Michael Reiter and Stuart Stubblebine
Affiliation: AT&T Laboratories
Abstract: Authenticating the source of a message in a large distributed system can be difficult due to the lack of a single authority that can tell for whom a channel speaks. This has led many to propose the use of a path of authorities, each able to authenticate the next, such that the first authority in the path can be authenticated by the message recipient and the last authority in the path can authenticate the message source. In this talk we suggest the use of multiple such paths to bolster assurance in the authentication of the message source, and explore properties of those paths that strengthen authentication. We demonstrate this approach with PathServer, a web-based service for locating paths from a trusted key to a query key in the PGP framework. We describe the challenges in building PathServer, experience with its usage, and ongoing work.

For more information, see http://www.research.att.com/~reiter/PathServer.