Trust Issues in PGP and Solutions
-
摘要: PGP(Pretty Good Privacy)作为强有力的公钥加密工具,已经得到广泛的应用,但不正确的信任假设常常会破坏PGP的安全性.详细研究了PGP的信任模型——信任网,给出其信任结构及信任推理过程.对于PGP中的薄弱环节,提出了相应的解决办法.Abstract: As a powerful public key based encryption tool, PGP(Pretty Good Privacy) has been used widely, but wrongful trust assumptions often undermine its security. The PGP's trust model, web of trust, is discussed in detail. The trust architecture and reasoning are presented. Some suggestions are given to solve the vulnerabilities in PGP.
-
Key words:
- computer networks /
- secret communication /
- security /
- trust
-
[1] Pretty good privacy user-s guide .Distributed with the PGP Software, Version 7.0, 2001 [2] An introduction of cryptography .Distributed with the PGP Software, Version 7.0, 2001 [3] Philip R Zimmermann. The official PGP user's Guide[M]. Cambridge:MIT Press, 1995 [4] Feigenbaum J, Blaze M, Lacy J. Decentralized trust management . In:Proceedings of the IEEE Conference on Security and Privacy . Oakland:IEEE,1996. 164~173 [5] ITU-T recommendation X.509 (1997 E):Information technology-open systems interconnection-the Directory:authentication framework[S],1997 [6] Myers M, Ankney R, Malpani A. RFC 2560, X.509 Internet public key infrastructure online certificate status protocol-OCSP[S],1999
点击查看大图
计量
- 文章访问数: 2732
- HTML全文浏览量: 53
- PDF下载量: 1468
- 被引次数: 0