The official PGP user's guide
Resilient Authentication Using Path Independence
IEEE Transactions on Computers
Authentication metric analysis and design
ACM Transactions on Information and System Security (TISSEC)
The quest for security in mobile ad hoc networks
MobiHoc '01 Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing
Associating Metrics to Certification Paths
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Valuation of Trust in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Modelling a Public-Key Infrastructure
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Confidence Valuation in a Public-Key Infrastructure Based on Uncertain Evidence
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Small worlds in security systems: an analysis of the PGP certificate graph
Proceedings of the 2002 workshop on New security paradigms
An Optimal Certificate Dispersal Algorithm for Mobile Ad Hoc Networks
ISPDC '04 Proceedings of the Third International Symposium on Parallel and Distributed Computing/Third International Workshop on Algorithms, Models and Tools for Parallel Computing on Heterogeneous Networks
Attack-resistant trust metrics for public key certification
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Optimal Dispersal of Certificate Chains
IEEE Transactions on Parallel and Distributed Systems
The effect of leaders on the consistency of group behaviour
International Journal of Sensor Networks
Security and Communication Networks
Temporal accountability and anonymity in medical sensor networks
Mobile Networks and Applications - Special issue on Wireless and Personal Communications
Hi-index | 0.00 |
A certificate system can be represented by a directed graph,called a certificate graph, where each node represents a user thathas a public key and a private key and each edge (u, v) representsa certificate that is signed by the private key of u and containsthe public key of v. Two types of damage can be done in acertificate graph when the private key of a node u in the graph isrevealed to an adversary: explicit and implicit. The explicitdamage is that the adversary can impersonate node u to other nodesin the graph (until it is known to other nodes that the private keyof u is revealed). The implicit damage is that the adversary canimpersonate nodes other than u to other nodes in the graph. In thispaper, we define a metric called vulnerability that measures thescope of explicit and implicit damage that may occur in acertificate graph when the private key of a node in the graph isrevealed to an adversary. Using this metric, we analyse thevulnerability of different classes of certificate graphs. Forexample, in the case of (m, k)-star certificate graphs, thevulnerability is 1−(k−1)/2mk, whereas in the case of(d, h)-tree certificate graphs, the vulnerability is approximately1−h/dh. For the same number of nodes, (m, k)-starcertificate graphs can be made less vulnerable than (d, h)-treecertificate graphs. We present three algorithms that compute thevulnerability of an arbitrary certificate graph, and use thesealgorithms to show that certificate dispersal and stricteracceptance criteria reduce the vulnerability of certificategraphs.