System be replaced by an alternative system


Because of known risks of the UNIX password system, it has been recommended that the system be replaced by an alternative system that uses public key cryptography, RSA for example. In this system the standard UNIX password file is replaced with a publicly readable file /etc/publickey. An entry in the file for user A consists of a user's identifier IDA, the user's public key, PUA, and the corresponding private key PRA. This private key is encrypted using DES with a key derived from the user's login password PA. When A logs in, the system decrypts E[PA, PRA] to obtain PRA.

(a) How might the system derive the secret key for DES from the user's login password PA?
(b) When A logs in, the system verifies that PA was correctly supplied. How?
(c) In terms of password security, does this method offer more, less or the same level of security as the standard UNIX password system? Justify your answer.

Request for Solution File

Ask an Expert for Answer!!
Computer Networking: System be replaced by an alternative system
Reference No:- TGS0121066

Expected delivery within 24 Hours