Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Description A widely used password security technique is the use of hashed passw

ID: 3705339 • Letter: D

Question

Description A widely used password security technique is the use of hashed passwords and a salt value. This scheme is found on virtually all UNIX variants as well as on a number of other operating systems as shown in Figure 3.1 bellow. To load a new password into the system, the user selects or is assigned a password. This password is combined with a fixed-length salt value. In older implementations, this value is related to the time at which the password is assigned to the user. Newer implementations use a pseudorandom or random number. The password and salt serve as inputs to a hashing algorithm to produce a fixed-length hash code. The hash algorithm is designed to be slow to execute to thwart attacks. The hashed password is then stored, together with a plaintext copy of the salt, in the password file for the corresponding user ID. The hashed-password method has been shown to be secure against a variety of cryptanalytic attacks WAGNOO] When a user attempts to log on to a UNIX system, the user provides an ID and a password. The operating system uses the ID to index into the password file and retrieve the plaintext salt and the encrypted password. The salt and user-supplied passwords are used as input to the encryption routine If the result matches the stored value, the password is accepted. // PART A: ID/PASSWORD CREATION Write the necessary C++ code (or a language of your choice) for the following activities: 1- Create user ID and Password pair by asking users to input ID/Password. Check the input and help users to choose an acceptable ID/Password based on the company security policy 2- Create a Salt value, add it to the Password and use a hash function to encrypt both Salt and Password.( add random number to password then encrypt the password) 3- Store user ID, Salt and hashed password in ID-PASSWORD.TXT // PART B: USER AUTHENTICATION Enhance your code from PART A for the following activities: 2- Authenticate users using ID.txt and the ID-PASSWORD.TXT files. F3 FS F6 F7 F8 19

Explanation / Answer

#include <iostream>

#include <fstream>

#include<string>

using namespace std;

class PasswordGeneration

{

private:

string userid;

string password;

int seed;

unsigned long hashValue;

public:

PasswordGeneration();

void setPassword();

unsigned int hash(string password);

void authenticateUser();

};

PasswordGeneration :: PasswordGeneration()

{

seed=2;

}

//Question 1

void PasswordGeneration ::setUserID()

{

cout<<"Enter UserID : ";

//getline(cin,userid);

cin >> userid;

}

void PasswordGeneration :: setPassword()

{

string error;

cout << "Enter Password : ";

cin >> password;

//getline(cin,password);

if(password.empty())

error = "Password shouldn't be empty";

else if(password.length() < 9)

error = "Password length must greater than 8";

else if(password.find_first_of("@#!*&_") ==string::npos)

error = "Password must contain any special character of these @,#,!,*,& and _";

else if(password.find_first_of("1234567890") == string::npos)

error = "Password must contain at least one digit";

else

{

error="Password is Accepted";

storeDatabase();

}

cout <<error << endl;

}

//Question 2

unsigned int PasswordGeneration ::hash(string password)

{

unsigned long hash = seed;

const char "pword=password.c_str();

while (*pword)

{

hash = hash * 101 + *pword++;

}

hashValue = hash;

}

//Question 3

void PasswordGeneration :: storeDatabase()

{

fstream uidfile("ID.txt",ios::app);

uidfile << userid;

uidfile.close();

fstream passwordfile("ID-PASSWORD.txt");

passwordfile << hash(password) ;

passwordfile.close();

}

//Part B: UserAuthentication

void PasswordGeneration :: authenticateUser()

{

string uid,pw;

cout << "User ID:";

cin >> uid;

cout << "User Password :";

cin >> pw;

unsigned long passhash=hash(pw);

string txtstr;

bool ustatus=false;

//reading id from the ID.txt file

ifstreamfile ("ID.txt");

while(getline(file,txtstr))

{

if(uid == txtstr)

ustatus =true;

}

file.close();

if(!ustatus)

{

cout <<"Invalid UserID"<<endl;

return;

}

txtstr="";

ustatus=false;

//reading password from the ID-PASSWORD.txt file

ifstream file2("ID-PASSWORD.txt");

while(getline(file2,txtstr))

{

if(passhash == hash(txtstr))

ustatus =true;

}

file2close();

if(!ustatus)

{

cout<<"Invalid Password"<<endl;

return;

}

}

cout<<"User Login Successfully...!"<<endl;

}

int main()

{

//PasswordGeneration obj("suresh","sure4has!urr");

PasswordGeneration obj;

// //Creation of User -> Part - A

obj.setUserID();

obj.setPassword();

//Authentication of User -> Part - B

obj.authenticateUser();

return 0;

}

Related Questions

Describing Motion using visual representations Carts A and B move along a horizo
Question #1392646
Describing algorithm: In some problems you may be asked to describe an algoritha
Question #3687565
Describing algorithm: In some problems you may be asked to describe an algorithm
Question #3682509
Describing iPhone X as \"the best smartphone you can buy\", CNBC\'s reviewer hig
Question #388829
Describing the ANOVA model For each of the following situations, identify the re
Question #2916014
Describing the ANOVA model For each of the following situations, identify the re
Question #2950891
Describing the Sphincters of the Digestive Tract Complete each sentence by dragg
Question #171654
Describing the Sphincters of the Digestive Tract Complete each sentence by dragg
Question #223318

Navigate

Previous
Description A slot machine is a gambling device that the user inserts money into
Next
Description After applying, you have landed a job as a character programmer for