Efficient and trustworthy key distribution in webs of trust

This paper introduces a method for finding trust paths in webs of trust. It makes use of untrusted key servers which collect certain information about trust relationships and give hints as to where a trustworthy recommendation path can be found. These hints can then be verified in a distributed protocol amongst the affected entities. In global networks, reliable distribution of public keys tor authentication and encryption purposes is still a problem. Since it is impossible to have a single, globally trusted key server, a distributed approach is necessary. If an entity A looks for a public key of a prospective communication partner B, it will first ask its local trusted servers. If these servers do not know the public key of B, they can recommend other entities as trustworthy servers to A. With this method, A can go along a whole recommendation path until it finds the key of B. In order to believe that the key is indeed correct, A has to trust all entities on the path. The problem that remains is to find the right direction for a trustworthy recommendation path. There are two main approaches: The first is a strict regulation of the trust relationships, such that the search can go along a hierarchy. This implies that the participants have no choice but to follow the given trust structure. The second approach is an unrestricted web of trust. In these systems, there is not yet a satisfactory way to find trust paths.

[1]  Malte Borcherding,et al.  Covered Trust Values in Distributed Systems , 1995 .

[2]  所 真理雄,et al.  20th ACM Symposium on Operating Systems Principles , 1986, SOSP '05.

[3]  Udi Manber,et al.  Introduction to algorithms - a creative approach , 1989 .

[4]  Simson L. Garfinkel,et al.  PGP: Pretty Good Privacy , 1994 .

[5]  Virgil D. Gligor,et al.  On Inter-Realm Authentication in Large Distributed Systems , 1993, J. Comput. Secur..

[6]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[7]  Virgil D. Gligor,et al.  On inter-realm authentication in large distributed systems , 1991, Proceedings. 25th Annual 1991 IEEE International Carnahan Conference on Security Technology.

[8]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[9]  Thomas Beth,et al.  Trust relationships in secure systems-a distributed authentication perspective , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[10]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.