Question 1: Password Input Methods and Brute Forcing [20%]
Assume that passwords are selected from four-character combinations of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second.
1. Assuming no feedback to that adversary until each attempt has been completed, what is the expected time to discover the correct password?
2. Assuming feedback to that adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?
Question 2: Networks and Privacy [30%]
Assume that all websites began using encrypted connections so that the contents of all TCP and UDP packets (data within the packets, but not the packets’ headers) were encrypted.
Suppose that a police/intelligence agency wanted to track a person’s internet-based communications and set up a packet sniffer (like Wireshark) to obtain a copy of all of the person’s internet traffic. Assuming they cannot break the encryption, and thus cannot read what was actually sent and received, what potentially useful information can they still obtain from the copied packets? Explain your answer.
Why does this represent a privacy concern for internet users?
Note: This must be your own description, not somebody else’s (no plagiarism). If you used any external sources to help answer this question, please list them at the end of your answer.
Question 3: Networked Authentication [50%]
Choose either OpenID or Facebook Connect. For whichever option you choose, describe the process of a user logging into a website which uses your chosen system for processing logins.
Include all steps which involve communication between the web client (person logging in), the website, and the identity provider (Facebook or the OpenID Identity Provider), and identify what information is exchanged in each step. Please keep this description to 1 page or less, and identify the location of at least 3 (non-Wikipedia) sources you’ve used for information.
Note: You could represent this as a numbered list, a table, a flowchart, etc. The important things are: 1) the information is correct; 2) it is your own description, not somebody else’s (no plagiarism); and 3) the description makes sense to a reader. The list of sources can be a simple list at the end of your description.

Solution PreviewSolution Preview

These solutions may offer step-by-step problem-solving explanations or good writing examples that include modern styles of formatting and construction of bibliographies out of text citations and references. Students may use these solutions for personal skill-building and practice. Unethical use is strictly forbidden.

2. In the worst case each of the four digits has 26 tries; the expectation to guess a digit of the password is again half of the maximum number of possibilities (since at each attempt the probability to guess is ½); or this is means for each of the four digits the expected number of tries is 13. Since the password has 4 digits, it is required an expected number of 13*4=52 attempts; because each attempt takes 1 sec, the expected time to discover the password is 52 sec....

By purchasing this solution you'll be able to access the following files:

for this solution

PayPal, G Pay, ApplePay, Amazon Pay, and all major credit cards accepted.

Find A Tutor

View available Information Security Tutors

Get College Homework Help.

Are you sure you don't want to upload any files?

Fast tutor response requires as much info as possible.

Upload a file
Continue without uploading

We couldn't find that subject.
Please select the best match from the list below.

We'll send you an email right away. If it's not in your inbox, check your spam folder.

  • 1
  • 2
  • 3
Live Chats