Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Improving pgp web of trust through the expansion of trusted neighborhood@2011 8-25

804 views

Published on

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

Improving pgp web of trust through the expansion of trusted neighborhood@2011 8-25

  1. 1. Improving PGP Web of Trust throughthe Expansion of Trusted NeighborhoodGuibing Guo, Jie Zhang, Julita Vassileva* School of Computer Engineering, Nanyang Technological University, Singapore* Department of Computer Science, University of Saskatchewan, Canada25/8/2011
  2. 2. Agenda• Motivation• Related Work• Proposed Methodology – Majority Rule – Confidence Measurement• Result Diagrams• Q&A
  3. 3. Motivation• PGP Web of Trust – Mechanism to make cryptography freely • Publish certificate • Sign on other certificate • Keep a list of trusted users – Often used to secure emails and files transmitted on the Internet
  4. 4. Limitations• Limited apps due to – Positive feedback only • No one is able to state clearly opposite opinions – Direct trust only • Do not take into account trust transitivity• Our work relaxes these constrains
  5. 5. Related Work• Guha et al. report trust can be propagated – Proposed 4 types of trust propagation • Direct : A->B, B->C => A->C • Co-citation: A1->B/C, A2->B => A2->C • Transpose: B->C, A->C => A->B • Coupling: B/C->D, A->B =>A->C Ours: A->B, B~C => A->C
  6. 6. Related Work• Huang and Nicol have applied the direct trust propagation method on PGP web of trust• Assumption: That A is highly similar to B implies that A can trust B’s taste for recommendations
  7. 7. Model the problem• Feedback: S={1}• Directed neighbors: 1 if p is completely trusted  Be ( p)   1 / 2 if p is marginally trusted 0 if p is untrusted or unknown • Trusted neighborhood: TNe  { p  P : Be ( p)  1 / 2}
  8. 8. Model the problem• For a target certificate t 0 1 if cc  1 or mc  2  re (t0 )  1 / 2 if cc  0 and 0  mc  2 0 if cc  0 and mc  0  Certificate is authentic if re (t0 )  1
  9. 9. Modification (MPGP)• Add negative feedback: S={1, -1}• Evaluation metric w1  w1 re (t 0 )  w1  w1 where w1 |  Be ( p) * s p |, w1 |  Be ( p ) * s p |
  10. 10. Extension (EPGP)• Trust Propagation – Maximum length: m= 4 – For i-th chain of trust: m 1 CTi  Be ( p2 )  B p j ( p j  1) j 2 – Aggregation 1 n Be ( p)  i 1 CTi n
  11. 11. Extension (EPGP)• New Trusted Neighborhood: TNe  TNe  { p  P : p TNe , Be ( p)   } Where t  1 / 2 in this paper
  12. 12. Further expansion (EPGP+)• Merging the directed trust neighbors into a single agent, Fe – Majority rule: 1 if w1  w1 f (t )     1 otherwise – Confidence on the feedback: 1 x w1 (1  x) w1 c( w1 , w1 )   | 1  1 | dx  x w1 (1  x) w1 dx 0 0 c( w1 , w1 )   c
  13. 13. EPGP+• Search for new neighbors: – Compute Cosine Similarity  k f e (t ) f u (t ) Sim ( Fe, Fu )  i 1 i1 f e (t ) i1 k 2 k f u (t ) 2 – New neighbor if Sim( Fe, Fu )    : similarity threshold
  14. 14. Experiments• Simulation set-up – 500 users, each creates a certificate; a certain % of them are inauthentic – 3 groups of users in terms of honest • Honest (Trustfully sign 80-100%) • dishonest (40-60%), neutral, (0-20%) – 3 groups of users in terms of experience • Experienced (Sign 15-20% certificates) • Medium (8-13%) and Newbies (0-5%)
  15. 15. Experiments• Simulation set-up – 3 groups of users in terms of correctness • TOW make heavy mistakes (sign wrongly) –80-100% • TOW make neutral mistakes –40-60% • TOW make few mistakes –0-20%
  16. 16. Scenarios• Vary the percentages of – Honest, dishonest, neutral – Experienced, medium, newbie• Performance – Accuracy: – Coverage
  17. 17. Choose Proper parameters• Fix   0.8 and vary  c
  18. 18. Choose Proper parameters• Fix  c  0.7 and vary 
  19. 19. Choose Proper parameters• Fix  c  0.2 and vary 
  20. 20. Scenarios• Uniform Scenario• Ideal Scenario• Sparse Scenario• Sufficient Information• Many Mistake• Highly Malicious
  21. 21. Conclusions• Negative feedback is allowed• Trust propagation is applied• Further expansion of trusted neighborhood by merging feedbacks and finding nearest nodes• Experimental simulations are performed
  22. 22. Q & A?Thank you!

×