Improving the robustness of webs of trust

The correct recognition of a user's public key is very important for many security functions, such as confidentiality, integrity and non-repudiation. If we mistakenly recognize an illegitimate public key as legitimate, then these security functions may be compromised. In distributed webs of trust systems, each user's public-key information is provided by other users. Because users can be unreliable (untrustworthy, malicious, compromised users or who make mistakes), the correctness of the public-key information they provided remains a question. For this reason, a method to verify the correctness of the user-provided public-key information is very much needed.; Previous works have suggested the use of redundancy to compute the trustworthiness on user-provided public key information. However, the problem of how to improve the trustworthiness has never been considered. In this paper, we will focus on the problem of how to improve the trustworthiness of user-provided public-key information. First, we observe that the trustworthiness computed on a public key may be inaccurate if users claim multiple false identities and/or (either legitimately or illegitimately) possess multiple public keys. We explain and show that the result of trust computation can be made more accurate if we also consider identities. Second, we analyze conflicting certificates and show that it can be used to detect malicious users and improve the trustworthiness on public keys. Third, we show that the current webs of trust system, i.e. PGP, is not robust in the presence of unreliable users. Its robustness can be significantly improved by the two kinds of certificate recommendation methods we have proposed.; The first method can be used to improve the robustness of the whole webs of trust system to any desired degree by issuing a minimal set of additional certificates. These recommendations are also made very user-friendly by taking into consideration user's preference and non-compliance. The second recommendation method works differently. It is based on probability theory and can be used to increase the robustness of any single public key as well as the entire webs of trust system. It can guarantee the correctness of a user's public key by over 99.99% probability with only a moderate number of additional certificates; even in the presence of a large number of unreliable users. The applications of both recommendation methods will result in richly-connected and very robust webs of trust systems. In the last recommendation, we present a very efficient and robust mechanism to apply the webs of trust system in wireless ad-hoc networks. The specific problem is how to distribute public key certificates to each user such that users can authenticate each other. (Abstract shortened by UMI.)...