CS6035 Introduction to Information Security

1. Consider a process (A) that generates one of the following characters every second: A-Z, a-z, 0-9, $, or %.  

1. If each character above is equally likely, what's the Entropy?
2. Now, consider process B that generates two characters uniformly randomly every two seconds to generate a two-character message, e.g. ZY or CC.  What's the entropy of each two character message?  What's its relationship to your answer in part b and why?

Calculate Bob's Expected Uncertainty (Entropy) in the password given Alice's following approaches.

1. Alice is numerophobic so she chooses uniformly random letters only…. no numbers.
    
2. Alice chooses each character by pulling the characters out of a hat and then replacing the characters before drawing another. (Cryptographically random)
   
   
3. Alice flips a fair coin 4 times to generate a number between 0 and 15. We will call this number, s.  The first character is the hexadecimal representation of s.  The second character is hexadecimal representation of (2s +1) mod 16. The third is the hexdecimal representation of (3s+ 2) mod 16 and the fourth is (s+15) mod 16. 
   
   
4. Alice chooses four character l33t speak words at random that are representable using 0-9 and A-F … see http://www.datagenetics.com/blog/march42013/index.htmlfor a list of such words.
   
   
5. (This one you cannot directly calculate.) Alice chooses words as in d, but instead of by uniform chance, she picks familiar words to her.  What happens to the resulting entropy in comparison to d) and b).