Question
It was stated that inclusion of the salt the UNIX password scheme increases the difficulty of guessing by a factor of 4096. Let's use a
It was stated that inclusion of the salt the UNIX password scheme increases the difficulty of guessing by a factor of 4096. Let's use a case to explain why it is asserted that the salt increases security although the salt is stored in plaintext in the same entry as the corresponding ciphertext password. Let's assume that the adversary has obtained a password file containing 4000 entries, each using a unique 12-bit salt.
1. In order to crack all the 4000 hashed passwords in the password file on a UNIX system, how many times does the hash routine, i.e., crypt(3), need to run in the worst case?
2. If the salt is NOT used, how many times does the hash routine, i.e., crypt(3), need to run in the worst case in order to crack all the 4000 hashed passwords?
3. If 24-bit salt is used for this case, does the hash routine need to run more times in the worst case to crack all the 4000 hashed passwords? If so, how many more?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Advanced Database Systems
Authors: Carlo Zaniolo, Stefano Ceri, Christos Faloutsos, Richard T. Snodgrass, V.S. Subrahmanian, Roberto Zicari
1st Edition
155860443X, 978-1558604438
