Abstract
This paper deals with the evaluation of trust in public-key infrastructures. Different trust models have been proposed to interconnect the various PKI components in order to propagate the trust between them. In this paper we provide a new polynomial algorithm using linear algebra to assess trust relationships in a network using different trust evaluation schemes. The advantages are twofold: first the use of matrix computations instead of graph algorithms provides an optimized computational solution; second, our algorithm can be used for generic graphs, even in the presence of cycles. Our algorithm is designed to evaluate the trust using all existing (finite) trust paths between entities as a preliminary to any exchanges between PKIs. This can give a precise evaluation of trust, and accelerate for instance cross-certificate validation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adkins, H.: An update on attempted man-in-the-middle attacks. Technical report, Google Online Security Blog (August 2011), http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html
Albert, R., Jeong, H., Barabasi, A.-L.: Diameter of the world-wide web. Nature 401, 130–131 (1999)
Dolev, S., Gilboa, N., Kopeetsky, M.: Computing multi-party trust privately: in O(n) time units sending one (possibly large) message at a time. In: Proceedings of the ACM Symposium on Applied Computing, SAC 2010, pp. 1460–1465. ACM, New York (2010)
Ellison, C., Schneier, B.: Ten risks of PKI: What you’re not being told about Public Key Infrastructure. Computer Security Journal 16(1), 1–7 (2000), http://www.counterpane.com/pki-risks.pdf
Estrada, E., Hatano, N.: Communicability graph and community structures in complex networks. Applied Mathematics and Computation 214(2), 500–511 (2009)
Foley, S.N., Adams, W.M., O’Sullivan, B.: Aggregating trust using triangular norms in the keyNote trust management system. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 100–115. Springer, Heidelberg (2011)
Goldberg, G., Okunev, P., Neumann, M., Schneider, H.: Distribution of subdominant eigenvalues of random matrices. Methodology and Computing in Applied Probability 2, 137–151 (2000)
Gomes, F.: Security alert: Fraudulent digital certificates. Technical report, SANS Institute InfoSec Reading Room (June 2001), http://www.sans.org/reading_room/whitepapers/certificates/security-alert-fraudulent-digital-certificates_679
Goto, K., van de Geijn, R.A.: High-performance implementation of the level-3 BLAS. ACM Transactions on Mathematical Software 35(1), 4:1–4:14 (2008)
Govindan, K., Mohapatra, P.: Trust computations and trust dynamics in mobile adhoc networks: A survey. IEEE Communications Surveys and Tutorials 14(2), 279–298 (2012)
Guha, R., Kumar, R., Raghavan, P., Tomkins, A.: Propagation of trust and distrust. In: Proceedings of the 13th International Conference on World Wide Web, WWW 2004, pp. 403–412. ACM, New York (2004)
Huang, J., Nicol, D.: A calculus of trust and its application to PKI and identity management. In: Proceedings of the 8th Symposium on Identity and Trust on the Internet, IDTRUST 2009, pp. 23–37. ACM, New York (2009)
Huang, J., Nicol, D.: A formal-semantics-based calculus of trust. IEEE Internet Computing 14, 38–46 (2010)
Jøsang, A.: Trust extortion on the internet. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 6–21. Springer, Heidelberg (2012)
Jøsang, A.: Probabilistic logic under uncertainty. In: Proceedings of Computing: The Australian Theory Symposium (CATS 2007) (January 2007)
Orman, L.V.: Transitivity and aggregation in trust networks. In: Proc. of the 21st Workshop on Information Technologies and Systems (WITS 2010) (December 2010)
Pala, M.: A proposal for collaborative internet-scale trust infrastructures deployment: the public key system (pks). In: Proceedings of the 9th Symposium on Identity and Trust on the Internet, IDTRUST 2010, pp. 108–116. ACM, New York (2010)
Pala, M., Smith, S.W.: Peaches and peers. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds.) EuroPKI 2008. LNCS, vol. 5057, pp. 223–238. Springer, Heidelberg (2008)
Reiter, M.K., Stubblebine, S.G.: Resilient authentication using path independence. IEEE Trans. Comput. 47, 1351–1362 (1998)
Rifà-Pous, H., Herrera-Joancomartí, J.: An interdomain PKI model based on trust lists. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 49–64. Springer, Heidelberg (2007)
Schiffner, S., Clauß, S., Steinbrecher, S.: Privacy and liveliness for reputation systems. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 209–224. Springer, Heidelberg (2010)
Schnettler, S.: A structured overview of 50 years of small-world research. Social Networks 31(3), 165–178 (2009)
Whaley, R.C., Petitet, A., Dongarra, J.J.: Automated empirical optimizations of software and the ATLAS project. Parallel Computing 27(1–2), 3–35 (2001), http://www.netlib.org/utk/people/JackDongarra/PAPERS/atlas_pub.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dumas, JG., Hossayni, H. (2013). Matrix Powers Algorithms for Trust Evaluation in Public-Key Infrastructures. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds) Security and Trust Management. STM 2012. Lecture Notes in Computer Science, vol 7783. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38004-4_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-38004-4_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38003-7
Online ISBN: 978-3-642-38004-4
eBook Packages: Computer ScienceComputer Science (R0)