Matrix powers algorithms for trust evaluation in PKI architectures

This paper deals with the evaluation of trust in public-key infrastructures. Different trust models have been proposed to interconnect the various PKI components in order to propagate the trust between them. In this paper we provide a new polynomial algorithm using linear algebra to assess trust relationships in a network using different trust evaluation schemes. The advantages are twofold: first the use of matrix computations instead of graph algorithms provides an optimized computational solution; second, our algorithm can be used for generic graphs, even in the presence of cycles. Our algorithm is designed to evaluate the trust using all existing (finite) trust paths between entities as a preliminary to any exchanges between PKIs. This can give a precise evaluation of trust, and accelerate for instance cross-certificate validation.

💡 Research Summary

The paper addresses the problem of quantifying and propagating trust across entities in public‑key infrastructures (PKIs), where multiple certification authorities (CAs) must interoperate securely. Existing approaches largely rely on graph‑theoretic algorithms that work well on tree‑like or directed‑acyclic graph (DAG) structures but encounter difficulties when cycles are present or when many parallel paths must be considered; in some cases they reduce to NP‑hard problems such as Bounded Disjoint Paths.

The authors propose a fundamentally different solution based on linear algebra. They adopt a trust model in which each directed relationship is represented by a triple (trust, distrust, uncertainty), following the subjective logic framework of Jøsang. Two aggregation operators are defined: a sequential operator f that combines two consecutive trust links, and a parallel operator g that merges the results of multiple disjoint paths. Both operators are mathematically sound, preserve the