research-article

A verifiable, centralized, coercion-free reputation system

Author:
Florian Kerschbaum

SAP Research, Karlsruhe, Germany

SAP Research, Karlsruhe, Germany
View Profile

WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic societyNovember 2009Pages 61–70https://doi.org/10.1145/1655188.1655197

Published:09 November 2009Publication History

WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic society

Pages 61–70

ABSTRACT

Reputation systems are popular tools to evaluate the trustworthiness of an unknown party before a transaction, but the reputation score can greatly impact the rated subject, such that it might be inclined to suppress negative ratings. In order to elicit coercion-resistant, honest feedback, this paper proposes a reputation system that provides complete privacy of the ratings, i.e. neither the ratee nor the reputation system will learn the value of the rating. We take both, a cryptographic as well as a non-cryptographic approach, to the problem. Privacy of ratings may foster bad mouthing attacks where an attacker leaves intentionally bad feedback. We limit the possibility for this attack by providing a token system such that one can only leave feedback after a transaction, and provide a cryptographic proof of the privacy of our system. We consider the Virtual Organization formation problem and develop and evaluate a novel reputation aggregation algorithm for it.

References

R. Agrawal, and R. Srikant. Privacy-Preserving Data Mining. ACM SIGMOD Record 29(2), 2000. Google ScholarDigital Library
E. Androulaki, S. Choi, S. Bellovin, and T. Malkin. Reputation Systems for Anonymous Networks. Proceedings of the 8th International Symposium on Privacy Enhancing Technologies, 2008. Google ScholarDigital Library
A. Arenas, B. Aziz, and G. Silaghi. Reputation Management in Grid-Based Virtual Organisations. Proceedings of the International Conference on Security and Cryptography, 2008.Google Scholar
J. Benaloh. Verifiable Secret-Ballot Elections. PhD thesis, Yale University, 1987. Google ScholarDigital Library
M. Ben-Or, S. Goldwasser, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. Proceedings of the 20th ACM symposium on theory of computing, 1988. Google ScholarDigital Library
Y. Bo, Z. Min, and L. Guohuan. A Reputation System with Privacy and Incentive. Proceedings of the 8th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2007. Google ScholarDigital Library
D. Boneh, and M. Franklin. Identity Based Encryption from the Weil Pairing. SIAM Journal of Computing 32(3), 2003. Google ScholarDigital Library
D. Boneh, B. Lynn, and H. Shacham. Short Signatures from the Weil Pairing. Proceedings of Asiacrypt, 2001. Google ScholarDigital Library
J. Camenisch, and E. Van Herreweghen. Design and Implementation of the Idemix Anonymous Credential System. Proceedings of the 9th ACM Conference on Computer and Communications Security, 2002. Google ScholarDigital Library
J. Camenisch, and A. Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. Proceedings of EUROCRYPT, 2001. Google ScholarDigital Library
J. Canny. Collaborative Filtering with Privacy. Proceedings of the IEEE Symposium on Security and Privacy, 2002. Google ScholarDigital Library
T. Chen, W. Han, H. Wang, Y. Zhou, B. Xu, and B. Zang. Content Recommendation System Based on Private Dynamic User Profile. Proceedings of the International Conference on Machine Learning and Cybernetics, 2007.Google ScholarCross Ref
I. Damgard, and M. Jurik. A Generalisation, a Simplification and some Applications of Pailliers Probabilistic Public-Key System. Proceedings of International Conference on Theory and Practice of Public-Key Cryptography, 2001. Google ScholarDigital Library
O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. Proceedings of the 19th ACM conference on theory of computing, 1987. Google ScholarDigital Library
J. Groth. A Verifiable Secret Shuffle of Homomorphic Encryptions. Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography, 2003. Google ScholarDigital Library
A. Josang, R. Ismail. The Beta Reputation System. Proceedings of the 15th Bled Electronic Commerce Conference, 2002.Google Scholar
A. Joux, and K. Nguyen. Separating Decision Diffie-Hellman from Diffie-Hellman in Cryptographic Groups. IACR E-print Archive 2001/03, 2001.Google Scholar
F. Kerschbaum, J. Haller, Y. Karabulut, and P. Robinson. PathTrust: A Trust-Based Reputation Service for Virtual Organization Formation. Proceedings of the 4th International Conference on Trust Management, 2006. Google ScholarDigital Library
M. Kinateder, and S. Pearson. A Privacy-Enhanced Peer-to-Peer Reputation System. Proceedings of the 4th International Conference on Electronic Commerce and Web Technologies, 2003.Google ScholarCross Ref
Y. Lindell, and B. Pinkas. Privacy Preserving Data Mining. Proceedings of Crypto, 2000. Google ScholarDigital Library
A. Lysyanskaya, R. Rivest, A. Sahai, and S. Wolf. Pseudonym Systems. Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography, 1999. Google ScholarDigital Library
T. Mahler, and T. Olsen. Reputation Systems and Data Protection Law. Proceedings of e-Challenges, 2004.Google Scholar
D. Naccache, and J. Stern. A New Public-Key Cryptosystem Based on Higher Residues. Proceedings of the ACM Conference on Computer and Communications Security, 1998. Google ScholarDigital Library
V. Naessens, L. Demuynck, and B. De Decker. A Fair Anonymous Submission and Review System. Proceedings of the 10th IFIP International Conference on Communications and Multimedia Security, 2006. Google ScholarDigital Library
A. Narayanan, and V. Shmatikov. Robust De-anonymization of Large Sparse Datasets. Proceedings of the 29th IEEE Symposium on Security and Privacy, 2008. Google ScholarDigital Library
A. Narayanan, and V. Shmatikov. De-anonymizing Social Networks. Proceedings of the 30th IEEE Symposium on Security and Privacy, 2009. Google ScholarDigital Library
L. Nguyen, R. Safavi-Naini, and K. Kurosawa. Verifiable shuffles: a formal model and a Paillier-based three-round construction with provable security. International Journal of Information Security 5(4), 2006. Google ScholarDigital Library
T. Norman, A. Preece, S. Chalmers, N. Jennings, M. Luck, V. Dang, T. Nguyen, V. Deora, J. Shao, A. Gray, and N. Fiddian. CONOISE: Agent-based formation of virtual organisations. Proceedings of the 23rd SGAI International Conference on Innovative Techniques and Applications of AI, 2003.Google Scholar
T. Okamoto, and S. Uchiyama. A new public-key cryptosystem as secure as factoring. Proceedings of EUROCRYPT, 1998.Google ScholarCross Ref
P. Paillier. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. Proceedings of EUROCRYPT, 1999. Google ScholarDigital Library
E. Pavlov, J. Rosenschein, and Z. Topol. Supporting Privacy in Decentralized Additive Reputation Systems. Proceedings of the 2nd International Conference on Trust Management, 2004.Google ScholarCross Ref
F. Pingel, and S. Steinbrecher. Multilateral Secure Cross-Community Reputation Systems for Internet Communities. Proceedings of the 5th International Conference on Trust, Privacy and Security in Digital Business, 2008. Google ScholarDigital Library
P. Resnick, K. Kuwabara, R. Zeckhauser, and E. Friedman. Reputation Systems. Communications of the ACM 43(12), 2000. Google ScholarDigital Library
P. Robinson, F. Kerschbaum, and A. Schaad. From Business Process Choreography to Authorization Policies. Proceedinfs of the 20th IFIP Conference on Data and Applications Security, 2006.Google ScholarCross Ref
S. Steinbrecher. Design Options for Privacy-Respecting Reputation Systems within Centralised Internet Communities. Proceedings of the 21st IFIP International Information Security Conference, 2006.Google ScholarCross Ref
G. Swamynathan, B. Zhao, K. Almeroth, and R. Jammalamadaka. Towards Reliable Reputations for Dynamic Networked Systems. Proceedings of the IEEE Symposium on Reliable Distributed Systems, 2008. Google ScholarDigital Library
M. Voss, A. Heinemann, M. Mühlhäuser. A Privacy Preserving Reputation System for Mobile Information Dissemination Networks. Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks 2005. Google ScholarDigital Library
A. Yao. Protocols for Secure Computations. Proceedings of the IEEE Symposium on foundations of computer science 23, 1982. Google ScholarDigital Library

