let EK: {0, 1}128 → {0, 1}128 be an ideal block cipher with message space {0, 1}128, ciphertext space {0, 1}128, and key space {0, 1}128. Let r and y denote bitstrings of length 128. Is the following hash function H: {0, 1)256 {0,1}256 → {0, 1}128 preimage resistant? H(x, y) – Ey(y) © r
Consider a open bucket hash table and closed bucket hash table in which the keys are student identifiers (strings of 6 digits). Assume the following number of buckets and hash function: m = 100; hash(id) = first two digits of id #. Starting with an empty hash table, show the effect of successively adding the following student identifiers: 000014, 990021, 990019, 970036, 000015, 970012, 970023. Use following function as second hash function hash(id) = last digit of id # Show the effect of deleting 000014 from the hash table. (Java Programming DSA)
Recall that the sponge construction describes how to turn a public random permutation into a cryptographic hash function. Once the data to be hashed has been padded, the next step is to absorb the data r bits at a time. blk = <0>while not done: xor the next r bits of data into the first r bits of blk blk = p(blk) As a convenient (but not secure because it's too small) public random permutation, lets use the AES S-box for p. What is blk after absorbing each of the following when r=4 bits. Give your answer as exactly either 2 hexadecimal digits or 8 binary digits with no spaces (eg, 0A or 00001010). Note that the data is already padded and you should restart at blk=<0> each for each computation Data: 1001 Resulting blk:____ Data 10011001 Resulting blk:_____ Data 100110011001 Resulting blk:____
Since the question is connected please do all of them please and thank you in advance. Subject:- Security Governance Type 1: Calculation of hash values for given keys –In this type of questions, hash values are computed by applying given hash function on given keys. Que – 1. Given the following input (4322, 1334, 1471, 9679, 1989, 6171, 6173, 4199) and the hash function x mod 10, which of the following statements are true? i. 9679, 1989, 4199 hash to the same valueii. 1471, 6171 has to the same valueiii. All elements hash to the same valueiv. Each element hashes to a different value(A) i only(B) ii only(C) i and ii only(D) iii or iv
The first step of most signature schemes consists in hashing the message to be signed. Discuss which security property a suitable hash function must have, and briefly show an attack that is possible if the hash function does not have this property.

SEE MORE QUESTIONS