A technology company is asked to develop a bespoke software system which will allow doctors to access the health records of patients from any personal computer, including laptops, connected to the internet. A bespoke client-side application will be deployed on each personal computer. A centralized server will hold the entire dataset for all patients. The security of the system is very important; in particular, the patients' data must be kept strictly confidential. Comment on each of the three proposed design decisions below. For each design: discuss the strengths and weaknesses of each proposal with respect to security, identify specific attacks and discuss how the design could be improved. a) Users will be authenticated using passwords over a securely-encrypted connection. Each user will be allowed to choose their own password, provided that it contains at least 128 bits of entropy. A hash of the user's password will be retained on the authentication server, but not the password itself. A user's account will be temporarily locked if more than twenty consecutive unsuccessful login-attempts originate from the same IP address. b) Users will be authenticated using RSA (RSA is made of the initial letters of the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who first publicly described the algorithm in 1977). A national public-health body acts as a Certificate Authority (CA) for users' public keys. Keys will be chosen such that the exponent can be represented as a 256-bit integer. The private-key will be stored on the user's hard disk. c) In order to keep data secure while it is transferred from the server to the client, it will be encrypted using the Data Encryption Standard (DES). The DES key will be negotiated on a per-session basis using a Diffie-Hellman (DH) protocol. The DH protocol uses 2048-bit keys.