Privacy-friendly weighted-reputation aggregation protocols against malicious adversaries in cloud services

SUMMARY Reputation systems are used for evaluating trustworthiness of the users based on their feedback (i.e., votes) about each other. Such systems are particularly important for cloud service providers, as they allow them to collect and aggregate feedback on the past behavior of users. Weighted-reputation aggregation is a protocol, where the vote server has a weight vector for all voters, each voter has a vote score yi, and they cooperate to compute . We call it ‘privacy-friendly’, if the respective inputs are kept private. In other words, a privacy-friendly weighted aggregation protocol is a secure evaluation for functionality . In this work, we propose two privacy-friendly weighted-reputation aggregation protocols: one in semi-honest model and another one in malicious model. The latter protocol uses the cryptographic primitives of homomorphic encryption, verifiable encryption, and the proof of knowledge of a discrete logarithm. Our protocols need only two rounds of communications, which is very efficient in practice. Our protocols are secure against the collusion of at most n − 2 malicious adversaries.Copyright © 2014 John Wiley & Sons, Ltd.

[1]  Emmanuel Bresson,et al.  A Simple Public-Key Cryptosystem with a Double Trapdoor Decryption Mechanism and Its Applications , 2003, ASIACRYPT.

[2]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[3]  Roberto Tamassia,et al.  Private Distributed Scalar Product Protocol With Application To Privacy-Preserving Computation of Trust , 2007, IFIPTM.

[4]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[5]  Ling Liu,et al.  Preserving data privacy in outsourcing data aggregation services , 2007, TOIT.

[6]  Yun Liu,et al.  High energy‐efficient and privacy‐preserving secure data aggregation for wireless sensor networks , 2013, Int. J. Commun. Syst..

[7]  Balaji Srinivasan,et al.  A Practical Privacy Preserving E-Voting Scheme with Smart Card Using Blind Signature , 2012 .

[8]  A. R. Kenari,et al.  A robust and high speed E-voting algorithm using elgammel cryptosystem , 2010, 2010 The 2nd International Conference on Computer and Automation Engineering (ICCAE).

[9]  Philippe Gaborit,et al.  A Collusion-Resistant Distributed Scalar Product Protocol with Application to Privacy-Preserving Computation of Trust , 2009, 2009 Eighth IEEE International Symposium on Network Computing and Applications.

[10]  Liusheng Huang,et al.  Privacy preserving computation of trust-value in wireless sensor networks , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[11]  Helen J. Wang,et al.  Applications of secure electronic voting to automated privacy-preserving troubleshooting , 2005, CCS '05.

[12]  Neeli R. Prasad,et al.  Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes , 2012, Wirel. Pers. Commun..

[13]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[14]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, EUROCRYPT.

[15]  Justin Zhijun Zhan,et al.  Privacy-Preserving Collaborative E-Voting , 2008, ISI Workshops.

[16]  Elisa Bertino,et al.  A Decentralized Privacy Preserving Reputation Protocol for the Malicious Adversarial Model , 2013, IEEE Transactions on Information Forensics and Security.

[17]  Yehuda Lindell,et al.  Fair and Efficient Secure Multiparty Computation with Reputation Systems , 2013, IACR Cryptol. ePrint Arch..

[18]  Jan Camenisch,et al.  Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.