NCSU Institutional Repository >
NC State Theses and Dissertations >
Dissertations >

Please use this identifier to cite or link to this item:

Title: Improving Robustness of Webs of Trust
Authors: Jiang, Qinglin
Advisors: Wenye Wang, Committee Member
Douglas S. Reeves, Committee Chair
Peng Ning, Committee Co-Chair
Greg T. Byrd, Committee Member
Keywords: pgp
certificate recommendation
public key
webs of trust
Issue Date: 6-Feb-2006
Degree: PhD
Discipline: Computer Engineering
Abstract: The correct recognition of a user's public key is very important for many security functions, such as confidentiality, integrity and non-repudiation. If we mistakenly recogniz ean illegitimate public key as legitimate, then these security functions may be compromised. In distributed webs of trust systems, each user's public-key information is provided by other users. Because users can be unreliable (untrustworthy, malicious, compromised users or who make mistakes), the correctness of the public-key information they provided remains a question. For this reason, a method to verify the correctness of the user-provided public-key information is very much needed. Previous works have suggested the use of redundancy to compute the trustworthiness on user-provided public key information. However, the problem of how to improve the trustworthiness has never been considered. In this paper, we will focus on the problem of how to improve the trustworthiness of user-provided public-key information. Firstly, we observe that the trustworthiness computed on a public key may be inaccurate if users claim multiple false identities and/or (either legitimately or illegitimately) possess multiple public keys. We explain it and show that the result of trust computation can be made more accurate if we also consider identities. Secondly, we analyze conflicting certificates and show that it can be used to detect malicious users and improve the trustworthiness on public keys. Thirdly, we show that the current webs of trust system's robustness can be significantly improved by the two kinds of certificate recommendation methods we have proposed. The applications of both recommendation methods will result in richly-connected and very robust webs of trust systems. In the last, we present a very efficient and robust mechanism to apply the webs of trust system in wireless ad-hoc networks.Our mechanism enables users to exchange certificate path information so they can easily find certificate paths and authenticate each other. Our presented mechanism is very efficient and requires less communication overheads. Our mechanism is also very robust because it considers the case of network partitions and can construct and find multiple certificate paths between users. For all the works presented in this paper, we illustrate their concepts and show the results on practical web of trust PGP keyrings.
Appears in Collections:Dissertations

Files in This Item:

File Description SizeFormat
etd.pdf852.36 kBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.