Hello, scenario Assignment 2

User Generated

nnnnooo1

Business Finance

Description

each prompt must be submitted as three to four paragraphs.

Check attached file.

Unformatted Attachment Preview

For this assignment, you will be provided multiplescenarios that contain hypothetical situations pertaining to authentication and security protocols. Each of these situations will require the student to critically assess the situation and propose appropriate actions to be taken. This allows students to make practical application of the knowledge gained pertaining to authentication protocols, which will assist in the development of statements of policy for the information assurance plan. Prompt: Explain the threatin each of the following types of authentication and provide a solution for each scenario below: Alice sends a password, and Bob compares it against a database of passwords. Alice sends a password, and Bob hashes it and compares it against a database of hashed passwords. Alice computes the hash of a password anduses it as secret key in challenge/response protocol. Alice computes the hash of a password and sends itto Bob, who hashes it and compares it againsta database of doubly-hashed passwords. Guidelines for Submission:Your responses for each prompt must be submitted as three to four paragraphs and as a Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format. (graduate courses). Make sure you cite if you take a piece of someone's work very important and your reference should relate to your writing (don't cite a reference because it relates to the course and not this very paper) at least 4 current and relevant academic references. No heavy paraphrasing of others work. www.citationmachine.net to format references into the APA style if necessary. Extremely important. Intext citations is vervessentialand highly needed as well.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

hi, here is the assignment completed. kindly in case of anything let me know. otherwise bye for now

1
Running Head: SCENARIO ANALYSIS

Scenario Analysis
Students NAME
Institutional Affiliation
Date of Submission

2
SCENARIO ANALYSIS

1. Alice sends a password, and Bob compares it against a database of passwords.
The process of Alice sending the password could be visible to a third part that can watch and
record the message from a different location. After a period of snooping, the third party can
record the successful authentication attempt and replicate the correct password which can be
used to impersonate Alice. This is because; the third party can capture and interpret the password
before it reaches Bob. For this reason, there is need to encrypt passwords when sending them to
another public network. One can gain access using shared keys to encrypt the passwords.

2. Alice sends a password, and Bob hashes it and compares it against a database of hashed
passwords.
A third party can find out Alice’s hashed password in different ways. One is by monitoring the
network from outside and second is reading the host’s password database. The party then
initiates a connection with Bob then proceeds to send over the hashed password when it is asked.
Although the third party may not have the actual password, he has fooled Bob and gained access
to Alice’s account. The third party will use a logarithm used to harsh the password stored in the
database.
3. Alice computes the hash of a password and uses it as secret key in challenge/response
protocol.
In this case the password is never stored on the host system but the attacker can exploit the password-equivalence look up f (p) for instance function as the password from the password database

3
SCENARIO ANALYSIS
and go on to impersonate Alice. This can simply have explained as the client-side computation
always uses the value of the f(p) and never depends on the password alone (Stamp, 2011).
4. Alice computes the hash of a password and sends it to Bob, who hashes it and compares
it against a database of doubly-hashed passwords.
If in any case Alice’s password ends up falling in the wrong hands of the attacker, the attacker
will end up keeping a regular track of the traffic between Alice and Bob. This will allow the
attacker to decrypt all the transmissions that are made while P was used as the password (David
et al., 2001) . Third party can also capture the password and look for a logarithm used to doublehash the password and eventually obtain the password hash then send the file in an encrypted
password file (Wobst, 2007).

4
SCENARIO ANALYSIS

REFERENCES
Wobst, R. (2007). Cryptology unlocked. Chichester: John Wiley & Sons
Stamp, M. (2011). Information security: Principles and practice. Hoboken, N.J: Wiley.
Daswani, N., Kern, C., & Kesavan, A. (2007). Foundations of security: What every programmer
needs to know. Berkeley, CA: Apress
Davida, G., Frankel, Y., & International Conference on Information Security, ISC.
(2001). Information security: 4th International conference, ISC 2001, Malaga, Spain,
October 1-3, 2001 : proceedings. Berlin: Springer

Here is the assignment completed, I am readily available in
case of anything. Bye for now

1
Running Head:...


Anonymous
I use Studypool every time I need help studying, and it never disappoints.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags