Question

Question 1: Password Input Methods and Brute Forcing [20%]
Assume that passwords are selected from four-character combinations of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second.
1. Assuming no feedback to that adversary until each attempt has been completed, what is the expected time to discover the correct password?
2. Assuming feedback to that adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?
Question 2: Networks and Privacy [30%]
Assume that all websites began using encrypted connections so that the contents of all TCP and UDP packets (data within the packets, but not the packets’ headers) were encrypted.
Suppose that a police/intelligence agency wanted to track a person’s internet-based communications and set up a packet sniffer (like Wireshark) to obtain a copy of all of the person’s internet traffic. Assuming they cannot break the encryption, and thus cannot read what was actually sent and received, what potentially useful information can they still obtain from the copied packets? Explain your answer.
Why does this represent a privacy concern for internet users?
Note: This must be your own description, not somebody else’s (no plagiarism). If you used any external sources to help answer this question, please list them at the end of your answer.
Question 3: Networked Authentication [50%]
Choose either OpenID or Facebook Connect. For whichever option you choose, describe the process of a user logging into a website which uses your chosen system for processing logins.
Include all steps which involve communication between the web client (person logging in), the website, and the identity provider (Facebook or the OpenID Identity Provider), and identify what information is exchanged in each step. Please keep this description to 1 page or less, and identify the location of at least 3 (non-Wikipedia) sources you’ve used for information.
Note: You could represent this as a numbered list, a table, a flowchart, etc. The important things are: 1) the information is correct; 2) it is your own description, not somebody else’s (no plagiarism); and 3) the description makes sense to a reader. The list of sources can be a simple list at the end of your description.

Solution Preview

This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.

2. In the worst case each of the four digits has 26 tries; the expectation to guess a digit of the password is again half of the maximum number of possibilities (since at each attempt the probability to guess is ½); or this is means for each of the four digits the expected number of tries is 13. Since the password has 4 digits, it is required an expected number of 13*4=52 attempts; because each attempt takes 1 sec, the expected time to discover the password is 52 sec....

This is only a preview of the solution. Please use the purchase button to see the entire solution

$30.00

or free if you
register a new account!

Assisting Tutor

Related Homework Solutions

Laws and Regulations from Cybercrime and Security
Homework Solution
$50.00
Law
Regulation
Cybercrime
Security
PET
Privacy
Enhancing
Technogloy
PII
Breach
Notification
Letter
European
Union
Data
Protection
Directive
Principle
Personal
Disclosure
NIST
Identifiable
Information
Social
Media
Concept
User
Fa
Presentation on Computer Emergency Response Team - CERT (5 slides)
Homework Solution
$23.00
CERT
Computer
Emergency
Response
Team
Incident
Security
IT
Vulnerability
Assessment
Service
Quality
Management
Proactive
Penetration
Testing
Audit
Maintenance
Reactive
Application
Infrastructure
McAfee Antivirus Review Based on Provided Template
Homework Solution
$20.00
McAfee
Anvirus
Review
Template
Full
Name
Type
Product
Associated
Cost
Platform
Resource
Security
Cybercrime
Organization
Vendor
PCMAG
CNET
Link
Criminal
Activity
Performance
Malware
Association
Firewall
Two Information Security Questions about Authorization Types and Malware Analysis
Homework Solution
$20.00
Authorization
Malware
Plumbing
Contractor
Role
RBAC
Inventory
Database
Part
System
Payable
Clerk
Installation
Foreman
Acess
Read-only
Read-write
CodeRed
ILOVEYOU
Nimda
MyDoom
Payload
Spread
Trigger
Condition
Damage
Strategy
Miti
Protocol Analyzer Usage & Domain Zone File Example
Homework Solution
$30.00
Wireshark
Protocol
Network
Analyzer
Domain
Zone
File
DNS
Email
Web
Server
Name
Sniffer
Legitimate
Illegitimate
Management
Attacker
Vulnerability
Wareagle
NS
FTP
Get help from a qualified tutor
Live Chats