Path independence for authentication in large-scale systems
Authenticating the source of a message in a large distributed system can be difficult due to the lack of a single authority that can tell for whom a channel speaks. This has led many to propose the use of a path of authorities, each able to authenticate the next in the path, such that the first in the path can be authenticated by the message recipient and the last can authenticate the message source. In this paper we suggest the use of multiple paths to provide redundant confirmation of the message source, and focus on two related notions of path independence that seem to bolster authentication. We formalize the problems of locating maximum sets of paths with these independence properties in a graph-theoretic framework, give evidence that they are not polynomial-time solvable, and propose approximation algorithms for these problems. We also introduce PathServer for PGP, a service for finding sets of such paths to support authentication in PGP applications.
