Let h be a secure cryptographic hash function. For this problem, a password consists of a maximum of 14-characters and there are 32 possible choices for each character. If a password is less than 14 characters, it’s padded with nulls until it is exactly 14 characters. Let P be the resulting 14 character password. Consider the following two password hashing schemes.
(i) The password P is split into two parts, with X equal to the first 7 characters and Y equal to the last 7 characters. The password is stored as (h(X), h(Y)). No salt is used.
(ii) The password is stored as h(P). Again, no salt is used.
Note that the method in scheme (i) is used in Windows to store the so-called LANMAN password.
a. Assuming a brute force attack, how much easier is it to crack the password if scheme (i) is used as compared with scheme (ii)?
b. If scheme (i) is used, why might a 10-character password be less secure than a 7-character password?14
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.