Lecture 10: Hierarchical Key Management + Password Hashing

Drawbacks of Trusted Directory

(True/False) The main downside of TDs are that they don't scale well and are a central point of attack/trust/availability

Digital Certificates

(True/False) Digital certificates remove the problem of a central point of attack that existed with TDs

Certificate Hierarchies

(True/False) If I am given Verisign's public key, I can verify a certificate for David


(True/False) The main problem with revocation lists is that they take up a lot of space

Password Hashing

Which property of hash functions make them suitable for password management? Why is this property important?

Salted Hashes

(True/False) A slow hash function is a secure replacement for using password salts