Cryptology ePrint Archive: Report 2007/178

Utility Sampling for Trust Metrics in PKI

Dakshi Agrawal and Charanjit Jutla

Abstract: We propose a new trust metric for a network of public key certificates, e.g. as in PKI, which allows a user to buy insurance at a fair price on the possibility of failure of the certifications provided while transacting with an arbitrary party in the network. Our metric builds on a metric and model of insurance provided by Reiter and Stubblebine~\cite{RS}, while addressing various limitations and drawbacks of the latter. It conserves all the beneficial properties of the latter over other schemes, including protecting the user from unintentional or malicious dependencies in the network of certifications. Our metric is built on top of a simple and intuitive model of trust and risk based on ``utility sampling'', which maybe of interest for non-monetary applications as well.

Category / Keywords: Public Keys, PKI, Certificates, Trust, Insurance

Date: received 10 May 2007

Contact author: csjutla at us ibm com

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Version: 20070520:125910 (All versions of this report)

Short URL: ia.cr/2007/178

Discussion forum: Show discussion | Start new discussion