Web of Trust

Web of Trust or Web of Trust ( WOT) is in cryptology the idea of ​​the authenticity of digital codes through a network of mutual acknowledgments ( signatures ), combined with the individually assigned confidence in the reports of the other ( "Owner Trust") to secure. It represents a decentralized alternative to hierarchical PKI system

• 4.1 Ownertrust
• 4.2 Signatory Trust
• 4.3 Key Legitimacy

• 5.1 Problems with the data protection through key server

Problem

The public key encryption provides (compared to symmetric encryption ) has the advantage that the exchanged key must not be transmitted via a secure channel, but is public. For the transmission of the key can be therefore a composite of key servers use, can upload to everyone 's public key, and each of which can retrieve the key of the person with whom he wants to communicate. This, however, arises another problem: A person could publish a key, with which it is when someone pretends to be different. So there must be a way to be available to check the authenticity of a key.

The solution to this problem is to confirm the authenticity of a public key of a trusted party by a digital certificate. In public-key infrastructures will be a certification body; however, the Web of Trust to take all participants this function.

Principle of operation

Alice signs the key of Bob and Bob's familiar key signatures Bob signed the key of Carl        ( Bob's trust in Carl's key signatures is neither known nor relevant) Alice thus considered the key of Carl as valid. It is important not to confuse the two types of trust that are involved here:

These two trust types are independent of each other:

Implicitly, there is a third category of trust, namely the security of the signing key. A person whose certificate you fully acquainted, may for good reason also possess such keys, which are not very safe due to the nature of their use ( are worth their certificates accordingly less). "Owner Trust" is defined for each key, so that you can certainly set for the same key holder in case of multiple keys that trust different.

OpenPGP offers the possibility of a key with a certificate (however imprecise ) to provide indication of how thoroughly the authenticity of the key was tested. The users of the WoT generally do not know how thoroughly the identity of the key and the owner and which components of the key were ever tested. The signer can know the owner personally, an identity card ( or similar). 've Used for verification of a stranger or not even that; especially with foreign names he may have accepted a different spelling. The review of the key elements of information may be limited to the name ( names are not unique ); they may include one or all e- mail addresses and even comments. Even in the case of a known as a comprehensively test the safety of checking an ID card or an e- mail address is nowhere near comparable to the technical security of conventional cryptography. The safety of the WoT is so limited that one can partly compensate for the fact that it calls for more signatures to display a key as valid, but which reduces the usability of the WoT accordingly. The validation of a key can be as many intermediate steps as desired (but be limited), but must ensure all key parties (except to be validated ) have a corresponding Ownertrust.

Certificates with the Web of Trust

The Web of Trust is a certificate of the digital signature, which gives another person who also takes part in the web of trust to a key after it has secured the identity of the key owner (typically at a personal encounter ).

RFC 2440 describes a method how these certificates are connected to the key and given a rating. This will upload the key to a global network of key servers and can be accessed by anyone.

Of these signatures, the key owner collects as many as possible. People who do not know the key holder and also have no personal contact with him, can see a high degree of legitimacy of identity and trust therein by the certificates.

Example

In a web of trust is how it works:

Formalization

The key management in a web of trust is done with the help of keyrings. In the public keyring (public keyring ) of a user are stored own and others' public keys and associated certificates, the private keyring ( private keyring ) contains its own private key. The public key assigns each user confidence in its owner to ( "Owner Trust"). From this, the degree of confidence in the authenticity of the other key ( " Key Legitimacy " ) is derived. Confidence in the authenticity of foreign key is established either via Direct Trust ( ie the personal checking the authenticity of the public key of another user ) or via the Trust information of the signer of the foreign key.

