Beautiful Security
Chapter Seven
The Evolution of PGP's Web of Trust
What is PGP: PGP or Pretty Good Privacy was people’s first opportunity to use strong encryption in 1991. It let people from all around the world to connect with privacy. And it solve the problem of connecting people who never had exchanged secure keys. PGP is a software. It is an implementation of many implementation of the OpenPGP standard.
Few concept related to PGP
Trust: the mechanism that is used to decide whether a key is valid. Trust is a relationship that helps us determine validity.
Validity: Validity is only a score to determine whether the name on a key is accurate. A key is valid if it is actually owned by the person who claims to own it.
How PGP works: you tell PGP whom you trust to sign keys, and PGP tells which keys are valid by tallying up a score for each key depending on who signed the key and how much you trust the person who signed it.
Trust Models: A Trust model is a general scheme that formalized trust.
Direct Trust: The most straightforward type of trust. It is the best, simple, well and trustworthy model of trust. In this model a certificate that holds the key is signed by the certificate itself. This model has one problem. It does not scale very well to the size of the internet.
Hierarchical Trust: In this model validate a certificate which has signed by someone whom you believe to be accurate. This model is a straightforward model. It has an obvious risk. If the authority makes a mistake the effect of that mistake is great.
Cumulative Trust: This model takes a number of Factors and uses them to decide whether a certificate is valid.
PGP web of trust:
In the PGP trust model, all users are also certification authorities. This mode uses “introducer” instead of “authority”.
Revocation: all PKIs need a way to revoke certificates. Revocation is theoretically simple in a hierarchical PKI. Revocation is needed because people lose their control of keys or computers. PGP web of trust has two mechanisms for revocation:
1. Key revocation: users must be able to revoke the whole thing. By signing this key, revocation signature invalidates all of its certifications.
2. Signature revocation: A key can create a signature declaring that another signature is no longer valid.
Scaling Issues: The Web of Trust works at its best with groups of people up to few thousand people. But it does not work well with a large network such as internet, because there are few paths between people who do not know each other. There few ways to improve the scaling.
1. Extended introducers: expanding introducers to multilevel hierarchies is one way which improve the scaling. Each signing node in the tree must be given trust.
2. Authoritative keys: Some keys or certificates are presumed to be genuine just because they come from an appropriate authority.
Reference:
Oram, Andy, Viega, John (2009). “Beautiful Security, Leading Security Experts Explain How They Think”, Copyright 2009 O’reilly Media, Inc.
No comments:
Post a Comment