Mathematical Mesh Part IV: The Trust Mesh
draft-hallambaker-mesh-trust-00
|
Document |
Type |
|
Active Internet-Draft (individual)
|
|
Last updated |
|
2019-01-18
|
|
Stream |
|
(None)
|
|
Intended RFC status |
|
(None)
|
|
Formats |
|
plain text
xml
pdf
html
bibtex
|
Stream |
Stream state |
|
(No stream defined) |
|
Consensus Boilerplate |
|
Unknown
|
|
RFC Editor Note |
|
(None)
|
IESG |
IESG state |
|
I-D Exists
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
(None)
|
Network Working Group P. Hallam-Baker
Internet-Draft January 18, 2019
Intended status: Informational
Expires: July 22, 2019
Mathematical Mesh Part IV: The Trust Mesh
draft-hallambaker-mesh-trust-00
Abstract
This paper extends Shannon's concept of a 'work factor' as applied to
evaluation of cryptographic algorithms to provide an objective
measure of the practical security offered by a protocol or
infrastructure design. Considering the hypothetical work factor
based on an informed estimate of the probable capabilities of an
attacker with unknown resources provides a better indication of the
relative strength of protocol designs than the computational work
factor of the best-known attack.
The social work factor is a measure of the trustworthiness of a
credential issued in a PKI based on the cost of having obtained the
credential through fraud at a certain point in time. Use of the
social work factor allows evaluation of Certificate Authority based
trust models and peer to peer (Web of Trust) models to be evaluated
in the same framework. The analysis demonstrates that both
approaches have limitations and that in certain applications, a
blended model is superior to either by itself.
The final section of the paper describes a proposal to realize this
blended model using the Mathematical Mesh.
This document is also available online at
http://mathmesh.com/Documents/draft-hallambaker-mesh- trust.html [1]
.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
Hallam-Baker Expires July 22, 2019 [Page 1]
Internet-Draft Mathematical Mesh Trust Model January 2019
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 22, 2019.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Work Factor . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Computational Work Factor . . . . . . . . . . . . . . . . 3
1.2. Hypothetical Work Factor . . . . . . . . . . . . . . . . 4
1.3. Known Unknowns . . . . . . . . . . . . . . . . . . . . . 5
1.4. Defense in Depth . . . . . . . . . . . . . . . . . . . . 6
1.5. Mutual Reinforcement . . . . . . . . . . . . . . . . . . 7
1.6. Safety in Numbers . . . . . . . . . . . . . . . . . . . . 8
1.7. Cost Factor . . . . . . . . . . . . . . . . . . . . . . . 10
1.8. Social Work Factor . . . . . . . . . . . . . . . . . . . 12
1.8.1. Related work . . . . . . . . . . . . . . . . . . . . 14
2. The problem of trust . . . . . . . . . . . . . . . . . . . . 14
2.1. Existing approaches . . . . . . . . . . . . . . . . . . . 15
2.1.1. Trust After First Use (TAFU) . . . . . . . . . . . . 15
2.1.2. Direct Trust . . . . . . . . . . . . . . . . . . . . 16
2.1.3. Certificate Authority . . . . . . . . . . . . . . . . 16
2.1.4. Web of Trust . . . . . . . . . . . . . . . . . . . . 17
2.1.5. Chained notary . . . . . . . . . . . . . . . . . . . 18
2.1.6. A blended approach . . . . . . . . . . . . . . . . . 19
3. The Mesh of Trust . . . . . . . . . . . . . . . . . . . . . . 21
3.1. Master Profile . . . . . . . . . . . . . . . . . . . . . 21
3.2. Uniform Data Fingerprints . . . . . . . . . . . . . . . . 21
3.3. Strong Internet Names . . . . . . . . . . . . . . . . . . 22
3.4. Trust notary . . . . . . . . . . . . . . . . . . . . . . 23
3.5. Endorsement . . . . . . . . . . . . . . . . . . . . . . . 23
3.6. Evaluating trust . . . . . . . . . . . . . . . . . . . . 23
Show full document text