Question
Unix based operating systems use the salt scheme in order to secure passwords. Answer the following questions: a. What is the purpose of the salt?
Unix based operating systems use the salt scheme in order to secure passwords. Answer the following questions:
a. What is the purpose of the salt?
b. Is salt helpful in an online dictionary attack? Explain if your answer is yes.
c. What mechanisms can an attacker use to make an offline dictionary attack on a UNIX system fast and efficient ?
d. Assume an attacker has compiled a dictionary of 10,000 entries for an off-line dictionary attack on a server with 100 users. If the Operating System uses salt, and the attacker's goal is to get a particular user Bob's password. How many hash values will the attacker compute in the worst case?
e. If the attacker's goal is not to get a particular user's password, but to get as many passwords as possible, what is your answer then?
f. The UNIX machine has advanced its authentication processes by using facial recognition biometrics for authentications. However the system has a high false non-match rate. Can you explain what that means? How can you overcome the problem of false non-match?
Step by Step Solution
3.28 Rating (145 Votes )
There are 3 Steps involved in it
Step: 1
aThe purpose of the salt in a Unixbased operating system is to prevent an attacker from precomputing a rainbow table of all possible password hashesA rainbow table is a precomputed table that maps pla...
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Principles Of Information Security
Authors: Michael E. Whitman, Herbert J. Mattord
7th Edition
035750643X, 978-0357506431
