Trust Made Simple Establish Trust with Anyone Online Using TruPal
Information
Författare: Marcus SchönBeräknat färdigt: 2024-06
Handledare: Johannes Lundsten
Handledares företag/institution: Truid AB
Ämnesgranskare: Justin Pearson
Övrigt: -
Presentation
Presentatör: Marcus SchönPresentationstid: 2024-06-24 10:15
Opponent: Marius Vangeli
Abstract
This thesis explores the development and implementation of a peer-to-peer authentication application called TruPal, in collaboration with the company Truid. The purpose of the thesis project is to allow users to authenticate each other’s identities over insecure communication channels on online platforms, enhancing trust in online interactions. It could be used to authenticate users in scenarios such as online dating, ride-sharing, and second-hand e-commerce. The project investigates the technical possibility of creating such an application, strategies to mitigate social manipulator-in-the-middle attacks, and the application’s broader socio-technical effects. A demonstration application was developed using the OAuth 2.0 protocol with Proof of Key Code Exchange (PKCE), proving it is technically possible to create. Its effectiveness in increasing trust and security in online interactions was evaluated. Mitigating social manipulator- in-the-middle attacks involves re-establishing a secure communication channel through the TruPal application immediately after authentication, for example via verified social media accounts. The socio-technical analysis highlighted several key points including the importance of ensuring inclusivity, and privacy and balancing cybersecurity measures with ease of use. The analysis also emphasizes the need for developers and stakeholders to adopt accountability, responsibility, and transparency to foster a trustworthy environment. The app aims to promote honesty and respect in online interactions.