A Trustless Privacy-Preserving Reputation System

Reputation systems are crucial for distributed applications in which users have to be made accountable for their actions, such as e-commerce websites. However, existing systems often disclose the identity of the raters, which might deter honest users from submitting reviews out of fear of retaliation from the ratees. While many privacy-preserving reputation systems have been proposed, we observe that none of them is simultaneously truly decentralized, trustless, and suitable for real world usage in, for example, e-commerce applications. In this paper, we present a blockchain based decentralized privacy-preserving reputation system. We demonstrate that our system provides correctness and security while eliminating the need for users to trust any third parties or even fellow users.

[1]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[2]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[3]  Florian Kerschbaum,et al.  A verifiable, centralized, coercion-free reputation system , 2009, WPES '09.

[4]  Tatsuaki Okamoto,et al.  Efficient Blind and Partially Blind Signatures Without Random Oracles , 2006, IACR Cryptol. ePrint Arch..

[5]  Davide Carboni Feedback based Reputation on top of the Bitcoin Blockchain , 2015, ArXiv.

[6]  Jacques Stern,et al.  Provably Secure Blind Signature Schemes , 1996, ASIACRYPT.

[7]  Tassos Dimitriou,et al.  Multi-Party Trust Computation in Decentralized Environments , 2012, 2012 5th International Conference on New Technologies, Mobility and Security (NTMS).

[8]  Evan Duffield,et al.  Dash: A Privacy-Centric Crypto-Currency , 2017 .

[9]  Audun Jøsang,et al.  AIS Electronic Library (AISeL) , 2017 .

[10]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[11]  Morgen E. Peck The Bitcoin Arms Race is on , 2013 .

[12]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[13]  Emmanuelle Anceaume,et al.  A privacy preserving distributed reputation mechanism , 2013, 2013 IEEE International Conference on Communications (ICC).

[14]  Shlomi Dolev,et al.  Efficient private multi-party computations of trust in the presence of curious and malicious users , 2014, Journal of Trust Management.

[15]  Alexander Schaub,et al.  A Trustless Privacy Preserving Reputation System based on Blockchain , 2016 .

[16]  Elaine Shi,et al.  Signatures of Reputation , 2010, Financial Cryptography.

[17]  Elisa Bertino,et al.  A Decentralized Privacy Preserving Reputation Protocol for the Malicious Adversarial Model , 2013, IEEE Transactions on Information Forensics and Security.

[18]  Nicolas Houy,et al.  It Will Cost You Nothing to 'Kill' a Proof-of-Stake Crypto-Currency , 2014 .

[19]  P. Resnick,et al.  The value of reputation on eBay: A controlled experiment , 2006 .

[20]  Emmanuelle Anceaume,et al.  Efficient Distributed Privacy-Preserving Reputation Mechanism Handling Non-Monotonic Ratings , 2015 .

[21]  Marc Pilkington,et al.  Blockchain Technology: Principles and Applications , 2015 .

[22]  Thomas Pornin Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) , 2013, RFC.

[23]  Paul Resnick,et al.  Trust among strangers in internet transactions: Empirical analysis of eBay' s reputation system , 2002, The Economics of the Internet and E-commerce.

[24]  Kourosh Davarpanah,et al.  NeuCoin: The First Secure, Cost-Efficient and Decentralized Cryptocurrency , 2015, ArXiv.

[25]  Jeffrey S. Rosenschein,et al.  Supporting Privacy in Decentralized Additive Reputation Systems , 2004, iTrust.

[26]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[27]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[28]  Sunny King,et al.  PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake , 2012 .

[29]  Elisa Bertino,et al.  Preserving privacy of feedback providers in decentralized reputation systems , 2012, Comput. Secur..

[30]  David R. Karger,et al.  Koorde: A Simple Degree-Optimal Distributed Hash Table , 2003, IPTPS.

[31]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[32]  Christoph Sorge,et al.  Privacy-preserving reputation management , 2014, SAC.

[33]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[34]  Emmanuelle Anceaume,et al.  Privacy-Preserving Reputation Mechanism: A Usable Solution Handling Negative Ratings , 2015, IFIPTM.

[35]  Tal Malkin,et al.  Reputation Systems for Anonymous Networks , 2008, Privacy Enhancing Technologies.

[36]  Ehud Gudes,et al.  Methods for Computing Trust and Reputation While Preserving Privacy , 2009, DBSec.

[37]  Robert Morris,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM 2001.

[38]  A. Poelstra Distributed Consensus from Proof of Stake is Impossible , 2015 .