Hash And Authentication Assessment Answer

Answer :

20.2. Given a password that is 15 characters long where each character can be one of the 52

upper- and lower-case letters, 10 digits or 32 punctuation symbols and assuming each

hash requires 1 ns, compute the total time consumed in a brute force attack.

Answer:

Number of Possible characters in password = 52 + 10 + 32 = 94

Length of a password = 15

Total number of possible passwords = 94¹⁵

Assuming on an average we need to try half of the possible passwords, before we get correct one,

Total time consumed = * 1 ns

          = 6267310355778.82 years

20.3. Given the data in Problem 20.2, compute the size of the hard disk needed to house a

rainbow table if each hash is 512 bits in length.

Answer: 

Rainbow Tables are enormous, pre-computed hash values for every possible password

Size of rainbow table = space required to store (passwords + Hash code)

Lets assume each character requires 1Byte space. So a password will take 15 bytes.

Each hash code is 512 bits = 64 bytes

So, hard disk needed = 94¹⁵ * (15 + 64) bytes

                                       = 3.1228052102014865e+19 Tera Bytes

If we use a seperator space between password and hash code, it will take  94¹⁵ additional bytes.

20.4. Using the information in Problem 20.2 and assuming that each password has a 16

byte salt and each hash requires 1 ns, compute the total time needed for a brute force

attack.

Answer:

Number of Possible characters in password = 52 + 10 + 32 = 94

Length of a password = 15

Total number of possible passwords = 94¹⁵

Total number of possible passwords with 16 byte salt = 94¹⁵*((16*8)²) = 94¹⁵*((128)²)  

Assuming on an average we need to try half of the possible passwords, before we get correct one,

Total time consumed = *((128)²)* 1 ns

          = 1.026836128690802e+17 years

20.5. Given the data in Problem 20.2 and the fact that each password has a 16 byte salt,

determine the size of the hard disk that is needed to house a rainbow table assuming

each hash is 512 bits in length.

Answer: 

With 16 byte salt, we will need (16*8)² total rainbow tables

So, hard disk needed = 94¹⁵ * (15 + 64) bytes * (16*8)²

                                       = 5.1164040563941155e+23 Tera Bytes

20.6. In addition to the data in Problem 20.2, assume that each password has a 16 byte

salt and is hashed a random number of times r, i.e., hash = Hr

 (password), r ∈ [1, 16].

Furthermore, assume that each hash requires 1 ns. Given these conditions, compute

the total time required for a brute force attack.

Answer:

Number of Possible characters in password = 52 + 10 + 32 = 94

Length of a password = 15

Total number of possible passwords = 94¹⁵

Total number of possible passwords with 16 byte salt = 94¹⁵*((16*8)²) = 94¹⁵*((128)²)  

Assuming on an average we need to try half of the possible passwords, before we get correct one,

Total time consumed = *((128)²)* 16* 1 ns

          = 1.642937805905283e+18 years

20.7. In the event that a token with some physical manifestation, cell phone or one-time

password device, is stolen by an attacker, specify the proper threat mitigation strategy.

Answer:

• User should Block internet banking , ATMs by contacting respective Banks imidiately
• User should use “Sign out of divices” option from Gmail 
• User should sign out of e-commerce websites by contacting them
• Sign out of social media logins
• User should sign out of all other web-sites/apps where he has added sensitve and personal information

20.8. If an attacker connects to a Verifier online and attempts to guess a valid token authenticator, outline the proper threat mitigation strategy.

Answer:

• User should be always careful that he never shares any type of personal information to any verifier
• Attackers create a situation of emergency or give warnigns to ask passwords/OTPs
• User should never share bank credit/debit card password/number, cvv with anyone 
• User should not entertain any queries regarding Birth dates

20.9. In phishing or pharming attacks, the token secret or authenticator, e.g., password, is

captured by fooling the Subscriber into thinking the Attacker is a Verifier or Relying

Party. What is the proper threat mitigation strategy for this scenario?

Answer:

• Be cautious from a person or organization asking for personal information
• Check sender’s display name to check legitamacy of emails
• User should not click on download links in such emails
• Cross-check embedded url with hovering on it, hovering might show a different web adress
• Emails showing grammatical errors are more suspectable
• Using builtin filters to filter out spam emails
• Emails have urgent language
• Greetings without your name specifically
• Warning signs

20.10. Determine the manner in which to protect a user who uses the OAuth open-standard

protocol if they wish to publish their information on Facebook using their Google

account password.

