Trust Chains

Components

Trust Chains library, standalone client, and dht backend for automatic sharing of trust data.

Synopsis

The first time I used frost's trust circles type identification system, I thought, what if users could be given ranks instead of just fully trusted and not trusted. Expanding on this what if ranks for entities that I cant directly verify could be based on the rankings given by those that I do?

This project presents a simple api for performing this task. The idea is similar to trust circles, but far more scalable than their "in or out" system where once an attacker gets on the inside, everything is compromised. Digital signatures are used to ensure authenticity of all trust rankings. The algorithm at the core of the library computes the trust level of an unknown person based on the trust level (or a second ranking ability weight that ranks a person's ability to trust-rank others) of a person that the user directly knows, or a directly known person that knows a person recursively a necessary, taking into account all intermediate trust rankings. This algorithm, similar to "parlor trick-like" Bayesian algorithms for spam, provides a surprising amount of insight into the guesswork of determining the proper amount of trust (or privileges) that should be placed in an entity that is not directly known.

Example Uses

This program has immediate uses in file sharing systems, collaborative news ranking, secure communications, distributed authentication, and more. For example, say an extended family runs a website with photo galleries, which has sections that should be kept relatively private. The group could divide the pictures into "not private", "somewhat private", and "very private" collections. Then a leader can give out highest privileges to a number of people, who will in turn give privileges of a lesser degree to people they know etc. The authentication for everyone who uses the site would then on be determined on the server side from the seeding leader's trust chains.

This system has many advantages over a traditional system where there is one admin setting permissions for many people: It creates a maintainable authentication system where everyone can help rank everyone else. It allows the "seeders" maintain ultimate control while allowing them to pass any necessary portion of their control off on other trusted people. Finally, if any or all of the original seeders come and go or disappear, the system recovers and remains fully maintained.

Features

TODO- In the mean time, see the details below.

Details

There are web-based, command line and graphical front ends.

Command line

The command line interface can be used similar to PGP. Its simplest usage is to sign, verify, and calculate the trust value of messages. The following wrappers provide most of the functionality:

  • tchain - main program.
  • csign - sign message.
  • cverify - verify chains.
  • cnew - create new entity.
  • cdumpchains - dump all or parts of chains.
  • cadd - add entity to chain.
  • cchange - change trust, votes, or comments of a friend.
  • cupdate - update entity's chain from file or dht.
  • cdel - delete friend from chain.
  • cstats - trust ranking and other info about an entity.

Examples:

A signed message from an unknown friend is received. Verify message and calculate trust level:

$ cverify message.txt

Trust Calculation Example:

Update- the original example is lost.. I'll rewrite this soon:

Full trust graph:

ex1

Graph relevant in finding bob2's trust with respect to Me:

ex2

Graph with weighted trust levels calculated:

ex3

Implementation Notes.

The following functions use the specified files:
  • save: chain,pubkey,[prvkey]
  • update_friend/add_friend: chain,pubkey,prvkey,known_hosts
  • change_stats: chain,pubkey,[prvkey]
  • get_stats: chain,pubkey,[prvkey],known_hosts
  • del_friend: chain,pubkey,prvkey,known_hosts
  • verify_chains: chain,pubkey,[prvkey],known_hosts

Project Schedule.

Most of the primary functionality is implemented. Other projects are currently taking up all my time, but I would be happy to release a beta if anyone's interested. Please feel free to contact me at gosselit at gmail.

SourceForge.net Logo GNU Emacs Gentoo Restructured Text

2005 ANS.