Your Perfect Assignment is Just a Click Away

We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

How It Works
Order Now
glass
pen
clip
papers
heaphones

ISSC361 Five Basic Attacks on Authentication Systems

Aug 31, 2021 | PROGRAMMING | 0 comments

Aug 31, 2021 | PROGRAMMING | 0 comments

ISSC361 Five Basic Attacks on Authentication Systems

Respond to the below two students discussion with 150 words minimum. The question they are responding to re below in bold just so you will know.
For this assignment, create a new message and address the following items in your response.

Describe the five basic attacks on authentication systems.
Outline the symmetric encryption process and explain the components involved in the process.
Summarize the different situations in which people use file encryption software.
Describe the different categories of asymmetric encryption algorithms and how they are used in practice.

Student one:
Describe the five basic attacks on authentication systems.

Clone or borrow the credential – “Shoulder Surfing” Watching people type passwords
Sniff the credential – Digital shoulder surfing, we collect packets via wireshark or similar packet sniffing software and look for passwords and tokens.
Trial and error guessing – use statistics to help your guesses
Denial of Service -overloading the system to lock the user out, preventing access into the system.
Retrieve offline – You can bypass a lot of security if you can get an offline backup.

Outline the symmetric encryption process and explain the components involved in the process.
Symmetric encryption is where the same key is used for both encryption and decryption of the data. To start, the user decides to encrypt his data. He must decide on a key to decrypt the data. He then uses software that automatically encrypts the data using that key. Now the user feels comfortable sending the data out to user 2 who now has a problem. User 2 must somehow be aware of the key that User 1 created. Often, this key is sent through a different means than the encrypted data. If the encrypted data is sent via Email, then the key is shared via phone or text. Now having the key, User 2 can now decrypt the data.
Summarize the different situations in which people use file encryption software.
If at any point for any reason the data manager feels that the data risks being compromised, then encrypting the data is warranted. Any sensitive data being sent over the internet MUST be encrypted. Server, system, and profile backups need to be encrypted and secured off network to prevent attackers from gaining access and manipulating data.
Describe the different categories of asymmetric encryption algorithms and how they are used in practice.
Asymmetric encryption is where there is one key for encryption, and a separate key for decryption. The decryption key is a closely guarded secret and never shared with anyone ever. This key is called the private key. The key used for encrypting data is not kept secret and shared widely. This key is called the public key. The public now knows your encryption standard, and can encrypt any data they want using your standard. These keys are not reversible, so until you decrypt the data with your private key, the data is unreadable.
Die-Hoffman (DH): is a hybrid of asymmetric and symmetric encryption. The encryption is symmetric but they manage to share the key with each other without actually sending the key.
RSA: is the standard Asymmentric encryption system.
Reference:
Smith, R. E. (2016). Elementary information security, 2nd Edition. Subury, MA: Jones & Bartlett Learning.
-Arn

Student two:

Describe the five basic attacks on authentication systems

The 5 basic authentication attacks are, Clone or borrow the credentials or token, Sniff the credential, Trial and error, Denial of service (DoS), and Retrieve from a backup.
Clone or borrow is an attack that is usually done by shoulder surfing or finding the login credentials and using those to log in.
Sniff the credentials is a method that captures the login credentials as it is being transmitted to the login process.
Trial and error is exactly what it is, trial and error. This attack is just trying different combination until the attacker gets one right to be able to log in.
The denial of service attack is were the attacker can damage the system which will block assess to the system by others.
Retrieve from a backup is being able to get the log in information from a backup on the hard drive and using the log in information to be able to access account.

Outline the symmetric encryption process and explain the components involved in the process.

Symmetric encryption is a way to encrypt and decrypt using the same key. There are two categories for the symmetric encryption and that is the code and cypher. The code encryption uses words or phrases to hide a message within. For instance, the military uses code words for many things for instance “Oscar Mike” means “On The Move”.
Cypher encryption uses algorithms to encrypt data and only someone who has the PKI key and decrypt the message, for instance encrypting an email and only the receiver can open and decrypt the message.

Summarize the different situations in which people use file encryption software.

You would want to encrypt your data if you care carrying an external HD, sending an email, or using a public workstation to name a few.

Describe the different categories of asymmetric encryption algorithms and how they are used in practice.

There are two part to asymmetric encryption “public key and private key” both of these are needed to be able to encrypt a file or email. One-way asymmetric encryption is used is with email, you will use a private key and public key to encrypt the message and only those keys can decrypt the message.
Matt

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Blackboard Experts only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Blackboard Experts are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Blackboard Experts is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Blackboard Experts, we have put in place a team of experts who answer to all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.