@inbook{jiang_reeves_ning_2004, title={Certificate recommendations to improve the robustness of web of trust}, volume={3225}, ISBN={3540232087}, DOI={10.1007/978-3-540-30144-8_25}, abstractNote={Users in a distributed system establish webs of trust by issuing and exchanging certificates amont themselves. This approach does not require a central, trusted keyserver. The distributed web of trust, however, is susceptible to attack by malicious users, who may issue false certificates. In this work, we propose a method for generating certificate recommendations. These recommendations guide the users in creating webs of trust that are highly robust to attacks. To accomplish this we propose a heuristic method of graph augmentation for the certificate graph, and show experimentally that it is close to optimal. We also investigate the impact of user preferences and non-compliance with these recommendations, and demonstrate that our method helps identify malicious users if there are any.}, booktitle={Information security: 7th international conference, ISC 2004, Palo Alto, CA, USA, September 27-29, 2004: Proceedings}, publisher={Berlin; New York: Springer}, author={Jiang, Q. L. and Reeves, D. S. and Ning, P.}, editor={K. Zhang and Zheng, Y.Editors}, year={2004}, pages={292–303} }
 @inbook{jiang_reeves_ning_2004, title={Improving robustness of PGP keyrings by conflict detection}, volume={2964}, ISBN={3540209964}, DOI={10.1007/978-3-540-24660-2_16}, abstractNote={Secure authentication frequently depends on the correct recognition of a user’s public key. When there is no certificate authority, this key is obtained from other users using a web of trust. If users can be malicious, trusting the key information they provide is risky. Previous work has suggested the use of redundancy to improve the trustworthiness of user-provided key information. In this paper, we address two issues not previously considered. First, we solve the problem of users who claim multiple, false identities, or who possess multiple keys. Secondly, we show that conflicting certificate information can be exploited to improve trustworthiness. Our methods are demonstrated on both real and synthetic PGP keyrings, and their performance is discussed.}, booktitle={Topics in cryptology, CT-RSA 2004}, publisher={Berlin; New York: Springer}, author={Jiang, Q. L. and Reeves, D. S. and Ning, P.}, year={2004}, pages={194–207} }