... Jesús Almansa and Marco Carbone 4th April 2002 { jfa, carbonem} @brics.dk.

...

Jesús Almansa and Marco Carbone

4th April 2002

{ jfa, carbonem} @brics.dk

2

Two-Party Communication

Alice Bob

Adversary(Passive)

unsecured channel

secure channel

3

Two-Party Communication

Alice Bob

Adversary(Active)

unsecured channel

secure channel

4

Public-Key Cryptography

AliceBob

Adversary(Active)

unsecured channel

5

Key Management

A3

A1

A4

A2

6

Key Management

A3

A1

A4

A2

TTP

7

Public-Key Certificate

Vouches for the authenticity of the public key bound to the subject entity

Usefulness:

• To prove identity (authenticity of an entity)• To avoid denials

Good: trust can be used transitively

Bad: all trust placed with one single entity if TTP is compromised, comm. is insecure

8

Public-Key Infrastructure (PKI)

Certificates Trust Relations

Evidences

Conclusions

associated(confidence) values

associated(confidence) values

9

Pretty Good Privacy (PGP)

A widely used software package (Zimmerman)

Stalling’s notation:

(entity, key)

A

B

pkA signed by pkB

10


certification path web of trust

11


Confidence Values = { unknown,no trust,marginally trusted,fully trusted }

pkA is valid if either

orpkA pkA

12


Bob

Alice

Is Bob’s key valid for Alice?

: Yes

Bob

Alice : No

13

Confidence Valuation in a PKI based on Uncertain Evidence

(R. Kohlas – U. Maurer)

Agenda:

Formalism• Basics & Graphical Notation• Principles

Modeling Public-Key Certification

Confidence Valuation in PGP

Conclusions

14

Formalism: Basic Definitions

• Piece of Evidence (Assumption) A statement we suppose is true.

• Hypothesis A statement not generally known to be true.

15

Formalism: Basic Definitions(2)

• Argument for h

Collection of assumptions from which (along with the belief) h can be derived.

• Belief Composition of statements taken as a fact.

16

Formalism: Graphical Notation

Hypothesis and Evidences:

h E

17

Formalism: Graphical Notation(2)

Σ

Belief:

18


Argument:

19


Validity and Arguments:

h

Σ

20


• Confidence Value Degree of certainty for an assumption or hypothesis to be true.

• Confidence Assignment Entity’s initial belief w.r.t. each assumption.

21


Reduces a priori information to a singleconfidence valuefor the hypothesis

• Confidence Valuation Function that takes a hypothesis h and a confidence assignment and returns a confidence value for h.

22


Confidence Values:

23


Confidence Assignment:

24


Confidence Valuation:

e ( )=, h h

25



Agenda:




Conclusions

26

Principles: P1

e( )=, h hthen

If

27

Principles: P1 (2)

e( )=, h hthen

If

28

Principles: P2

then e( ), h

If

e( ), h

29

Principles: P3

f

h1

h2

If

30

Principles: P3 (2)

and = f ( )

then

e( ), h1 e( ), h2=

31

Principles: P4

h2h1

If

32

Principles: P4 (2)

then

e( ), h1 e( ), h2

33



Agenda:




Conclusions

34

Modeling PK Certification

In the particular case of PK Certification:

• Pairs of entities and keys can be seen like statements• The confidence values must be assigned to entities

To realize the abstract formalism in a concrete problem:

• identify pieces of evidence• identify possible conclusions• define confidence values

35

Modeling PK Certification

Alice

Bob

Carol, K1 Carol, K2

Bob

Carol, K1

Alice

36



Agenda:




Conclusions

37


Statements:

CertK1,X,K2

AutX,K

TrustX,K

38


CertK1,X,K

AutY,K1

TrustY,K1

AutX,K

39


e( )=, h hthen

If

P1 holds

40


then e( ), h

If

e( ), h

P2 holds

41


f

h1

h2

If

42


and = f ( )

then

e( ), h1 e( ), h2=

43


Bob

Alice

Is Bob’s key valid for Alice?

: Yes

Bob

Alice : No

P3 does not hold!

44


h2h1

If

45


then

e( ), h1 e( ), h2

P4 holds

46



Agenda:




Conclusions

47

Conclusions• Summary• Two parts:

– Logic– Confidence ValuationBoth efficient!

• What are and how to assign confidence values.

• In light of what was said, how adequate is it for trust management.

... Jesús Almansa and Marco Carbone 4th April 2002 { jfa, carbonem} @brics.dk.

Documents

Transcript of ... Jesús Almansa and Marco Carbone 4th April 2002 { jfa, carbonem} @brics.dk.