illustrate the practical complexity of brute-force search attacks on the password-based encryption;

• to test the students skills of understanding symmetric cryptography primitives in Java or Python programmes;

• to test the students skills in the analysis of the experiments.

2.Estimation of time required for brute-force search attack on the password-based encryption This assignment asks you to estimate the time required for successful brute-force search attack on password-based encryption using JCA in Java or Python alternative. It assumes that you have done Lab 1, Lab 2 and Lab 3.

This work will be formatted as a formal written lab report. If you are unsure how to write a report see (https://liverpool.instructure.com/courses/24284/pages/academic-writing) The report should focus on the findings of each lab session and include:

Discussion on Passwords, Hashes and password storage

Discussion on more than one algorithm that could be used for password-based encryption such as DES, 3DES, AES, SHA

3.How password length influences time taken to encrypt and decrpty under normal circumstances (fixed and known Salt and iteration count)

4.With a range of passwords estimate the time required for successful brute-force search attack, assuming that an attacker knows:

• the predefined plaintext;

• the ciphertext produced;

• the salt;

• the iteration count;

• but no password.

5.Investigate how the time required for the attack depends on the iteration count; and estimate the time required to recover a password with an unknown iteration count.

6.Compare your estimated time with the estimated time returned for the same passwords by online services such as those used in Lab 1 and propose plausible explanation of any observed differences.