Abstract:
One of the uncertainty factors in public-key authentication is the possible intentional or unintentional misbehaviour of entities, either by not carefully authenticating a person before issuing a certificate, or by creating false certificates in the first place. Both trust and authentication are hence uncertain to some degree and should preferably be modeled as such. In this work, a general approach to public-key authentication based on uncertain evidence is considered, in such scenario, it is not only trust, but also other pieces of evidence (for example entity authentication) can be uncertain. The PGP (Pretty Good Parity) public key authentication was analysed based on uncertainty evidence in order to show that public key trustworthiness is based on entity and key. The research simulates the public key confidence valuation validity system. The techniques are: diagonal dissection claims and hierarchical view of trust level. These measures trustworthiness of the entities using evidence and conclusions that consist three types of statements, which is denoted by AutX,K, CertK1,X,K2 and TrustX,K. Furthermore, persons (entities) and keys are combined to enhance authentication and alleviate problem authentication with respect to persons. Consequently, it was observed that the approaches established a trust management system for certification and authentication of a public key in an uncertainty evidence for two or more parties. Thus, the model facilitates the decidability of a key possessor in considering a key as being valid and usable for decrypting a cipher text.
