Wireless Personal Communications

, Volume 66, Issue 3, pp 559–575 | Cite as

Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes

  • Antonis MichalasEmail author
  • Tassos Dimitriou
  • Thanassis Giannetsos
  • Nikos Komninos
  • Neeli R. Prasad


In this paper, we focus on attacks and defense mechanisms in additive reputation systems. We start by surveying the most important protocols that aim to provide privacy between individual voters. Then, we categorize attacks against additive reputation systems considering both malicious querying nodes and malicious reporting nodes that collaborate in order to undermine the vote privacy of the remaining users. To the best of our knowledge this is the first work that provides a description of such malicious behavior under both semi-honest and malicious model. In light of this analysis we demonstrate the inefficiencies of existing protocols.


Decentralized reputation systems Security Voter privacy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Pavlov, E., Rosenschein, J. S., & Topol, Z. (2004). Supporting privacy in decentralized additive reputation. In Second international conference on trust management (iTrust 2004).Google Scholar
  2. 2.
    Resnick, P., & Zeckhauser, R. (2002). Trust among strangers in Internet transactions: Empirical analysis of eBay’s reputation system. In The economics of the internet and E-commerce.Google Scholar
  3. 3.
    Chor, B., Goldwasser, S., Micali, S., & Awerbuch, B. (1985). Verifiable secret sharing and achieving simultaneity in the presence of faults. In 26th IEEE symposium on foundations of computer science (pp. 383–395).Google Scholar
  4. 4.
    Paillier, P. (1999). Public-key cryptosystems based on composite degree residuosity classes. In Advances in cryptology—EUROCRYPT’99 (pp. 223–238). Berlin, Heidelberg: Springer.Google Scholar
  5. 5.
    Hasan, O., Brunie, L., & Bertino, E. (2010). k-Shares: A privacy preserving reputation protocol for decentralized environments. In the 25th IFIP international information security conference (SEC 2010) (pp. 253–264).Google Scholar
  6. 6.
    Dolev, S., Gilboa, S., & Kopeetsky, M. (2010). Computing multi-party trust privately: In O(n) time units sending one (possibly large) message at a time. In Proceedings of the 2010 ACM symposium on applied computing (SAC ’10), pp. 1460–1465. New York, NY: ACM.Google Scholar
  7. 7.
    Benaloh, J. (1994). Dense probabilistic encryption. In Proceedings of the workshop on selected areas of cryptography, pp. 120–128.Google Scholar
  8. 8.
    Pederson T. (1991) Non-interactive and information secure veriable secret sharing. Advances in Cryptology—Crypto 91: 129–140Google Scholar
  9. 9.
    Dolev, S., Gilboa, N., & Kopeetsky, M. (2010). Computing trust anonymously in the presence of curious users. In Proceedings of the international symposium on stochastic models in reliability engineering, life science and operations management. Beer Sheva: Sami Shamoon College of Engineering.Google Scholar
  10. 10.
    Pohlig S. C., Hellman M. E. (1978) An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory 24(1): 106–110MathSciNetzbMATHCrossRefGoogle Scholar
  11. 11.
    Weis, S. A. (2006). New foundations for efficient authentication, commutative cryptography, and private disjointness testing. PhD thesis, Massachusetts Institute of Technology.Google Scholar
  12. 12.
    Zhang, Y., Wong, W. K., Yiu, S. M., Mamoulis, N., & Cheung, D. W. (2011–2012). Lightweight privacy-preserving peer-to-peer data integration. Technical Report TR-2011-12.Google Scholar

Copyright information

© Springer Science+Business Media, LLC. 2012

Authors and Affiliations

  • Antonis Michalas
    • 1
    • 2
    Email author
  • Tassos Dimitriou
    • 1
  • Thanassis Giannetsos
    • 1
    • 2
  • Nikos Komninos
    • 1
  • Neeli R. Prasad
    • 2
  1. 1.Athens Information TechnologyAlgorithms and Security GroupAthensGreece
  2. 2.Department of Electronic SystemsUniversity of AalborgAalborgDenmark

Personalised recommendations