Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
1998-04-23
2002-06-11
Barrón, Jr., Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S152000, C713S157000, C709S238000
Reexamination Certificate
active
06405313
ABSTRACT:
FIELD OF THE INVENTION
The present invention is directed to a method of providing authentication assurance in a keybinding system. More particularly, the present invention is directed to a method in which edges along a path between a source key and a target key have a level of assurance attributed thereto which can be used to assist a user in selecting among a plurality of available paths.
BACKGROUND
With the growth of electronic transactions over open networks, it has been desirable to explore the possibility of conducting electronic commerce over those networks. Such commerce typically requires certain levels of confidentiality to assure users that critical information which may be necessary to conduct a transaction is only used by the parties to the transaction in question and not other parties who might otherwise make improper use of the information. Mindful of this desire to maintain confidences many systems have employed encryption techniques for rendering the confidential information largely indecipherable in the absence of a key associated with the encryption technique.
Once it is determined to utilize encryption with respect to transactions, the next issue arises concerning how to either permit or limit access to the key information. Determining the owner of a public key, or conversely determining the public key for a user, appears to be a basic ingredient for executing transactions securely in any large scale open system. Due to the lack of a single authority for providing this information in a system having many different administrative domains, many systems resort to authentication by a path or chain of authorities. In accordance with such a model a user locates a path or sequence of authorities such that: 1) the user can authenticate the first authority in the path; 2) each authority in the path can authenticate the next authority in the path; and 3) the last authority in the path is in fact the targeted person or key of interest. If the user trusts every authority on the path, then perhaps it can believe that a proper name-to-key binding has been obtained.
A path of authorities may be weak because it relics on the correctness of every authority in the path. If any authority in the path incorrectly authenticates the next authority, then the user can be misled regarding the authentication of subsequent authorities in the path, including the target. A natural approach to increasing assurance in the authentication of the target would be to use multiple paths. Multiple paths have been shown to be useful in systems where the lack of an enforced certification structure naturally leads to the existence of multiple paths. Multiple paths may also arise in hierarchical certification structures as soon as cross certification is allowed.
An example of multiple paths from a trusted source key to a target key is shown in FIG.
1
. In a hierarchical certification structure, child-to-parent and cross certification can be performed. Each of the nodes,
101
to
109
, denotes a public key. A line between public keys denotes a certificate that contains the key to which that edge points and which can be verified with the key from which that edge originates. While the notion of obtaining redundant confirmation of the target name-to-key binding via multiple paths may be appealing the assurance provided by these paths may be unclear, especially if they have authorities in common or authorities that act in a correlated way. When combined with ambiguities in the assertions that authorities make and the ambiguities regarding who is actually making the assertions it may be difficult to complete the authentication with any confidence.
Several researchers have thus proposed metrics for measuring an assurance provided by a set of paths. For example. a metric might take as input other such paths of authorities and return a numeric value, where a higher value indicates greater confidence in the name-to-public-key binding (for the target name or public key) that those paths support. Various metrics use certificates for authentication.
One such certificate scheme is Recommendation X.509, International Telegraph and Telephone Consultative Committee (CCITT). X.509 deals with Authentication Frameworks for Directories. Within X.509 is a specification for a certificate which binds an entity's distinguished name to its public key through the use of a digital signature. For a further understanding of the environment in which the present invention may be implemented additional description of alternative metrics and their shortcomings will now be provided. Each metric below is described only to the extent necessary to set the stage for the rest of the description of the invention and some will be described in less detail than others. Furthermore, each of the metrics described below operates in the context of a model that consists of a directed graph whose nodes and edges are labeled in various ways. No two metrics share the same model. that is the same graph. Except where explicitly stated otherwise, the review of the performance of each metric is based on a model containing only consistent information, that is, where there are no conflicting reports regarding the owner (or other attributes) of a key. While how a metric behaves on conflicting information is important, this information is omitted to simplify the discussion. For purposes of the discussion an entity is something that possesses and makes use of a private/public key pair, for example a person, an authentication server, or certification authority. The user is the person applying the metric for the purpose of gaining assurance in a name-to-key binding.
The three main areas in evaluating a metric are the meaning of the values output by the metrics, the sensitivity of the metric (the extent of which the metric outputs can be manipulated by malicious behavior. e.g., compromise of cryptographic keys) and the effectiveness of using the metrics in a practice environment.
The most basic desideratum of a metric is that its output be meaningful. The metrics discussed below strive for this, although some achieve it better than others.
The metrics used for comparison in the present application are the Beth. Borcherding, and Klein metric, the Zimmermann metric, the Maurer metric, and the Reiter-Stubblebine metric. Each of these metrics, as described below, operates using a directed graph. The graph consists of nodes and edges as shown in FIG.
1
.
Beth-Borcherding-Klein
The Beth-Borcherding-Klein metric takes as an input a set of trust relationships that can be represented by a directed graph. The nodes of the graph are entities. There are two types of edges in this graph. The first type is a “direct edge”. The direct edge A→B means that A believes it can authenticate (i.e., has the public key for) B. The second type of edge is a “recommendation edge”; the recommendation A→B represents that A trusts B to authenticate other entities or to recommend other entities to authenticate or further recommend. Associated with each recommendation and direct edge is a value in the range [0, 1]. In the case of a direct edge A→B, this value is A's estimation of the probability that A really holds the correct public key for B. The value on a recommendation edge A→B represents the degree of A's trust in B as a recommender, where higher values indicate stronger trust.
Given a specific query, say user A wanting the public key for entity B, the metric computes a value in the range [0, 1], using all paths from A to B whose last edge is direct and whose other edges are recommendation edges, such as A→C→D→B.
The Beth-Borcherding-Klein metric, however, suffers from a number of deficiencies. First, evaluating this metric requires the user to collect values from other entities for the various direct and recommendation edges. Before the user can safely assign a value to the edge A→B or A→B, the user must authenticate this value as having come from A. Assuming that this authentication is performed cryptogr
Reiter Michael Kendrick
Stubblebine Stuart Gerald
Barrón Jr. Gilberto
Kenyon & Kenyon
LandOfFree
Method for providing authentication assurance in a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for providing authentication assurance in a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for providing authentication assurance in a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2916990