7
Public-Key Certificate
Vouches for the authenticity of the public key bound to the subject entity
Usefulness:
• To prove identity (authenticity of an entity)• To avoid denials
Good: trust can be used transitively
Bad: all trust placed with one single entity if TTP is compromised, comm. is insecure
8
Public-Key Infrastructure (PKI)
Certificates Trust Relations
Evidences
Conclusions
associated(confidence) values
associated(confidence) values
9
Pretty Good Privacy (PGP)
A widely used software package (Zimmerman)
Stalling’s notation:
(entity, key)
A
B
pkA signed by pkB
11
Pretty Good Privacy (PGP)
Confidence Values = { unknown,no trust,marginally trusted,fully trusted }
pkA is valid if either
orpkA pkA
13
Confidence Valuation in a PKI based on Uncertain Evidence
(R. Kohlas – U. Maurer)
Agenda:
Formalism• Basics & Graphical Notation• Principles
Modeling Public-Key Certification
Confidence Valuation in PGP
Conclusions
14
Formalism: Basic Definitions
• Piece of Evidence (Assumption) A statement we suppose is true.
• Hypothesis A statement not generally known to be true.
15
Formalism: Basic Definitions(2)
• Argument for h
Collection of assumptions from which (along with the belief) h can be derived.
• Belief Composition of statements taken as a fact.
20
Formalism: Basic Definitions(3)
• Confidence Value Degree of certainty for an assumption or hypothesis to be true.
• Confidence Assignment Entity’s initial belief w.r.t. each assumption.
21
Formalism: Basic Definitions(4)
Reduces a priori information to a singleconfidence valuefor the hypothesis
• Confidence Valuation Function that takes a hypothesis h and a confidence assignment and returns a confidence value for h.
25
Confidence Valuation in a PKI based on Uncertain Evidence
(R. Kohlas – U. Maurer)
Agenda:
Formalism• Basics & Graphical Notation• Principles
Modeling Public-Key Certification
Confidence Valuation in PGP
Conclusions
33
Confidence Valuation in a PKI based on Uncertain Evidence
(R. Kohlas – U. Maurer)
Agenda:
Formalism• Basics & Graphical Notation• Principles
Modeling Public-Key Certification
Confidence Valuation in PGP
Conclusions
34
Modeling PK Certification
In the particular case of PK Certification:
• Pairs of entities and keys can be seen like statements• The confidence values must be assigned to entities
To realize the abstract formalism in a concrete problem:
• identify pieces of evidence• identify possible conclusions• define confidence values
36
Confidence Valuation in a PKI based on Uncertain Evidence
(R. Kohlas – U. Maurer)
Agenda:
Formalism• Basics & Graphical Notation• Principles
Modeling Public-Key Certification
Confidence Valuation in PGP
Conclusions
43
Confidence Valuation in PGP
Bob
Alice
Is Bob’s key valid for Alice?
: Yes
Bob
Alice : No
P3 does not hold!
46
Confidence Valuation in a PKI based on Uncertain Evidence
(R. Kohlas – U. Maurer)
Agenda:
Formalism• Basics & Graphical Notation• Principles
Modeling Public-Key Certification
Confidence Valuation in PGP
Conclusions