Trustworthy Internet (TrustInet)

Security is seen by many as the primary problem of the Internet today. Indeed, SPAM volumes are growing vastly each month. Popular Web servers are brought down by Distributed Denial-of-Service attacks. Phishing and pharming web sites and emails steal users' identity and money. In some networks, the useful traffic is only a fraction of all junk being transmitted.

While novel solutions are constantly proposed by Internet researchers, the current rigid Internet architecture makes it difficult to deploy something new, especially if router modifications are necessary. Commercial software continues to offer a vast set of exploits even at a zero-day level. Some people already feel that the Internet users have lost the battle for the usable and secure networking.

Pretty Good Privacy (PGP) has been helping email users to exchange email securely by signing or encrypting messages with own private/public keys. To ensure that the keys indeed belong to a claimed person, community uses the concept of web of trust to sign each other keys. A trust chain through several people can be build to verify the person's key. Unfortunately, PGP keys are often difficult to find or manage. Public keys with signatures are stored on multiple key servers that are loosely synchronized. Furthermore, PGP is not directly applicable to authenticate Internet hosts or SSL certificates. Using PGP requires substantial training and still is out of reach for usual users.

While the scale of security problems in the Internet is immense for any single organization to tackle, the TrustInet project hopes to contribute towards a better Internet along following lines:

TrustInet closely collaborates with the Infrastructure for HIP project.