论文信息 - Privacy-preserving reputation management

Privacy-preserving reputation management

Reputation systems provide reputation values of rated parties to users. These reputation values, typically aggregations of individual user ratings, shall be reliable, i.e. should enable a realistic assessment of the probability that the rated party behaves as expected in a transaction. In order for the reputation values to stay reliable and, thus, for the reputation system to provide a benefit, the system needs to be resistant against manipulations by users, the rated parties trying to improve their reputation values, and even against competitors trying to worsen a reputation value. At the same time, a reputation system shall provide privacy protection for users: rated parties shall not be able to learn who provided a certain rating. Otherwise users might not take part in the system as they fear bad feedback in revenge for bad ratings, or users do not want to be connected to certain transactions based on their provided ratings. In this paper we come up with a solution that provides both, reliability of reputation values on the one hand, and privacy protection for users on the other hand. In contrast to related work, our solution only makes use of a single reputation provider that needs to be trusted (to a certain extent) and does not require any bulletin boards to be present in the system. We make use of the Paillier cryptosystem to provide an aggregation of individual user ratings in a way that no party can learn which user provided a certain rating.

Christoph Sorge | Ronald Petrlic | Sascha Lutters

[1] Robin Cohen,et al. Smart cheaters do prosper: defeating trust and reputation systems , 2009, AAMAS.

[2] Audun Jøsang,et al. Robustness of Trust and Reputation Systems: Does It Matter? , 2012, IFIPTM.

[3] Vitaly Shmatikov,et al. Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[4] International Foundation for Autonomous Agents and MultiAgent Systems ( IFAAMAS ) , 2007 .

[5] Florian Kerschbaum,et al. A verifiable, centralized, coercion-free reputation system , 2009, WPES '09.

[6] Paul Resnick,et al. Eliciting Informative Feedback: The Peer-Prediction Method , 2005, Manag. Sci..

[7] Sandra Steinbrecher,et al. Privacy, Liveliness and Fairness for Reputation , 2011, SOFSEM.

[8] Jacques Stern,et al. Practical multi-candidate election system , 2001, PODC '01.

[9] Pascal Paillier,et al. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.