Abstract
In this paper, we focus on attacks and defense mechanisms in additive reputation systems. We start by surveying the most important protocols that aim to provide privacy between individual voters. Then, we categorize attacks against additive reputation systems considering both malicious querying nodes and malicious reporting nodes that collaborate in order to undermine the vote privacy of the remaining users. To the best of our knowledge this is the first work that provides a description of such malicious behavior under both semi-honest and malicious model. In light of this analysis we demonstrate the inefficiencies of existing protocols.
Similar content being viewed by others
References
Pavlov, E., Rosenschein, J. S., & Topol, Z. (2004). Supporting privacy in decentralized additive reputation. In Second international conference on trust management (iTrust 2004).
Resnick, P., & Zeckhauser, R. (2002). Trust among strangers in Internet transactions: Empirical analysis of eBay’s reputation system. In The economics of the internet and E-commerce.
Chor, B., Goldwasser, S., Micali, S., & Awerbuch, B. (1985). Verifiable secret sharing and achieving simultaneity in the presence of faults. In 26th IEEE symposium on foundations of computer science (pp. 383–395).
Paillier, P. (1999). Public-key cryptosystems based on composite degree residuosity classes. In Advances in cryptology—EUROCRYPT’99 (pp. 223–238). Berlin, Heidelberg: Springer.
Hasan, O., Brunie, L., & Bertino, E. (2010). k-Shares: A privacy preserving reputation protocol for decentralized environments. In the 25th IFIP international information security conference (SEC 2010) (pp. 253–264).
Dolev, S., Gilboa, S., & Kopeetsky, M. (2010). Computing multi-party trust privately: In O(n) time units sending one (possibly large) message at a time. In Proceedings of the 2010 ACM symposium on applied computing (SAC ’10), pp. 1460–1465. New York, NY: ACM.
Benaloh, J. (1994). Dense probabilistic encryption. In Proceedings of the workshop on selected areas of cryptography, pp. 120–128.
Pederson T. (1991) Non-interactive and information secure veriable secret sharing. Advances in Cryptology—Crypto 91: 129–140
Dolev, S., Gilboa, N., & Kopeetsky, M. (2010). Computing trust anonymously in the presence of curious users. In Proceedings of the international symposium on stochastic models in reliability engineering, life science and operations management. Beer Sheva: Sami Shamoon College of Engineering.
Pohlig S. C., Hellman M. E. (1978) An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory 24(1): 106–110
Weis, S. A. (2006). New foundations for efficient authentication, commutative cryptography, and private disjointness testing. PhD thesis, Massachusetts Institute of Technology.
Zhang, Y., Wong, W. K., Yiu, S. M., Mamoulis, N., & Cheung, D. W. (2011–2012). Lightweight privacy-preserving peer-to-peer data integration. Technical Report TR-2011-12.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Michalas, A., Dimitriou, T., Giannetsos, T. et al. Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes. Wireless Pers Commun 66, 559–575 (2012). https://doi.org/10.1007/s11277-012-0734-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-012-0734-z