PRISM Proof Trust Model

Document Type Expired Internet-Draft (individual)
Author Phillip Hallam-Baker 
Last updated 2015-04-30 (latest revision 2014-10-27)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text xml pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This paper extends Shanon's concept of a 'work factor' to provide an objective measure of the practical security offered by a protocol or infrastructure design. Considering the hypothetical work factor based on an informed estimate of the probable capabilities of an attacker with unknown resources provides a better indication of the relative strength of protocol designs than the computational work factor of the best known attack. The social work factor is a measure of the trustworthiness of a credential issued in a PKI based on the cost of having obtained the credential through fraud at a certain point in time. Use of the social work factor allows evaluation of Certificate Authority based trust models, peer to peer (Web of Trust) models to be evaluated in the same framework. The analysis shows that each model has clear benefits over the other for some classes of user but most classes of user are served better by a combination of both.


Phillip Hallam-Baker (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)