Trust information

The value for Ownertrust sets each user for each key in his public keyring itself firmly; the choice of the values

• Unknown ( "unknown" ) for users for whom you have not made any explicit indication ( default)
• Do not trust ( "not trusted" ) for users who are explicitly not familiar
• Low confidence ( " marginal" ) for users who are not fully familiar
• Full confidence ( "complete" ) for users, who are fully familiar
• Absolute trust ( "ultimate " ) for users whose private key is the private key ring, and those that the former should be treated (eg offline master keys )

Signatory Trust

Signed Alice 's public key of Bob and transmits this signature then to a key server, this signature can be used by Carl to assess the authenticity of the public key of Bob. These checks Carl if he signs the public key of Alice herself, and he has assigned to her as Owner Trust " marginal" or "complete". If this is the case, we obtain Alice's signature exactly this value.

Key Legitimacy

The confidence in the authenticity of a public key is expressed by the " Key - Legitimacy " value. It is calculated from the Trust Signatory of the signing key as follows:

• Be the number of signatures, the Signatory Trust " marginal" is
• Is the number of signatures with a Signatory Trust " marginal", which is required for a key is regarded as authentic
• Be the number of signatures, the Signatory Trust " complete"
• Is the number of signatures with a Signatory Trust "complete", that is required for a key is regarded as authentic

Then be

If so the checked key is deemed not authentic. When it is considered " partially authentic " and " totally authentic," in as. In general, one chooses and there are thus two signatures by partially trusted people or a signature of a fully trusted person required for a key is classified as authentic. In principle, however, choose the values ​​for and depending on personal paranoia - free degree each.

Assessment

The web of trust allows its participants on the one hand the individual control over who they consider to be trustworthy. There is also free software for the realization of the concept of Web of Trust. On the other hand, it requires a high degree of knowledge by the user, it is not legally binding ( such as a qualified electronic signature), the revocation of a certificate is not immediately known, as he is in a PKI, and he is also not realized comparable.

Privacy issues by key server

A fundamental problem is that the owner of a key may claim compensation from the currently used implementations technically no influence on

• Who signed his public key and
• If someone uploads his public key to a public key server ( or again with new signatures uploads ).

However, the key adhere personal data that are mitveröffentlicht: By the signatures of other persons, the most important element of the web of trust, the key contains a list of those who checked the identity of the key owner, including examination date. On a key server, this data is publicly available and automatically available, and can easily be analyzed and thus the participation of the key owner in social networks can be determined.

In addition, accumulated over time, a public list of all previous e- mail addresses of the key owner to, as long as the key holder does not change its key.

Not everyone is aware from the beginning that he releases through participation in the web of trust data that he might not want to explain to the public and that there is no way to let them ever remove.

Once on the key server exported public key can not be deleted. The key server constantly synchronize with each other, so that a new or supplemented key including all signatures and comments within a very short time after the (re ) uploading is available on all key servers worldwide, regardless of who has uploaded the key and if the key also belongs to him.

The possibility of key revocation (English key revocation ) is in the current implementations only create a key revocation certificate, which must then also uploaded to the keyserver there but practically nothing more causes than to provide the existing key with the note, the key should no longer be used. Software may, but need not deny such a key for encryption. With a deletion of keys, signatures and comments of key revocation has nothing to do.

The key holder has thus no possibility to influence the spread of the data that are necessary for the functioning of the Web of Trust. This is contrary to the purpose of encryption programs to protect personal data.

Software

Known implementations of the web of trust are the commercial program Pretty Good Privacy ( PGP ) and the free program GNU Privacy Guard (GnuPG), which implement the RFC 2440.

The extensive web of trust of PGP has been thoroughly investigated. It has, not least because of the affinity of many members to international Open Source projects such as Debian and the support of organizations such as the computer trade magazine c't under the " crypto " campaign of the Heise Verlag many strong connections on ( a so-called " strong Set " ), which lie between any two people on average only six links.

Social Networks

There are quite and look away from the cryptographic applications of social basic idea of ​​the Web of Trust. To know about the couchsurfing network, a system of guarantees can declare new members with a " guarantee " their confidence in the "trusted " members, which increases the confidence of the entire community towards the new Member; any member who has received at least three guarantees, may in turn vouch for other members. In this way, a social trust network.