Description
each prompt must be submitted as three to four paragraphs.
Check attached file.
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
hi, here is the assignment completed. kindly in case of anything let me know. otherwise bye for now
1
Running Head: SCENARIO ANALYSIS
Scenario Analysis
Students NAME
Institutional Affiliation
Date of Submission
2
SCENARIO ANALYSIS
1. Alice sends a password, and Bob compares it against a database of passwords.
The process of Alice sending the password could be visible to a third part that can watch and
record the message from a different location. After a period of snooping, the third party can
record the successful authentication attempt and replicate the correct password which can be
used to impersonate Alice. This is because; the third party can capture and interpret the password
before it reaches Bob. For this reason, there is need to encrypt passwords when sending them to
another public network. One can gain access using shared keys to encrypt the passwords.
2. Alice sends a password, and Bob hashes it and compares it against a database of hashed
passwords.
A third party can find out Alice’s hashed password in different ways. One is by monitoring the
network from outside and second is reading the host’s password database. The party then
initiates a connection with Bob then proceeds to send over the hashed password when it is asked.
Although the third party may not have the actual password, he has fooled Bob and gained access
to Alice’s account. The third party will use a logarithm used to harsh the password stored in the
database.
3. Alice computes the hash of a password and uses it as secret key in challenge/response
protocol.
In this case the password is never stored on the host system but the attacker can exploit the password-equivalence look up f (p) for instance function as the password from the password database
3
SCENARIO ANALYSIS
and go on to impersonate Alice. This can simply have explained as the client-side computation
always uses the value of the f(p) and never depends on the password alone (Stamp, 2011).
4. Alice computes the hash of a password and sends it to Bob, who hashes it and compares
it against a database of doubly-hashed passwords.
If in any case Alice’s password ends up falling in the wrong hands of the attacker, the attacker
will end up keeping a regular track of the traffic between Alice and Bob. This will allow the
attacker to decrypt all the transmissions that are made while P was used as the password (David
et al., 2001) . Third party can also capture the password and look for a logarithm used to doublehash the password and eventually obtain the password hash then send the file in an encrypted
password file (Wobst, 2007).
4
SCENARIO ANALYSIS
REFERENCES
Wobst, R. (2007). Cryptology unlocked. Chichester: John Wiley & Sons
Stamp, M. (2011). Information security: Principles and practice. Hoboken, N.J: Wiley.
Daswani, N., Kern, C., & Kesavan, A. (2007). Foundations of security: What every programmer
needs to know. Berkeley, CA: Apress
Davida, G., Frankel, Y., & International Conference on Information Security, ISC.
(2001). Information security: 4th International conference, ISC 2001, Malaga, Spain,
October 1-3, 2001 : proceedings. Berlin: Springer
Here is the assignment completed, I am readily available in
case of anything. Bye for now
1
Running Head:...