In Cory Doctorow’s novel, Little Brother, the protagonist Marcus Yallow and his comrades form a web of trust as a response to the DHS’s infiltration of the Xnet. The concept of a web of trust intrigued me. As a product of cryptography, the web of trust relies heavily on the actual trust between individuals and less so on the complexity of the cipher. The biggest weakness of the web of trust is not that the cipher can be broken, but that the people involved may be untrustworthy. In addition, one untrustworthy person can compromise the entire web because each person holds the others’ keys. The danger of the web of trust is illustrated with Masha’s threat that she can compromise the whole web of trust because she is a part of it.
Another aspect of the web of trust that I found interesting was that it required the participants to meet in person. Although it reduces the convenience and accessibility of the web of trust, it greatly increases its security. As mentioned in the novel, public-key cryptography is vulnerable to the man-in-the-middle (in Marcus’s case, the DHS) and could result in the unknown interception and decryption of incriminating messages. With the web of trust, only those in the web have access to the public keys, and therefore all the messages received by others from the web are guaranteed to be legitimate.
The logic and encryption behind the web of trust is invincible to decryption. The intelligence of a cryptanalyst is irrelevant to breaking a web of trust; in fact, exploiting the instability of human relationships is the only method in which the web can be broken. Because the web’s security relies on human emotion and the trust between individuals, it could actually be potentially weaker than other forms of cryptography. The fickle nature of trust formed between friends and colleagues is a risk that could possibly equal the mathematical vulnerability of other ciphers.
Image: "wide web," by josef.stuefer, Flickr (CC)