Answer: 

While it is possible for a user to authorize the information  access by using Google Account password to Facebook,  it is more secure for the app developer to use the open standard protocol. Open Authorization enables the user to give their consent for specific access without sharing their password. The OAuth open-standard protocol  allows users to authorize access to their data, once an individual has been authenticated. Facebook  is an entity that relies upon google for assertion of an identity, typically to process a transaction or grant access to information.

20.11. If the security strength of K (key) is 128 bits and SHA-256 is used, the security strength

of the HMAC algorithm is ___ bits.

Answer: 

The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) 

So,  security strength of the HMAC algorithm = min(128,512) = 128 bits

20.12. If the security strength of K is 256 bits and SHA-1 is used, the security strength of the

HMAC algorithm is ___ bits.

Answer:

The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) 

So,  security strength of the HMAC algorithm = min(256,2*160) = min(256,320) = 256 bits

20.13. If the security strength of K is 256 bits and SHA-256 is used, the security strength of

the HMAC algorithm is ___ bits.

Answer:

The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) 

So,  security strength of the HMAC algorithm = min(256,2*256) = 256 bits

20.14. If the desired security strength of the HMAC algorithm is 256 bits and SHA-512/256

is used, determine the security strength of K.

Answer:

The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) 

So,  security strength of the HMAC algorithm = 256 = min(k,2*256),

So security strength of K = 256 bits

20.15. If the desired security strength of the HMAC algorithm is 256 bits and SHA-512/224

is used, determine the security strength of K.

Answer:

The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) 

So,  security strength of the HMAC algorithm = 256 = min(k,2*224),

So security strength of K = 256 bits

20.16. If the desired security strength of the HMAC algorithm is 512 bits and SHA-512/256

is used, determine the security strength of K.

Answer:

The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) 

So,  security strength of the HMAC algorithm = 512  = min(k,2*256) = min(k,512),

So security strength of K = 512 bits

20.17. If the desired security strength of the KDF algorithm is 128 bits and SHA-1is used,

determine the security strength of K.

Answer:

The security strength of a key derivation function is Min (K, L)

So, 128 = Min(K,L) = Min(K,160)

So,  security strength of K = 128.

20.18. If the desired security strength of the KDF algorithm is 256 bits and SHA-256 is used,

determine the security strength of K.

Answer:

The security strength of a key derivation function is Min (K, L)

So, 256 = Min(K,L) = Min(K,256)

So,  security strength of K = 256.

20.19. Based upon the specifications outlined in NIST Special Publication 800-108, draw a

block diagram that constructs a KDF as a PRNG using HMAC as the building block.

20.20. In terms of security, the term confidentiality refers to protection against message

tampering.

(a) True

(b) False

Answer: False 

Page 885

Sentence:“Two important terms related to authentication and required for security are (1) integrity and (2) confidentiality. The former is simply protection against message tampering, while the latter indi- cates the message is private or secret. ”

20.21. Encryption is employed to guarantee confidentiality and integrity.

(a) True

(b) False

Answer: False

Page:885 

Sentence: “Encryption is used to obtain confidentiality, but encryption alone will not guarantee integrity. ”

20.22. The strategic use of a hash function can enhance security.

(a) True

(b) False

Answer: True

Page 890

Sentence: “The properties for various Secure Hash Algorithms are listed in Table 20.2. SHA-2 provides higher security strength”

20.23. The prevention of message tampering while it is in transit can be achieved through

the use of

(a) Authentication

(b) Integrity

(c) All of the above

(d) None of the above

Answer: C

Page 885

Sentence: “If Bob wants to ensure that no one is able to modify his message while in transit, he can employ both integrity and authentication”

20.24. Any bit in a message digest resulting from a hash should be a 1 only half of the time.

(a) True

(b) False

Answer: True

Page 886

Sentence: “In order to be effective, the message digest resulting from the hash should have a random pattern, i.e., any bit in the digest is a “1” only half the time.” 

914 Chapter 20 Problems

20.25. If a hash function exhibits the property that hash (x) = hash (y) for two different

inputs x and y, then a collision is said to exist.

