Matrix Powers Algorithms for Trust Evaluation in Public-Key Infrastructures

  • Jean-Guillaume Dumas
  • Hicham Hossayni
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7783)


This paper deals with the evaluation of trust in public-key infrastructures. Different trust models have been proposed to interconnect the various PKI components in order to propagate the trust between them. In this paper we provide a new polynomial algorithm using linear algebra to assess trust relationships in a network using different trust evaluation schemes. The advantages are twofold: first the use of matrix computations instead of graph algorithms provides an optimized computational solution; second, our algorithm can be used for generic graphs, even in the presence of cycles. Our algorithm is designed to evaluate the trust using all existing (finite) trust paths between entities as a preliminary to any exchanges between PKIs. This can give a precise evaluation of trust, and accelerate for instance cross-certificate validation.


Trust evaluation Matrix powers Spectral analysis of networks Distributed PKI trust model 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adkins, H.: An update on attempted man-in-the-middle attacks. Technical report, Google Online Security Blog (August 2011),
  2. 2.
    Albert, R., Jeong, H., Barabasi, A.-L.: Diameter of the world-wide web. Nature 401, 130–131 (1999)CrossRefGoogle Scholar
  3. 3.
    Dolev, S., Gilboa, N., Kopeetsky, M.: Computing multi-party trust privately: in O(n) time units sending one (possibly large) message at a time. In: Proceedings of the ACM Symposium on Applied Computing, SAC 2010, pp. 1460–1465. ACM, New York (2010)Google Scholar
  4. 4.
    Ellison, C., Schneier, B.: Ten risks of PKI: What you’re not being told about Public Key Infrastructure. Computer Security Journal 16(1), 1–7 (2000), Google Scholar
  5. 5.
    Estrada, E., Hatano, N.: Communicability graph and community structures in complex networks. Applied Mathematics and Computation 214(2), 500–511 (2009)zbMATHCrossRefGoogle Scholar
  6. 6.
    Foley, S.N., Adams, W.M., O’Sullivan, B.: Aggregating trust using triangular norms in the keyNote trust management system. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 100–115. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Goldberg, G., Okunev, P., Neumann, M., Schneider, H.: Distribution of subdominant eigenvalues of random matrices. Methodology and Computing in Applied Probability 2, 137–151 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    Gomes, F.: Security alert: Fraudulent digital certificates. Technical report, SANS Institute InfoSec Reading Room (June 2001),
  9. 9.
    Goto, K., van de Geijn, R.A.: High-performance implementation of the level-3 BLAS. ACM Transactions on Mathematical Software 35(1), 4:1–4:14 (2008)Google Scholar
  10. 10.
    Govindan, K., Mohapatra, P.: Trust computations and trust dynamics in mobile adhoc networks: A survey. IEEE Communications Surveys and Tutorials 14(2), 279–298 (2012)CrossRefGoogle Scholar
  11. 11.
    Guha, R., Kumar, R., Raghavan, P., Tomkins, A.: Propagation of trust and distrust. In: Proceedings of the 13th International Conference on World Wide Web, WWW 2004, pp. 403–412. ACM, New York (2004)Google Scholar
  12. 12.
    Huang, J., Nicol, D.: A calculus of trust and its application to PKI and identity management. In: Proceedings of the 8th Symposium on Identity and Trust on the Internet, IDTRUST 2009, pp. 23–37. ACM, New York (2009)CrossRefGoogle Scholar
  13. 13.
    Huang, J., Nicol, D.: A formal-semantics-based calculus of trust. IEEE Internet Computing 14, 38–46 (2010)CrossRefGoogle Scholar
  14. 14.
    Jøsang, A.: Trust extortion on the internet. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 6–21. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  15. 15.
    Jøsang, A.: Probabilistic logic under uncertainty. In: Proceedings of Computing: The Australian Theory Symposium (CATS 2007) (January 2007)Google Scholar
  16. 16.
    Orman, L.V.: Transitivity and aggregation in trust networks. In: Proc. of the 21st Workshop on Information Technologies and Systems (WITS 2010) (December 2010)Google Scholar
  17. 17.
    Pala, M.: A proposal for collaborative internet-scale trust infrastructures deployment: the public key system (pks). In: Proceedings of the 9th Symposium on Identity and Trust on the Internet, IDTRUST 2010, pp. 108–116. ACM, New York (2010)Google Scholar
  18. 18.
    Pala, M., Smith, S.W.: Peaches and peers. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds.) EuroPKI 2008. LNCS, vol. 5057, pp. 223–238. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Reiter, M.K., Stubblebine, S.G.: Resilient authentication using path independence. IEEE Trans. Comput. 47, 1351–1362 (1998)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Rifà-Pous, H., Herrera-Joancomartí, J.: An interdomain PKI model based on trust lists. In: López, J., Samarati, P., Ferrer, J.L. (eds.) EuroPKI 2007. LNCS, vol. 4582, pp. 49–64. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Schiffner, S., Clauß, S., Steinbrecher, S.: Privacy and liveliness for reputation systems. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 209–224. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  22. 22.
    Schnettler, S.: A structured overview of 50 years of small-world research. Social Networks 31(3), 165–178 (2009)CrossRefGoogle Scholar
  23. 23.
    Whaley, R.C., Petitet, A., Dongarra, J.J.: Automated empirical optimizations of software and the ATLAS project. Parallel Computing 27(1–2), 3–35 (2001), zbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Jean-Guillaume Dumas
    • 1
  • Hicham Hossayni
    • 2
  1. 1.Laboratoire J. Kuntzmann, umr CNRS 5224Université de GrenobleGrenobleFrance
  2. 2.CEA/LétiGrenobleFrance

Personalised recommendations