Q3)A well known authentication technology requires users to enter a user ID and 10-digit code to log in. The first 4 digits of the code were chosen by the user when setting up the account, and the last 6 digits are shown on a physical token given to the user by an administrator. State the number of authentication factors used in this scenario, and for each factor state the type of factor and briefly describe the data corresponding to that factor. (2 points)
Q4. In the PHP function password_hash , the default algorithm is brcypt which produces a text string derived from a 16-byte “salt” value and a 24-byte salted hash of the supplied password. How many entries would be needed in a “rainbow table” that included all possible salt values and all possible salted hash values? Show your calculations. (2 points)
Q5. On Lecture 7 slide 56 (Kerberos – Version 4 dialog), the first field under Message 2 is EKc . Briefly explain how the key used to encrypt/decrypt data between the user’s client and the Authentication Server is generated. (2 points)
Q6. State the minimum and maximum possible values for the lifetime of a ticket in Kerberos Version 4. Show your calculations. Note: A lifetime of 0 is valid but not useful as the ticket expires before it can be used – calculate the minimum useful value.
Sample Solution
