Answered step by step
Verified Expert Solution
Question
1 Approved Answer
( 1 5 points ) Password file hashing. To make sure the passwords of users are securely stored, we normally need to hash each password
points Password file hashing. To make sure the passwords of users are securely stored, we normally need to hash each password in the password file. Is SHA a good candidate for password hashing? Why or why not? Somebody suggested a protocol like this: the client side hash the password before sending to the server side, but both username and password are not encrypted during the transmission. The server just need to compare the presented hashed password with the corresponding record in the hashed password file to find out whether the password presented was accurate or not. Is this a secure solution? Justify your conclusion. Suppose a company has users and password records that are stored in the hashed format. Each password is characters long and there are possible choices of characters. A hacker has obtained this password file and plan to use the bruteforce way to find out all n passwords. i What is the lowest computing complexity for the case when salt was not used? ii What is the lowest computing complexity for the case when salt was used? Note that for both cases you need to consider the practicality of available memory.
points Password file hashing.
To make sure the passwords of users are securely stored, we normally need to
hash each password in the password file. Is SHA a good candidate for
password hashing? Why or why not?
Somebody suggested a protocol like this: the client side hash the password
before sending to the server side, but both username and password are not
encrypted during the transmission. The server just need to compare the
presented hashed password with the corresponding record in the hashed
password file to find out whether the password presented was accurate or not.
Is this a secure solution? Justify your conclusion.
Suppose a company has users and password records that are stored in the
hashed format. Each password is characters long and there are
possible choices of characters. A hacker has obtained this password file and
plan to use the bruteforce way to find out all n passwords.
i What is the lowest computing complexity for the case when salt was
not used?
ii What is the lowest computing complexity for the case when salt was
used? Note that for both cases you need to consider the practicality of
available memory.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started