Issue No.12 - December (1998 vol.47)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/12.737682
<p><b>Abstract</b>—Authentication using a path of trusted intermediaries, each able to authenticate the next in the path, is a well-known technique for authenticating channels in a large distributed system. In this paper, we explore the use of multiple paths to redundantly authenticate a channel and focus on two notions of path independence—<it>disjoint</it> paths and <it>connective</it> paths—that seem to increase assurance in the authentication. We give evidence that there are no efficient algorithms for locating maximum sets of paths with these independence properties and propose several approximation algorithms for these problems. We also describe a service we have deployed, called PathServer, that makes use of our algorithms to find such sets of paths to support authentication in PGP applications.</p>
Security, authentication, public key certificate, certificate path, independent paths.
Michael K. Reiter, "Resilient Authentication Using Path Independence", IEEE Transactions on Computers, vol.47, no. 12, pp. 1351-1362, December 1998, doi:10.1109/12.737682