Investigating the OpenPGP Web of Trust

Alexander Ulrich, Ralph Holz, Peter Hauck, Georg Carle

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

28 Citations (Scopus)

Abstract

We present results of a thorough analysis of the OpenPGP Web of Trust. We conducted our analysis on a recent data set with a focus on determining properties like usefulness and robustness. To this end, we analyzed graph topology, identified the strongly connected components and derived properties like verifiability of keys, signature chain lengths and redundant signature paths for nodes. Contrary to earlier works, our analysis revealed the Web of Trust to be only similar to a scale-free network, with different properties regarding the hub structure and its influence on overall connectivity. We also analyzed the community structure of the Web of Trust and mapped it to social relationships. Finally, we present statistics which cryptographic algorithms are in use and give recommendations.
Original languageEnglish
Title of host publicationComputer Security – ESORICS 2011
Subtitle of host publication16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14, 2011. Proceedings
EditorsVijay Atluri, Claudia Diaz
Place of PublicationBerlin, Heidelberg
PublisherSpringer
Pages489-507
ISBN (Electronic)978-3-642-23822-2
ISBN (Print)978-3-642-23821-5
DOIs
Publication statusPublished - 2011
Externally publishedYes
Event16th European Symposium on Research in Computer Security, ESORICS 2011 - Leuven, Belgium
Duration: 12 Sept 201114 Sept 2011
Conference number: 16

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume6879
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference16th European Symposium on Research in Computer Security, ESORICS 2011
Abbreviated titleESORICS
Country/TerritoryBelgium
CityLeuven
Period12/09/1114/09/11

Keywords

  • Web of Trust
  • OpenPGP
  • GnuPG
  • PGP
  • Community structure

Fingerprint

Dive into the research topics of 'Investigating the OpenPGP Web of Trust'. Together they form a unique fingerprint.

Cite this