Lecture 10: Hierarchical Key Management + Password Hashing

Intro to Key Management


Take some time to think of some solutions on your own before moving on!




Trusted Directory


Let's say the TD includes Bob's name in it's response, but puts the name outside of the signature. What attack can a MiTM now perform?




Updating the Trusted Directory


(True/False) It is secure for Alice to use the same random nonce to request keys for multiple users.




Drawbacks of Trusted Directory


(True/False) The main downside of TDs are that they don't scale well and are a central point of attack/trust/availability




Digital Certificates


(True/False) Digital certificates remove the problem of a central point of attack that existed with TDs




Certificate Hierarchies


(True/False) If I am given Verisign's public key, I can verify a certificate for David




Revocation


(True/False) The main problem with revocation lists is that they take up a lot of space




Password Hashing




Which property of hash functions make them suitable for password management? Why is this property important?




Salted Hashes


(True/False) A slow hash function is a secure replacement for using password salts