Lecture 10: Hierarchical Key Management + Password Hashing

Drawbacks of Trusted Directory


(True/False) The main downside of TDs are that they don't scale well and are a central point of attack/trust/availability




Digital Certificates


(True/False) Digital certificates remove the problem of a central point of attack that existed with TDs




Certificate Hierarchies


(True/False) If I am given Verisign's public key, I can verify a certificate for David




Revocation


(True/False) The main problem with revocation lists is that they take up a lot of space




Password Hashing




Which property of hash functions make them suitable for password management? Why is this property important?




Salted Hashes


(True/False) A slow hash function is a secure replacement for using password salts