(a) True

(b) False

Answer: True

Page 887,888

Sentence: The importance of a hash stems from the fact that it is computationally not feasible to find two different inputs, x and x′, to the hash function Hash (), which result in a collision, i.e., they have the same hash values Hash (x) = Hash (x′). Hash(Student x) = Student x’s Birthday = Hash(Student y), both Student x and Student y have the same birthday, indicating a collision 

20.26. If a hash function produces a full-length hash value of 512 bits, then the collision

resistance is approximately

(a) 1024 bits

(b) 512 bits

(c) 256 bits

(d) 128 bits

(e) None of the above

Answer: d

Page 888

Sentence: “SHA-256 produces a full-length hash value of 256 bits and provides an estimated collision resistance of 128 bits ”

20.27. A message digest can be inverted to obtain the original message.

(a) True

(b) False

Answer:  False

Page 888

Sentence: The one-way property of a hash function dictates that it is not feasible to invert the digest to obtain the original message 

20.28. If the approximate preimage resistance produced by a hash function is 512 bits, then

the length of the hash value is

(a) 1024 bits

(b) 512 bits

(c) 256 bits

(d) 128 bits

(e) None of the above

Answer: b

Page 888

Sentence: “TABLE 20.1 The Strengths and Security Properties of the SHA Algorithms” 

20.29. SHA-512 is a viable hash algorithm.

(a) True

(b) False

Answer: True

Page 890

Sentence: “The approved algorithms are SHA-1, SHA-224, SHA- 256, SHA-384, and SHA-512”

20.30. One Initialization Vector is used for both SHA-256 and SHA-512.

(a) True

(b) False

Answer: False

Page 889

Sentence: “The Initialization Vector (IV) is specified in the SHA-1 standard and serves as an input. The message is then hashed block-by-block and propagated down the line to produce a 160-bit digest. Two important parameters shown in Figure 20.6 are the initial hash value (IV) and the message length K. The IV is different for each SHA and specified in the standard FIPS 180-2.”

20.31. The message authentication code HMAC uses

(a) Cryptographic key

(b) Hash function

(c) All of the above

(d) None of the above

Answer: C

Page 891

Sentence: “FIPS 198-1 [16] and RFC 2104 [17] define the Keyed-Hash Message Authentication Code (HMAC). HMAC is a message authentication code that uses a cryptographic key in conjunction with a hash function” 

20.32. An important feature of HMAC is the fact that hashing is faster than encryption in

software.

(a) True

(b) False

Answer: True

Page 891

Sentence: “The key difference between hash and HMAC functions is the use of a shared secret key that provides authentication in addition to integrity protection. HMAC has several important features. For example, hashing is faster than encryption in software” 

20.33. HMAC employs multiple hashes.

(a) True

(b) False

Answer: True

Page 891

Sentence: “The overall structure of HMAC, shown in Figure 20.7, consists of two hashes” 

20.34. The key used in HMAC must be

(a) A random bit string obtained using an approved generator

(b) Generated using an approved key establishment method

(c) All of the above

(d) None of the above

Answer: c

Page 892

Sentence: “The key used in HMAC must be either a random bit string generated using an approved gener- ator, such as that recommended in SP 800-90 [18], or it must be generated using an approved key establishment method, such as that recommended in SP-800-56A [18] or SP-800-56B [19].”

Chapter 20 – Hash and Authentication 915

20.35. The security strength of the HMAC algorithm can be expressed as Min (security

strength of K, L), where K is the key and L is the length of the key.

(a) True

(b) False

Answer: False

Page 892

Sentence: “The security strength of the HMAC algorithm is the minimum of the security strength of K or the value 2L (L is the length of message digest), i.e., Min (security strength of K, 2L) [5].” 

20.36. Password-only authentication can be implemented entirely in software.

(a) True

(b) False

Answer: True

Page 893

Sentence: “ The primary advantage of password-only authentication is that it can be implemented entirely in software, and therefore no special purpose authentication hardware is required” 

20.37. A dictionary attack is a trial and error approach to password guessing.

(a) True

(b) False

Answer: False

Page 894

Sentence: “A dictionary attack is possible because many passwords come from a small dictionary. The dictionary attack usually starts with a dictionary word and inserts and/or appends a symbol or a number, etc.” 

20.38. The only methods used to capture a password can be classified as either hardware,

e.g., a Trojan horse or software, e.g., spyware.

(a) True

(b) False

Answer: False

Page: 894 

Sentence: “Passwords can be captured in a wide variety of ways. Some of the more common methods use a Trojan horse, or a keylogger, which can be done in hardware, e.g., KeyGhost or KeyShark, and software, e.g., spyware. In addition, other techniques simply rely on the target being unaware of the surroundings, e.g., monitoring an insecure network login, shoulder surfing and any other forms of social engineering” 

20.39. Storing a hash of the password rather than the password is an effective technique in

password protection.

