| Search the Collection|Browse Subjects|Services|Library Information|Community |News & Events | |
|
|
|
|
|
|
|
|
||||
|
|||||||
Type of Document Dissertation Author Jiang, Qinglin , URN etd-01032006-180135 Title Improving Robustness of Webs of Trust Degree PhD Graduate Program Computer Engineering Advisory Committee
Advisor Name Title Douglas S. Reeves Committee Chair Peng Ning Committee Co-Chair Greg T. Byrd Committee Member Wenye Wang Committee Member Keywords
- pgp
- self-organized
- ad-hoc
- certificate recommendation
- pki
- public key
- webs of trust
- certificate
Date of Defense 2006-01-04 Availability unrestricted Abstract The correct recognition of a user?s public key is very important for many security functions, such as confidentiality, integrity and non-repudiation. If we mistakenly recogniz ean illegitimate public key as legitimate, then these security functions may be compromised.In distributed webs of trust systems, each user?s public-key information is provided by other users. Because users can be unreliable(untrustworthy, malicious, compromised users or who make mistakes), the correctness of the public-key information they provided remains
a question. For this reason, a method to verify the correctness of the user-provided public-key information is very much needed.
Previous works have suggested the use of redundancy to compute the trustwor-
thiness on user-provided public key information. However, the problem of how to improve
the trustworthiness has never been considered. In this paper, we will focus on the problem
of how to improve the trustworthiness of user-provided public-key information. Firstly,
we observe that the trustworthiness computed on a public key may be inaccurate if users
claim multiple false identities and/or (either legitimately or illegitimately) possess multiple
public keys. We explain it and show that the result of trust computation can be made
more accurate if we also consider identities. Secondly, we analyze conflicting certificates
and show that it can be used to detect malicious users and improve the trustworthiness on public keys. Thirdly, we show that the current webs of trust system's robustness can be significantly improved by the two kinds of certificate recommendation methods we have proposed. The applications of both recommendation methods will
result in richly-connected and very robust webs of trust systems. In the last, we present a very efficient and robust mechanism to apply the webs of trust system in wireless ad-hoc
networks.Our mechanism enables users to exchange certificate path information so they can easily find certificate paths and authenticate each other.
Our presented mechanism is very efficient and requires less communication overheads. Our
mechanism is also very robust because it considers the case of network partitions and can construct
and find multiple certificate paths between users. For all the works presented in this paper,
we illustrate their concepts and show the results on practical web of trust PGP keyrings.
Files
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access etd.pdf 872.81 Kb 00:04:02 00:02:04 00:01:49 00:00:54 00:00:04