Index Terms

A verifiable, centralized, coercion-free reputation system
1. Human-centered computing
  1. Collaborative and social computing
2. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security

Recommendations

On-line Reputation Systems: The Effects of Feedback Comments and Reactions on Building and Rebuilding Trust in On-line Auctions

Previous research on reputation systems primarily focused on their trust-building function. The present research addresses their trust-rebuilding function-specifically, the role of the short text comments given in reaction to negative feedback. ...
Read More
Modeling and Evaluating a Robust Feedback-Based Reputation System for E-Commerce Platforms

Despite the steady growth of e-commerce communities in the past two decades, little has changed in the way these communities manage reputation for building trust and for protecting their member's financial interests against fraud. As these communities ...
Read More
e-Trust and reputation

Trust online can be a hazardous affair; many are trustworthy, but some people use the anonymity of the web to behave very badly indeed. So how can we improve the quality of evidence for trustworthiness provided online? I focus on one of the devices we ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic society
November 2009
130 pages
ISBN:9781605587837
DOI:10.1145/1655188
General Chair:
Ehab Al-Shaer
De Paul University, USA
,
Program Chair:
Stefano Paraboschi
Università di Bergamo, Italy
Copyright © 2009 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 9 November 2009
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
privacy
rater privacy
reputation systems
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate106of355submissions,30%
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 37
  Total Citations
  View Citations
- 301
  Total Downloads
- Downloads (Last 12 months)14
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A verifiable, centralized, coercion-free reputation system

WPES '09: Proceedings of the 8th ACM workshop on Privacy in the electronic society

ABSTRACT

References

Cited By

Index Terms

Recommendations

On-line Reputation Systems: The Effects of Feedback Comments and Reactions on Building and Rebuilding Trust in On-line Auctions

Modeling and Evaluating a Robust Feedback-Based Reputation System for E-Commerce Platforms

e-Trust and reputation