Modelling a public-key infrastructure

  • Ueli Maurer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1146)


A global public-key infrastructure (PKI), components of which are emerging in the near future, is a prerequisite for security in distributed systems and for electronic commerce. The purpose of this paper is to propose an approach to modelling and reasoning about a PKI from a user Alice's point of view. Her view, from which she draws conclusions about the authenticity of other entities' public keys and possibly about the trustworthiness of other entities, consists of statements about which public keys she believes to be authentic and which entities she believes to be trustworthy, as well as a collection of certificates and recommendations obtained or retrieved from the PKI. The model takes into account recommendations for the trustworthiness of entities. Furthermore, it includes confidence values for statements and can exploit arbitrary certification structures containing multiple intersecting certification paths to achieve a higher confidence value than for any single certification path. Confidence values are measured on a continuous scale between 0 and 1 and, in contrast to previous work in this area, are interpreted as probabilities in a well-defined random experiment.

Key words

Distributed system security key management public-key certification cryptography trust recommendations probabilistic logic 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    T. Beth, M. Borcherding and B. Klein, Valuation of trust in open systems, Computer Security — ESORICS '94, D. Gollmann (Ed.), Lecture Notes in Computer Science, Berlin: Springer-Verlag, 1994, vol. 875, pp. 3–18.Google Scholar
  2. 2.
    A. Birell, B. Lampson, R. Needham and M. Schroeder, A global authentication service without global trust, Proc. IEEE Symposium on Research in Security and Privacy, 1986, pp. 223–230.Google Scholar
  3. 3.
    C. Boyd, Security architectures using formal methods, IEEE Journal on Selected Areas in Communications, vol. 11, no. 5, 1993, pp. 694–701.Google Scholar
  4. 4.
    M. Burrows, M. Abadi and R. Needham, A logic of authentication, ACM Transactions on Computer Systems, vol. 8, no. 1, 1990, pp. 18–36.Google Scholar
  5. 5.
    E. A. Campbell, R. Safavi-Naini and P. A. Pleasants, Partial belief and probabilistic reasoning in the analysis of secure protocols, Proc. The Computer Security Foundations Workshop V, IEEE Computer Society Press, 1992, pp. 84–91.Google Scholar
  6. 6.
    S. Chokhani, Towards a national public-key infrastructure, IEEE Communications Magazine, vol. 32, no. 9, 1994, pp. 70–74.Google Scholar
  7. 7.
    W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol. 22, no. 6, 1976, pp. 644–654.Google Scholar
  8. 8.
    R. Fagin and J. Y. Halpern, Uncertainty, belief, and probability, Proc. of the Eleventh International Joint Conference on Artificial Intelligence, August 1989, vol. 2, pp. 1161–1167.Google Scholar
  9. 9.
    W. Feller, An Introduction to Probability Theory and its Applications, third ed., vol. 1, New York, NY: Wiley, 1968.Google Scholar
  10. 10.
    J. Glasgow, G. MacEwen and P. Panangaden, A logic for reasoning about security, ACM Transactions on Computer Systems, vol. 10, no. 3, 1992, pp. 226–264.Google Scholar
  11. 11.
    V. D. Gligor, S.-W. Luan and J. N. Pato, On inter-realm authentication in large distributed systems, Proc. IEEE Conference on security and privacy, 1992, pp. 2–17.Google Scholar
  12. 12.
    T. Hailperin, Probability logic, Notre Dame Journal of Formal Logic, vol. 25, no. 3, July 1984, pp. 198–212.Google Scholar
  13. 13.
    B. Lampson, M. Abadi, M. Burrows and E. Wobber, Authentication in distributed systems: theory and practice, Proc. 13th ACM Symp. on Operating Systems Principles, 1991, pp. 165–182.Google Scholar
  14. 14.
    U. M. Maurer and P. E. Schmid, A calculus for secure channel establishment in open networks, Proc. 1994 European Symposium on Research in Computer Security (ESORICS' 94), D. Gollmann (Ed.), Lecture Notes in Computer Science, Berlin: Springer-Verlag, 1994, vol. 875, pp. 175–192.Google Scholar
  15. 15.
    R. Molva, G. Tsudik, E. Van Herreweghen and S. Zatti, KryptoKnight Authentication and Key Distribution System, Proc. 1992 European Symposium on Research in Computer Security (ESORICS 92), Y. Deswarte, G. Eizenberg, J.-J. Quisquater (Eds.), Lecture Notes in Computer Science, Berlin: Springer-Verlag, 1992, vol. 648, pp. 155–174.Google Scholar
  16. 16.
    A. Nerode and R. A. Shore, Logic for Applications, Springer Verlag, 1993.Google Scholar
  17. 17.
    N.J. Nilsson, Probabilistic logic, Artificial Intelligence, vol. 28, no. 1, 1986, pp. 71–86.Google Scholar
  18. 18.
    C. H. Papadimitriou, V. Rangan, M. Sideri, ”Designing Secure Communication Protocols from Trust Specifications”, Algorithmica, 1994, pp. 485–499.Google Scholar
  19. 19.
    P. V. Rangan, An axiomatic theory of trust in secure communication protocols, Computers & Security, vol. 11, 1992, pp. 163–172.Google Scholar
  20. 20.
    R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol. 21, no. 2, 1978, pp. 120–126.Google Scholar
  21. 21.
    B. Schneier, Applied Cryptography, 2nd edition, John Wiley & Sons, Inc., New York, 1996.Google Scholar
  22. 22.
    J. G. Steiner, B.C. Neuman and J.I. Schiller, Kerberos: An authentication service for open network systems, Proceedings of Winter USENIX 1988, Dallas, Texas.Google Scholar
  23. 23.
    W. Stallings, Network and Internetwork Security, Englewood Cliffs, NJ: Prentice Hall, 1995.Google Scholar
  24. 24.
    P. Syverson and C. Meadows, A logical language for specifying cryptographic protocols requirements, Proc. IEEE Conf. on Research in Security and Privacy, 1993, pp. 165–180.Google Scholar
  25. 25.
    J. J. Tardo and K. Alagappan, SPX: Global authentication using public key certificates, Proc. IEEE Conf. on Research in Security and Privacy, 1991, pp. 232–244.Google Scholar
  26. 26.
    R. Yahalom, B. Klein and T. Beth, Trust relationships in secure systems — a distributed authentication perspective, Proc. IEEE Conf. on Research in Security and Privacy, 1993, pp. 150–164.Google Scholar
  27. 27.
    P. Zimmermann, PGP User's Guide, vol. I and II, Version 2.6, May 22, 1994.Google Scholar
  28. 28.
    ISO/IEC International Standard 9594-8, Information technology — open systems interconnection — the directory, Part 8: Authentication framework, 1990.Google Scholar
  29. 29.
    Privacy enhanced mail (PEM), Internet Request for Comments (RFC) 1421–1424.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Ueli Maurer
    • 1
  1. 1.Department of Computer ScienceSwiss Federal Institute of Technology (ETH)ZürichSwitzerland

Personalised recommendations