Successfully reported this slideshow.
Upcoming SlideShare
×

# Improving pgp web of trust through the expansion of trusted neighborhood@2011 8-25

804 views

Published on

Published in: Technology, Education
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

• Be the first to like this

### Improving pgp web of trust through the expansion of trusted neighborhood@2011 8-25

1. 1. Improving PGP Web of Trust throughthe Expansion of Trusted NeighborhoodGuibing Guo, Jie Zhang, Julita Vassileva* School of Computer Engineering, Nanyang Technological University, Singapore* Department of Computer Science, University of Saskatchewan, Canada25/8/2011
2. 2. Agenda• Motivation• Related Work• Proposed Methodology – Majority Rule – Confidence Measurement• Result Diagrams• Q&A
3. 3. Motivation• PGP Web of Trust – Mechanism to make cryptography freely • Publish certificate • Sign on other certificate • Keep a list of trusted users – Often used to secure emails and files transmitted on the Internet
4. 4. Limitations• Limited apps due to – Positive feedback only • No one is able to state clearly opposite opinions – Direct trust only • Do not take into account trust transitivity• Our work relaxes these constrains
5. 5. Related Work• Guha et al. report trust can be propagated – Proposed 4 types of trust propagation • Direct : A->B, B->C => A->C • Co-citation: A1->B/C, A2->B => A2->C • Transpose: B->C, A->C => A->B • Coupling: B/C->D, A->B =>A->C Ours: A->B, B~C => A->C
6. 6. Related Work• Huang and Nicol have applied the direct trust propagation method on PGP web of trust• Assumption: That A is highly similar to B implies that A can trust B’s taste for recommendations
7. 7. Model the problem• Feedback: S={1}• Directed neighbors: 1 if p is completely trusted  Be ( p)   1 / 2 if p is marginally trusted 0 if p is untrusted or unknown • Trusted neighborhood: TNe  { p  P : Be ( p)  1 / 2}
8. 8. Model the problem• For a target certificate t 0 1 if cc  1 or mc  2  re (t0 )  1 / 2 if cc  0 and 0  mc  2 0 if cc  0 and mc  0  Certificate is authentic if re (t0 )  1
9. 9. Modification (MPGP)• Add negative feedback: S={1, -1}• Evaluation metric w1  w1 re (t 0 )  w1  w1 where w1 |  Be ( p) * s p |, w1 |  Be ( p ) * s p |
10. 10. Extension (EPGP)• Trust Propagation – Maximum length: m= 4 – For i-th chain of trust: m 1 CTi  Be ( p2 )  B p j ( p j  1) j 2 – Aggregation 1 n Be ( p)  i 1 CTi n
11. 11. Extension (EPGP)• New Trusted Neighborhood: TNe  TNe  { p  P : p TNe , Be ( p)   } Where t  1 / 2 in this paper
12. 12. Further expansion (EPGP+)• Merging the directed trust neighbors into a single agent, Fe – Majority rule: 1 if w1  w1 f (t )     1 otherwise – Confidence on the feedback: 1 x w1 (1  x) w1 c( w1 , w1 )   | 1  1 | dx  x w1 (1  x) w1 dx 0 0 c( w1 , w1 )   c
13. 13. EPGP+• Search for new neighbors: – Compute Cosine Similarity  k f e (t ) f u (t ) Sim ( Fe, Fu )  i 1 i1 f e (t ) i1 k 2 k f u (t ) 2 – New neighbor if Sim( Fe, Fu )    : similarity threshold
14. 14. Experiments• Simulation set-up – 500 users, each creates a certificate; a certain % of them are inauthentic – 3 groups of users in terms of honest • Honest (Trustfully sign 80-100%) • dishonest (40-60%), neutral, (0-20%) – 3 groups of users in terms of experience • Experienced (Sign 15-20% certificates) • Medium (8-13%) and Newbies (0-5%)
15. 15. Experiments• Simulation set-up – 3 groups of users in terms of correctness • TOW make heavy mistakes (sign wrongly) –80-100% • TOW make neutral mistakes –40-60% • TOW make few mistakes –0-20%
16. 16. Scenarios• Vary the percentages of – Honest, dishonest, neutral – Experienced, medium, newbie• Performance – Accuracy: – Coverage
17. 17. Choose Proper parameters• Fix   0.8 and vary  c
18. 18. Choose Proper parameters• Fix  c  0.7 and vary 
19. 19. Choose Proper parameters• Fix  c  0.2 and vary 
20. 20. Scenarios• Uniform Scenario• Ideal Scenario• Sparse Scenario• Sufficient Information• Many Mistake• Highly Malicious
21. 21. Conclusions• Negative feedback is allowed• Trust propagation is applied• Further expansion of trusted neighborhood by merging feedbacks and finding nearest nodes• Experimental simulations are performed
22. 22. Q & A?Thank you!