(a) True

(b) False

Answer: True

Page 896

Sentence: “Instead of storing a user password, store the hash of a password, H (password), where H is a hash function. When a user enters a password, the host system computes its hash and compares it with entries in the password file. The system does not store actual passwords, which makes it difficult to translate from hash to password.” 

20.40. A dictionary attack is typically a viable approach to password cracking because

humans normally use passwords that are not truly random.

(a) True

(b) False

Answer: True

Page 894

Sentence: ““A dictionary attack is possible because many passwords come from a small dictionary. The dictionary attack usually starts with a dictionary word and inserts and/or appends a symbol or a number, etc.”

20.41. A message authentication scheme consists of a

(a) MAC generation operation

(b) MAC verification operation

(c) All of the above

(d) None of the above

Answer: c

Page 899

Sentence: “A message authentication scheme consists of a message authentication code (MAC), a genera- tion operation and a MAC verification operation” 

20.42. Computer-generated passwords are not popular because

(a) They are hard to remember

(b) May be written down somewhere to facilitate their use

(c) All of the above

Answer: c

Page 899

Sentence: “While passwords can be computer-generated, there are some attendant problems. If the pass- words are very random in nature, users find it difficult to remember them, even when the pass- word is pronounceable. When users have difficultly remembering a password, they are tempted to write it down. Thus, computer-generated password schemes have a history of poor acceptance.” 

20.43. The IEEE plays a significant role in the development of cryptographic standards.

(a) True

(b) False

Answer: True

Page 899,900

Sentence: “IEEE P1363.2 [36] is an Institute of Electrical and Electronics Engineers (IEEE) standardization project for public-key cryptography, which provides a mechanism for authenticating people and distributing high-quality cryptographic keys for secure communication, while preventing off- line brute-force attacks commonly associated with passwords” 

20.44. Kerberos serves as the foundation for authentication in a domain and is used by

(a) Active directory

(b) UNIX

(c) Linux

(d) All of the above

Answer: d

Page 901

Sentence: “Kerberos serves as the foundation for authentication in a domain. It is based upon a hash of pass- words with a multiple factor option. Kerberos is used by Microsoft’s Active Directory, as well as UNIX and Linux” 

20.45. A one-time password uses ___ to ensure it can only be used once, as specified in RFC

2289.

(a) A shared key

(b) Multiple hashes

(c) A timestamp

(d) All of the above

Answer: b

Page 903

Sentence: “A sequence of one-time passwords is produced by applying the secure hash function multiple times to an initial value called S” 

916 Chapter 20 Problems

20.46. A HOTP one-time password uses ___ to ensure it can only be used once, as specified

in RFC 2289.

(a) A shared key

(b) One counter

(c) A timestamp

(d) All of the above

Answer: b

Page 904

Sentence: “HOTP is an HMAC-based One Time Password algorithm and a cornerstone of the Initiative For Open Authentication (OATH). 

HOTP(K, C) = Truncate(H(K, C)) AND 0x7FFFFFFF 

• ◾  K: shared secret between client and server 
• ◾  C: 8-byte counter value” 

20.47. A TOTP one-time password uses ___ to ensure it can only be used once, as specified

in RFC 2289.

(a) A shared key

(b) One counter

(c) A timestamp

(d) All of the above

Answer: a

Page 905

Sentence: “The Time-based One-time Password (TOTP) algorithm is an IETF draft standard proposed by OATH. It is based on a synchronized clock between the user and server. 

TOTP = HOTP (K, T) 

• ◾  K: a shared secret between client and server” 

20.48. Multiple factor authentication uses ___ to ensure it can only be used once, as specified in RFC 2289.

(a) A password

(b) A token

(c) A pin

(d) All of the above

Answer: d

Page 900

• Sentence: Multi-factor Token – A token that uses two or more factors to achieve authentication, e.g., a private key on a smart card that is activated via a PIN. The PIN is something you know and the smart card is something you have 

20.49. A one-time password uses ___ to implement the algorithm.

(a) Hardware

(b) Software

(c) All of the above

(d) None of the above

Answer:  c

Page 902

Sentence: “A cryptographic token may be a handheld hardware device, a hardware device connected to a personal computer through an electronic interface such as a USB, or a software module resi- dent on a personal computer/smartphone, which offers cryptographic functionality that may be used, e.g., to authenticate a user for some service. These tokens work in a connected fashion to a computer or smartphone, enabling their programmatic initialization as well as the programmatic retrieval of their output values.”