How can a web site distinguish between lack of capacity and a denial-of-service attack? For example, web sites often experience a tremendous increase in volume of traffic right after an advertisement with the site's URL is shown on television during the broadcast of a popular sporting event. That spike in usage is the result of normal access that happens to occur at the same time. How can a site determine that high traffic is reasonable?
Consider the following login protocol.
User knows password P
User knows Hash function H(.) and has a mobile calculator
User gives login name N to machine
Machine generates random number R
Machine gives R to user
User computes X:= Hash(P) XOR Hash(R)
User gives X to machine
Machine uses N to obtain P from password table
Machine computes Y:= Hash(P) XOR Hash(R)
If then machine allows login
a)Explain what is wrong with it and how can it be broken.
b) Show a simple way to strengthen this protocol against your attack.