Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
¶ … hashes can be attacked. In addition, describe some scenarios where a hash has been used as part of an authentication scheme, and the validity of a particular authentication using that scheme have been challenged.
Hashes are one type of a variety of cryptographic methods of providing a one-way encoding of information. A hash value can only be recreated using the exact same information again. "The cryptographic value of the hash lies in the fact it is impossible to retrieve the original information from the hash itself." (Miseldine, 2004)
One of the most common and familiar forms of hashes is a password. But although passwords may have significance to the user, viewed from a computer's point-of-view, a hash is merely an unordered collection of values, each of which is identified by a unique key or combination of letters, values, and other symbols. Replicating these keys can only retrieve the value of the hash. By altering one's password, one can add to or delete from the collection of symbols used. The variety of symbols available to the user varies with...
This dictionary may be as wide and all encompassing as the dictionary itself, or even more so, if it is case-sensitive and uses many symbols and numbers and spaces as well as letters. (Menon-Sen, 2002)
Because the usual intent is that the hash can act as a signature for the original data, without revealing its contents it is important that the hash function is irreversible, in other words it cannot be changed during the authentication process or while a user is logging into a system. But randomness cannot have any place in a hash function. In other words, a hash function can and should completely deterministic. Given the exact same forms of input twice, in other words the hash function should always produce the same output. Even a single bit of information changed in the input should produce a different hash value. (Connected, 2004)
Thus, the hash value should be small enough to be manageable in further manipulations, yet large enough to…
Works Cited
Hash Functions." (2004) Connected: An Internet Encyclopedia.
Retrieved on June 27, 2004 at http://www.freesoft.org/CIE/Topics/142.htm
Menon-Sen, Abhijit. (October 1, 2001) "How Hashes Really Work." Retrieved on June 27, 2004 at http://www.perl.com/lpt/a/2002/10/01/hashes.html
Miseldine, David. (June 14, 2004) "Password Hashes." Site point. Net log. Retrieved on June 27, 2004 at http://www.sitepoint.com/blog-post-view.php?id=175017
Auditing, Monitoring, Intrusion Prevention, Intrusion Detection, and Penetration Testing "Unlike IP fragmentation (which can be done by intermediate devices), IP reassembly can be done only at the final destination. What problems do you see if IP reassembly is attempted in intermediate devices like routers?" [ ] IP fragmentation is defined as the IP (Internet Protocol) that breaks datagrams into smaller fragment to assist packets passing through links and forming a smaller MTU
To offer an information security awareness training curriculum framework to promote consistency across government (15). Security awareness is needed to ensure the overall security of the information infrastructure. Security awareness programs is the can help organizations communicate their security information policies, as well as tips for users, to help keep systems secure, and the practices the entire organization should be utilizing. However, as Kolb and Abdullah reiterate, "security awareness is not
Cybercrime has become a serious problem in the world we live in. The abundance of personal computers that are readily available at relatively low prices has spawned the growth in Cybercrime all over the globe. As a result, law enforcement agencies have developed cybercrime forensics which is designed to track down those that are responsible for cyber crimes. The purpose of this discussion is to analyze this subject and discuss
Digital Signature Scheme Based on Factorization The objective of this study is to discuss an issue in cryptography or computer security. Digital signatures are described as "an analog of handwritten signatures" which are based on "the physically idiosyncratic way of signing one's name. But they can be easily forged." (Grabbe, 1998) The digital signature is "a mathematical method of attaching one's identity to a message" and is held to be more
The British government has learned that Saddam Hussein recently sought significant quantities of uranium from Africa, (George W. Bush, State of the Union Address, Jan. 28, 2003) the claims were quickly picked up and repeated by the media. So were claims that Iraq had nuclear weapons. "We believe [Hussein] has, in fact, reconstituted nuclear weapons." (Dick Cheney, NBC's Meet the Press, March 16, 2003) Yet, after the search for
This is however, not considered foolproof. It is possible to break the security by a person having adequate technical expertise and access to the network at hardware level. In view of this the SSL method with right configuration is considered perfectly sufficient for all commercial purposes.5In order to safeguard the data while in transit it is customary to adopt a practical SSL protocol covering all network services that use