Investigating the openPGP web of trust

Authors:
Alexander Ulrich;Ralph Holz;Peter Hauck;Georg Carle
Affiliations:
Diskrete Mathematik, Wilhelm-Schickard-Institut für Informatik, Universität Tübingen;Network Architectures and Services, Fakultät für Informatik, Technische Universität München;Diskrete Mathematik, Wilhelm-Schickard-Institut für Informatik, Universität Tübingen;Network Architectures and Services, Fakultät für Informatik, Technische Universität München
Venue:
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Year:
2011

Citing 5
Cited 0

Modelling a Public-Key Infrastructure

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Small worlds in security systems: an analysis of the PGP certificate graph

Proceedings of the 2002 workshop on New security paradigms
Power-Law Distributions in Empirical Data

SIAM Review
Factorization of a 768-bit RSA modulus

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
An overview of PKI trust models

IEEE Network: The Magazine of Global Internetworking

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present results of a thorough analysis of the OpenPGP Web of Trust. We conducted our analysis on a recent data set with a focus on determining properties like usefulness and robustness. To this end, we analyzed graph topology, identified the strongly connected components and derived properties like verifiability of keys, signature chain lengths and redundant signature paths for nodes. Contrary to earlier works, our analysis revealed the Web of Trust to be only similar to a scale-free network, with different properties regarding the hub structure and its influence on overall connectivity. We also analyzed the community structure of the Web of Trust and mapped it to social relationships. Finally, we present statistics which cryptographic algorithms are in use and give recommendations.