Navigating in Webs of Trust: Finding Short Trust Chains in Unstructured Networks without Global Knowledge
2012 Seventh International Conference on Availability, Reliability and Security (2008)
Mar. 4, 2008 to Mar. 7, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.117
Authentication of participants is fundamental for secure communication systems. Many traditional systems rely on central components (like certification authorities). These have to be powerful and well-protected, making them expensive, and require trust in a central authority. Conventional decentralized solutions based on local trust between participants only (like PGP) are cheaper but either must be supported by central components, or they are prone to e.g. Sybil attacks. We present a decentralized solution without any trusted central components for finding paths of trust between arbitrary participants in an unstructured network: In an initialization phase a hierarchical overlay structure is constructed, providing each participant with certificate chains to predefined reference nodes. These certificate chains can be used later to find short trust chains between nodes. Monte-Carlo simulations clearly demonstrate the feasibility and efficiency of our approach for social networks. Further features like merging of networks, limited trust relationships between participants and revocation of trust can be integrated easily.
communication system security, identification of persons, personal communication networks, public key cryptography
Jens-Uwe Bu?er, Martin Otto, Peter Hartmann, Steffen Fries, "Navigating in Webs of Trust: Finding Short Trust Chains in Unstructured Networks without Global Knowledge", 2012 Seventh International Conference on Availability, Reliability and Security, vol. 00, no. , pp. 335-343, 2008, doi:10.1109/ARES.2008.117