Improving Robustness of PGP Keyrings by Conflict Detection

Secure authentication frequently depends on the correct recognition of a user’s public key. When there is no certificate authority, this key is obtained from other users using a web of trust. If users can be malicious, trusting the key information they provide is risky. Previous work has suggested the use of redundancy to improve the trustworthiness of user-provided key information. In this paper, we address two issues not previously considered. First, we solve the problem of users who claim multiple, false identities, or who possess multiple keys. Secondly, we show that conflicting certificate information can be exploited to improve trustworthiness. Our methods are demonstrated on both real and synthetic PGP keyrings, and their performance is discussed.

[1]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[2]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[3]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[4]  Christian Huitema,et al.  A new approach to the X.509 framework: allowing a global authentication infrastructure without a global trust model , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[5]  Audun Jøsang,et al.  The consensus operator for combining beliefs , 2002, Artif. Intell..

[6]  Christian Huitema,et al.  Associating Metrics to Certification Paths , 1992, ESORICS.

[7]  Carl M. Ellison,et al.  Establishing identity without certification authorities , 1996 .

[8]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[9]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[10]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[11]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[12]  Michael K. Reiter,et al.  Resilient Authentication Using Path Independence , 1998, IEEE Trans. Computers.

[13]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[14]  Ueli Maurer,et al.  Modelling a Public-Key Infrastructure , 1996, ESORICS.

[15]  Yvo Desmedt,et al.  Trust and security: A new look at the Byzantine generals problem , 1996, Network Threats.

[16]  Yvo Desmedt,et al.  Secure Communication in an Unknown Network Using Certificates , 1999, ASIACRYPT.

[17]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[18]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[19]  David K. Smith Network Flows: Theory, Algorithms, and Applications , 1994 .

[20]  Danny Dolev,et al.  The Byzantine Generals Strike Again , 1981, J. Algorithms.

[21]  Anukool Lakhina,et al.  BRITE: Universal Topology Generation from a User''s Perspective , 2001 .

[22]  Elisa Bertino,et al.  Computer Security — ESORICS 96 , 1996, Lecture Notes in Computer Science.

[23]  Michael K. Reiter,et al.  Toward acceptable metrics of authentication , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[24]  Moti Yung,et al.  Perfectly secure message transmission , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[25]  Jean-Jacques Quisquater,et al.  Computer Security — ESORICS 92 , 1992, Lecture Notes in Computer Science.

[26]  Rajeev Motwani,et al.  On syntactic versus computational views of approximability , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[27]  Dieter Gollmann,et al.  Computer Security — ESORICS 94 , 1994, Lecture Notes in Computer Science.

[28]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.