Paper Info
Title
Confidence Valuation in a Public-Key Infrastructure Based on Uncertain Evidence
Abstract
Public-key authentication based on public-key certicates is a special case of the general problem of verifying a hypothesis (that a public key is authentic), given certain pieces of evidence. Beginning with PGP, several authors have pointed out that trust is often an uncertain piece of evidence and have proposed ad hoc methods, sometimes referred to as trust management, for dealing with this kind of uncertainty. These approaches can lead to counter-intuitive conclusions as is demonstrated with examples in the PGP trust management. For instance, an introducer marginally trusted by a user can make him accept an arbitrary key for any other user. In this paper we take a general approach to public-key authentication based on uncertain evidence, where not only trust, but also other pieces of evidence (e.g. entity authentication) can be uncertain. First, we formalize the assignment and the valuation of condence values in the general context of reasoning based on uncertain evidence. Second, we propose a set of principles for sound condence valuation. Third, we analyze PGP and some other previous methods for dealing with uncertainty in the light of our principles.
Year
DOI
Venue
2000
10.1007/978-3-540-46588-1_8
Public Key Cryptography
Keywords
Field
DocType
evidence theory,reasoning with uncertainty.,public-key infrastructure,pretty good privacy pgp,uncertain evidence,confidence valuation,public-key infrastructure pki,public-key certication,web of trust,public key infrastructure,public key
Public key infrastructure,Authentication,Computer security,Computer science,As is,Information protection policy,Valuation (finance),Public-key cryptography,Special case,Web of trust,Distributed computing
Conference
Volume
ISSN
ISBN
1751
0302-9743
3-540-66967-1
Citations 
PageRank 
References 
21
1.83
10
Authors
2
Name
Order
Citations
PageRank
Reto Kohlas1242.91
Ueli Maurer24526505.09