# "Trust Metrics" (fwd)

From: Rohit Khare (rohit@munchkin.ICS.UCI.EDU)
Date: Sun Jan 23 2000 - 18:46:17 PST

Date: Sat, 22 Jan 2000 22:05:46 -0800
From: Raph Levien <raph@onan.artofcode.com>
Subject: Re: Scaling PGP

Steve Schear wrote:
> I haven't explored it, but I think slashdot has something
> like this. Nyms post; the posted articles get rated by
> other nyms. Don't recall what a high rating brings, though.

You can view comments sorted by score and/or have a minimum
threshold. Thus, a higher score means more people will see your
article. Slashdot has scoring both for individual articles (moderation
score) and for accounts (karma). The initial moderation score for an
article depends on the user's karma, then can be moderated up. There's
also a "meta-moderation" system for evaluating the trustworthiness of
users applying moderation points, which otherwise are mostly
self-selected. The details of meta-moderation are not known, as far as
I can tell.

Basically, you're getting into the area of trust metrics here, which
is what my PhD work is about. Trust metrics are hard to do right, but
ultimately, I believe, will be fabulously useful for filtering data
and transactions. If you want to play with trust metrics in an actual
application, try http://www.advogato.org/ .

To my mind, the most important feature of a trust metric is that it be
attack-resistant. In other words, the amount of damage an attacker can
do should scale smoothly with the number of certificates he has to
fake. Most trust metrics are far from attack resistant, and indeed the
one that came to mind immediately that's based on positive and
negative experiences [BBK94] is pitifully vulnerable to attack, as
shown by [RS97b].

The trust metrics in [LA98] are better, but still subject to
catastrophic failure. Specifically, they can well tolerate a single
node being attacked, or even a small number, but once a threshold is
reached, an attacker can get pretty much do anything he wants. This
threshold can be raised, but only at the cost of raising the total
number of certificates needed (and thus the cost of certification).

The trust metric in Advogato avoids these problems but makes a number
of assumptions in addition to those usual for trust metrics. In
general, a trust metric evaluates a single assertion in isolation (eg,
"nym X is reputable"), while the Advogato trust metric evaluates a
whole batch at once. This work is not yet published. (thanks FC00
program committee!)

Having negative reputations also brings up the whole issue of whether
a denial of service attack can remove negative certificates and thus
give the attacker an incorrectly high reputation.

So, yes, reputation evaluated with trust metrics is promising, but
it's tricky ground.

Have fun!

Raph

[BBK94] T. Beth, M. Borcherding, and B. Klein. Valuation of trust
in open netwoks. In D. Gollman, ed., \emph{Computer Security --
ESORICS '94} (Lecture Notes in Computer Science 875), pages 3-18,
Springer Verlag, 1994.

[LA98] R. Levien and A. Aiken, Attack resistant trust metrics
for public key certification.'' \emph{7th USENIX Security Symposium},
Jan 26--29, 1998. San Antonio, Texas.

[RS97b] M. Reiter and S. Stubblebine. Toward Acceptable
Metrics of Authentication. In \emph{Proceedings of the 1997 IEEE
Symposium on Security and Privacy,}, May 1997.

This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 18:47:28 PST