Question

In: Computer Science

You are safeguarding a gate; anybody passing the gate has to tell you his/her name and...

You are safeguarding a gate; anybody passing the gate has to tell you his/her name and password. Since there is no sound protection, anybody nearby can hear what they say and get the passwords. To solve that problem, you are requesting that each password can be used only once. Initially, you give each authorized person a list of passwords, and ask them to cross one out each time when a password is used, so each password is used only once. It is important to use the list of passwords in order. However, you do not want to maintain such a list yourself. You only want to remember one password for each person. Note that all passwords are HEX numbers (each number is up to 32 bytes). You do not mind changing this number each time when a secret password is used. Basically, each time you generate the next number in the list and replace the current number. Describe how you can do this.

Solutions

Expert Solution

Random number generators typically work on bits, so the range of numbers they can generate is a power of two. A range of characters like [0-9a-zA-Z] has 62 characters, which is two shy of a power of two (64), so the computer has to do some conversion between the ranges.

That can be done, but it's easy to get it wrong. The "standard" way is to take the actual number, divide it by the range you want, and take the remainder as your random number. That introduces bias though. For a simple example, say you generate numbers in [0-3] but you want them in [0-2] instead. The [0-3] range would map to the [0-2] range like so:

0 => 0 mod 3 => 0
1 => 1 mod 3 => 1
2 => 2 mod 3 => 2
3 => 3 mod 3 => 0
Note how you can get a 0 in two different ways: 0 and 3 both go to 0. The approach is biased toward generating 0s, which will make your password easier to guess.

The correct way involves computing the right padding to make what you generated fit evenly into the range, which is tricky and could potentially make your password a lot longer depending on how your output range compares to that of the random number generator.

An easier approach is to just use a range that's already a power of two so you can ignore the bias entirely. Most have problems.

Base-2 (binary) produces extremely long strings.
Base-4 (quaternary) isn't much better.
Base-8 (octal) is better but still lengthy.
Base-16 (hex) is a little long, but reasonable. It also encodes 4 bits per character, which is pretty convenient when computers prefer multiples of 8.
Base-32 encodes 5 bits per character, which is not convenient when computers prefer multiples of 8.
Base-64 encodes 6 bits per character, which is still awkward (but slightly less since at least it's an even number).
Base-96 is popular, but not a power of 2 so it has the same problem as [0-9a-zA-Z].
Base-128 and above all involve symbols you can't easily type on a typical querty keyboard.
To expand a little on why base-64 is a problem, consider what happens when you try to encode a single byte (8 bits). You can't do it with a single base-64 character since that only gets 6 of the 8 bits. But if you use two characters, you have to figure out how to pad your 8-bit byte to a 12-bit output without introducing bias or suggesting there might be an extra byte.

Hex, in contrast, is almost trivial to encode bytes in. Just look up each byte in a 256 element table to get two characters and spit them out. It gives reasonably short passwords, doesn't use weird symbols, and it's simple to implement. It's the best choice for security conscious password generators.


Related Solutions

You are an investment advisor and a client asks you to tell her the chance of...
You are an investment advisor and a client asks you to tell her the chance of making money on an investment at the end of the year. You gather data on annual rates of return for the investment and find that they have a normal distribution with a mean of 5% and a standard deviation of 6%. Determine the probability that the client loses money on the investment at the end of the year, to three decimal places. Hint: If...
The system will accept the employee ID, the employee name and his/her gross salary.
The system will accept the employee ID, the employee name and his/her gross salary.Based on the gross salary provided, if it is equal to or greater than OMR 2500, the system should apply a tax rate of 6% when calculating the income tax otherwise a tax rate of 4% should be applied when calculating.calculate the income tax and the net salary,If (gross salary > = 2500)          Tax rate = 6%Else     Tax rate = 4%Income tax = Net salary = 
You are caring for a patient who has refused to take his/her medication. Instead of forcing...
You are caring for a patient who has refused to take his/her medication. Instead of forcing the patient to take the medication, your colleague tells you to hide it in his/her food. What do you do? What ethical and legal considerations should be taken into account for your decision? What is the nurses’ role and responsibility in medication administration? What do you do? What ethical and legal considerations should be taken into account for your decision? What is the nurses’...
It has been said that if you are at a party and you tell someone you...
It has been said that if you are at a party and you tell someone you have a terrible disease or you are a terrorist, the conversation happily continues. But, if you tell them you are religious, an icy chill hits the air. Peter Kreeft believes that much of this is due to ignorance in the area of religious studies. His personal pet peeve is the statement: “All religions are the same deep down.” He states: “That is simply factually...
A 3 year old patient is admitted with intense coughing fits and her parents tell you...
A 3 year old patient is admitted with intense coughing fits and her parents tell you that she has been vomiting after the especially intense fits. She appears cyanotic and after coughing several times, it sounds as though she is gasping for air. They tell you that they have opted out of vaccinating their child because they feel that it is unsafe. What is likely the causative agent (pathogen) for this infection? (1 point) What is the name of this...
Kim needs to learn about absorption of food in her digestive system, what do you tell...
Kim needs to learn about absorption of food in her digestive system, what do you tell her?
a.Imagine this situation. You are working in hospital. You got a new patient referral his name...
a.Imagine this situation. You are working in hospital. You got a new patient referral his name is Salim. You found that he has Crohn's disease, diabetes and chronic kidney disease (stage 4), which condition would you focus on for MNT and why?
Joanne has provided you with her net worth statement and has told you her monthly net...
Joanne has provided you with her net worth statement and has told you her monthly net income is $5,000 and monthly expenses are $3,800. Assets: Chequing account $7,200 Non-registered money market fund $15,000 (emergency savings) TFSA Account $69,500 (savings for down payment on a home) Car $20,000 Liabilities: Credit card debt $1,000 Student loan $41,000 Using the information she provided you, calculate her liquidity ratio. Your answer should be a whole number, to two decimal places.
You are interested in whether a student’s popularity rank is related to his or her leadership...
You are interested in whether a student’s popularity rank is related to his or her leadership rank. You have collected the data, and now you are ready to run the analysis. Assuming that you end up with a high but negative gamma, what would that mean about the relationship between popularity rank and leadership rank? Students who rank higher in popularity tend to rank higher in leadership. There is no relationship between rank in popularity and rank in leadership. Students...
1. How can you make someone realize that his or her behavior is causing you a...
1. How can you make someone realize that his or her behavior is causing you a problem? 2. What would you do if you told someone that his or her behavior was a problem for you and the person reacted as though he or she really did not care? 3. What would you do to help someone engage in reflection? 4. Discuss how you generally show your anger to a significant other person in your life. 5. Discuss your experiences...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT