Question $2$

An early attempt to force users to use less predictable passwords involved computer supplied

passwords. These passwords were generated using a pseudorandom number generator. Suppose

the passwords were nine$-$characters long and were taken from the character set consisting of

uppercase letters and digits so that the adversary has to search through all character strings of

length $9$ from a $36-$character alphabet. Now, answer parts $($a$),($b$)$ and $($c$)$ accordingly.

$($a$)$ Would a pseudorandom number generator with $216$ possible starting values suffice? $[4\%]$

$($b$)$ If not, then what should be the appropriate range for this pseudorandom number generator? $[9\%]$

Explain your answer.

$($c$)$ Discuss what issues this method would have inside a large corporation and how you would $[6\%]$

change it to solve the issues.