2

Terms like "trustless protocol", "trusted third party", "trusted platform", "trusted server", etc. require a notion of trust. I already wrote

The term trust when used in the context of cryptography does not refer to personal confidence in whether a person is reliable or has good intentions but instead describes whether an entity can be assumed to always behave according to protocol within the given model.

and went looking for a source to back this claim up. Unfortunately, I wasn't able to find one, nor was I able to find one to say that my notion of what "trust" means in cryptography is wrong.

So what does this term refer to formally?

Squeamish Ossifrage
  • 48,392
  • 3
  • 116
  • 223
UTF-8
  • 264
  • 1
  • 10
  • 2
    Trust means a lot of things and depends on context. It's a complex term which doesn't have a single definition, let alone a single formal one. Trying to tie a single formal definition to it is futile. This is a complex world - better embrace it. That all said, I'd still upvote an answer that formally defines trust in a few common cryptographically relevant settings. I guess most of the time trust is however defined within specific protocols (e.g. I trust a certificate once it has been validated and verified). – Maarten Bodewes Dec 30 '17 at 00:57
  • Really it's mostly the same as in normal use: you trust some entity if your priors indicate a high probability of it acting non-maliciously. "Trustless" protocols are all about removing the possibility for the entity to act maliciously. The rest are just entities you trust in the conventional sense. – SAI Peregrinus Dec 30 '17 at 19:36
  • 1
    Finding statements of trust in cryptography being different from most people's notion of trust is easy (e.g. https://www.techrepublic.com/blog/it-security/the-meaning-of-cryptographic-trust/). Finding a good definition from a reputable source is difficult. I also don't see how my definition does not encompass trust in all its meanings. It just makes it easier to check because it contains criteria which can be examined. – UTF-8 Dec 30 '17 at 20:36

3 Answers3

4

A most common use of "trusted" in cryptography is to state that what's qualified as "trusted", by hypothesis, behaves/works/performs per a certain precise set of rules (which depends on context), and will perform no less and no more. That's the case in trusted third party, and trusted server.

A special case is "trusted" applied to data, e.g. trusted key. There, trusted means that the data is assumed to possess some property, which depends on context. Typically, having been generated by a certain party in a certain way and not having been altered by any adversary; or/and being unknown to any adversary. Data can become trusted after having passed a cryptographic check, e.g. a digital signature or Message Authentication Code verification; or be initially trusted (e.g. a Root Certification Authority public key).

In marketing talk like trusted platform module or trusted computing, "trusted" means intended for implementation of something trusted in the above cryptographic sense. Experience often shows otherwise, but confusion between intent and fact is the lesser of the many kinds of lies in marketing (which also has plain lies, damned lies, and statistics).

"Trustless" means not requiring something "trusted". For a protocol, that's not requiring a trusted arbitrator, typically replacing that with users that still are expected to largely play by some rule, because they have no long-term interest in doing otherwise (perhaps, unless enough users band together to rip the others).

fgrieu
  • 140,762
  • 12
  • 307
  • 587
2

Simply put, trusted in the context of cryptography or information security means that it is assumed that violating that trust is out-of-scope for the threat model, which allows you to simplify threat modeling. If your operating system is trusted, then attacks against the kernel are out-of-scope, freeing you to focus exclusively on analyzing configurations you've made and not all the code that makes up the OS. If you have a trusted third party (say, a Certificate Authority), then you can perform threat model analysis on web PKI without having to worry about a CA colluding with Eve, even if that is possible in reality.

In other words, "trusted X" means "attacks on X are considered out-of-scope". This is also why infosec is moving towards the trend of zero trust (although frankly, it's mostly a buzzword). It is true however that a more secure system has less trusted components, which equates to the threat modeling for that system being done with less attacks being pushed to the side or ignored as out-of-scope.

But most importantly, trusted does not imply trustworthy! It implies trusted and nothing more.

forest
  • 15,253
  • 2
  • 48
  • 103
  • 1
    Something tells me that we are going to be thinking about zero trust for the rest of our lives. It will be harder to get straight than randomness--and much, much harder to agree upon, especially by zero-trust purists. – Patriot Aug 15 '19 at 03:03
  • @Patriot Well the term "zero trust" is mostly a buzzword, but the idea of reducing trust down to a trusted computing base (TCB) is very useful for security. Formal verification makes it even more powerful. – forest Aug 15 '19 at 03:04
  • 1
    I think it is very valuable how you often go back to the threat model, as you did in your answer. – Patriot Aug 15 '19 at 03:07
-2

In this context, trust can be understood as secure or reliability.

maxadorable
  • 97
  • 1