Write a program to simulate the authentication process. Store an actual PIN number in your program. The program should use an array to assign random numbers to the digits from 0 to 9. Output the random digits to the screen, input the response from the user, and output whether or not the user’s response correctly matches the PIN number.
Traditional password entry schemes are susceptible to “shoulder surfing” in which an attacker watches an unsuspecting user enter their password or PIN number and uses it later to gain access to the account. One way to combat this problem is with a randomized challenge-response system. In these systems the user enters different information every time based on a secret in response to a randomly generated challenge. Consider the following scheme in which the password consists of a five-digit PIN number (00000 to 99999). Each digit is assigned a random number that is 1, 2, or 3. The user enters the random numbers that correspond to their PIN instead of their actual PIN numbers.
For example, consider an actual PIN number of 12345. To authenticate the user would be presented with a screen such as:
PIN: 0 1 2 3 4 5 6 7 8 9
NUM: 3 2 3 1 1 3 2 2 1 3
The user would enter 23113 instead of 12345. This doesn’t divulge the password even if an attacker intercepts the entry because 23113 could correspond to other PIN numbers, such as 69440 or 70439. The next time the user logs in, a different sequence of random numbers would be generated, such as:
PIN: 0 1 2 3 4 5 6 7 8 9
NUM: 1 1 2 3 1 2 2 3 3 3
This solution inputs the PIN as a string and extracts the digits using the Unicode/ASCII representation, but a student could also input the number as an integer and extract the digits using division and modulus.
The actual PIN in the solution is 99508.
This project is somewhat difficult as it requires an understanding of arrays storing numbers that are used as an index in another array.
See the code in Authenticate.java.
You might also like to view...
An ATM is a self-service banking terminal that connects to a host computer through a network.
Answer the following statement true (T) or false (F)
A(n) __________ occurs when an attack affects information resources and/or assets, causing actual damage or other disruptions.
Fill in the blank(s) with the appropriate word(s).
What is the maximum detection distance in meters of an Infrared Pulsed Intrusion Detection System (IPIDS)?
a. 60. b. 80. c. 100. d. 150.
Match each item with a statement below.
A. a file used to manage random access devices that handle blocks of data B. an I/O management file in UNIX/Linux used to handle byte-by-byte streams of data C. a file used in UNIX and Linux for managing I/O devices D. a high-quality visual standard for connecting flat-panel LCD displays E. a digital interface standard that is projected to replace HDMI and other interfaces for computers F. used to measure the resolution of a printer G. a digital signature that Microsoft incorporates into driver and system files H. a channel within the computer that is used for communications with the CPU I. a range of memory addresses used to temporarily store data that is transferred between a computer device or component and the CPU J. a unit used to measure the resolution of a display screen