Homework 3 is due Tue Oct 18, 2022 on or before 11:59:59pm EDT. The assignment parts will be submitted via GradeScope. If your GradeScope account was not automatically created and linked, click on one of the “HW3” assignments in Moodle and it should set up. Contact the TA and Instructor if you are having trouble.

Points: HW3 has a maximum of 100 points with an additional 10 points for extra credit.

Acknowledgements: This assignment was derived with permission from assignments created by Adam Doupé and Micah Sherr.

Part 1: Written Questions (45 points)

The first part of this homework will require you to answer questions about cryptographic protocols. See the Homework 3 Written Questions. The assignment solution must be a PDF and should be turned in via GradeScope.

Part 2: Crack that Pass (55 points)

For this part of the assignment, we’re going to explore what happens when password hashes are released. There are four challenges that involve discovering a password. You are free to use any resource or program to help you solve these challenges, except for each other. Open source software such as john the ripper, hashcat, or any number of password cracking software may be used.

Obtain hashes: To get the hashes for this part of the assignment, submit a blank file to the “Crack That Pass Hashes” assignment on GradeScope.

Submission: Submit on GradeScope a single file called README for all parts (Parts 2.1-2.5) to the assignment “Crack That Pass” that contains your name, NC State Unity ID, and description of how you broke/reversed the passwords. You will also need to include the password that you broke for each part. You need to use the following format for auto-grading (if you didn’t solve a part, feel free to leave it blank, and submit as many times as you want):

MD5: <part 1 password>
SHA256: <part 2 password>
bcrypt: <part 3 password>
custom: <part 4 password>
custom ec: <part 5 password>

Part 2.1 – MD5 (15 points)

This password hash was created with a standard MD5 hash. As a check ncstate hashes to ae04283d7960675b7895401eb8d0685d and csc474 hashes to f54b363af1314035cd99d5c3da5a9370. Our intelligence shows that this is a 6 character password.

Part 2.2 – SHA256 (15 points)

This password hash was created with a standard SHA256 hash. As a check ncstate hashes to 6d751c82a3c485089bc31841ac546e8b917530e881e373cc9632f7b446cbb8fa and csc474 hashes to 377e93ab408ff8879e4ea0d20b6d5489b7d82dba3166baa9928af58a52ff85a1. Our intelligence shows that this is a 7 character password, composed of lowercase letters (a-z), uppercase letters (A-Z), and digits (0-9).

Part 2.3 – bcrypt (15 points)

This password hash was created with a standard bcrypt hash (note that bcrypt hashes include a salt, so there are many possible outputs). As a check ncstate hashes to $2b$12$w1iLwbhMxW2eQCaoTiS2Lu8pX0.44ij2N9Yi2BIXkbFkP3eThQxwS or $2b$12$TviF1fNlMJwRQs8jwaN7SusVrE6LYT3Y078bWXbz7GIyD0knxQ50u and csc474 can hash to $2b$12$1iQMYccIKQRcx1Tbk6pv7ugy/Y7o4O2VBpTYVnqx.WnhZoyLk/cJm or $2b$12$Z90EQ8I.qwtWfjql9c30oeMDGQbvy0okjE/BJgmASG.FTDid6HXbO. Our intelligence shows that this is a commonly used password.

Part 2.4 – custom (10 points)

This password hash was created with a custom hash function. First, you take the input to the hash and run it through MD5 100 times (feeding the output of MD5, as a hex string, into the next). Then, you run that result 100 times through SHA256. Then you run that result 100 times through SHA512. In mathematical notation, this looks something like:

SHA512( SHA512( ... ( SHA256( SHA256( ... ( MD5( MD5( ... ( "string" )...)

As a check ncstate hashes to 2d4547b1e59358fbb8846022b58e6c915fa644ee1735788b6cdaf0f8ba4bc3b8ea778d092e786047b018086a0f14db7ba684eefb150a90492d7f9caf6b6bc114, csc474 hashes to d07bbb7bf6ca344bd6632b90d38b07a77cdc03f0d18f9a8411b069bd716be5a13bba41cd205432b1bdcca9542c865ccc05e8c4f529f064de1f71c7ee5731beeb, and security hashes to 88466c23009271eb909e586c6707120f30a2dd6ae53fb025badb2f9d0f6765b90f124e3524d2d63719e8e668cf164411a61b1fea077ec1dd3b1db8889622095c. Our intelligence tells us that the user was quite lazy and the password is five characters lowercase letters (a-z).

Part 2.5 – Custom (10 points of extra credit)

This is the same custom hash function from Part 2.4, but the challenge is more difficult. No intelligence is available, and none will be given.