Question: Consider the following login protocol. user knows password P user knows Hash function H(.) and has a mobile calculator user gives login name N to

Consider the following login protocol.

user knows password P

user knows Hash function H(.) and has a mobile calculator

user gives login name N to machine

machine generates random number R

machine gives R to user

user computes X := Hash(P) XOR Hash(R)

user gives X to machine

machine uses N to obtain P from password table

machine computes Y := Hash(P) XOR Hash(R)

if X=Y then machine allows login

a. Explain what is wrong with it and how can it be broken.

b. Show a simple way to strengthen this protocol against your attack.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

Consider the following login protocol:User knows a password PUser knows a Hash function H . ) and has a mobile calculatorUser gives login name N to machineMachine generates a random number RMachine...

Q:

Q/in network security answer that ? a) The National University of Tuvalu (NUT) is implementing an electronic voting (e-voting) system to elect their Vice-Chancellor. Only the faculty members of NUT...

Q:

can someone solve this Modern workstations typically have memory systems that incorporate two or three levels of caching. Explain why they are designed like this. [4 marks] In order to investigate...

Q:

Authentication Protocol Analysis (3 marks) Multi-factor user authentication mechanisms require a user to possess multiple authenticatiorn factors, such as a knowledge factor ("something the user...

Q:

) Consider integer division of one two's-complement binary number by another. Programming languages may vary in the result when one argument is negative. What differing conventions might they be...

Q:

ANSI-SPARC6 Programming Language Compilation Write notes on each of the following topics: (a) the implementation of labels and jumps in a recursive, block structured programming language [7 marks]...

Q:

Developments in Technology Light is incident from air on the end face of a multimode optical fibre at angle of incidence as shown below. n n 1 2 The refractive indices of the core and cladding are...

Q:

Let A, B be sets. Define: (a) the Cartesian product (A B) (b) the set of relations R between A and B (c) the identity relation A on the set A [3 marks] Suppose S, T are relations between A and B, and...

Q:

There is a login protocol between a user (ATM card) and a server (ATM machine), which works as follows: The user U has a password P and knows a hash function H. He also has a calculator. User sends...

Q:

There is a login protocol between a user (ATM card) and a server (ATM machine), which works as follows: The user U has a password P and knows a hash function H. He also has a calculator. User sends...

Q:

West Company acquired 60 percent of Solar Company for $306,000 when Solars book value was $406,000. The newly comprised 40 percent noncontrolling interest had an assessed fair value of $204,000. Also...

Q:

For each piece of information in the list that follows, indicate whether the best source would be (a) Reports published by the company, (b) SEC reports (c) Business periodicals, or (d) Credit and...

Q:

The amount that stockholders are paid at the liquidation of a corponation affer taves, debts, and other clairs have been satisfied is called a . the liquidation value. b . a dividend payment C . a...

Q:

Seved Help 14 Wisconsin Snowmobile Corp. is considering a switch to level production Cost efficiencies would occur under level production, and aftertax costs would decline by $31,500, but inventory...

Q:

5. What might you do in your organization to encourage laughter and fun at work in a way that contributes to stress reduction and increased effectiveness and productivity?

Q:

2. What did you do in response to the challenge? How did your responses improve your ability to cope or make you stronger, more flexible, or capable?

Q:

3. How might you apply these learnings to the challenges you face currently?