Skip to main content

Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes

Abstract

In this paper, we focus on attacks and defense mechanisms in additive reputation systems. We start by surveying the most important protocols that aim to provide privacy between individual voters. Then, we categorize attacks against additive reputation systems considering both malicious querying nodes and malicious reporting nodes that collaborate in order to undermine the vote privacy of the remaining users. To the best of our knowledge this is the first work that provides a description of such malicious behavior under both semi-honest and malicious model. In light of this analysis we demonstrate the inefficiencies of existing protocols.

This is a preview of subscription content, access via your institution.

References

  1. Pavlov, E., Rosenschein, J. S., & Topol, Z. (2004). Supporting privacy in decentralized additive reputation. In Second international conference on trust management (iTrust 2004).

  2. Resnick, P., & Zeckhauser, R. (2002). Trust among strangers in Internet transactions: Empirical analysis of eBay’s reputation system. In The economics of the internet and E-commerce.

  3. Chor, B., Goldwasser, S., Micali, S., & Awerbuch, B. (1985). Verifiable secret sharing and achieving simultaneity in the presence of faults. In 26th IEEE symposium on foundations of computer science (pp. 383–395).

  4. Paillier, P. (1999). Public-key cryptosystems based on composite degree residuosity classes. In Advances in cryptology—EUROCRYPT’99 (pp. 223–238). Berlin, Heidelberg: Springer.

  5. Hasan, O., Brunie, L., & Bertino, E. (2010). k-Shares: A privacy preserving reputation protocol for decentralized environments. In the 25th IFIP international information security conference (SEC 2010) (pp. 253–264).

  6. Dolev, S., Gilboa, S., & Kopeetsky, M. (2010). Computing multi-party trust privately: In O(n) time units sending one (possibly large) message at a time. In Proceedings of the 2010 ACM symposium on applied computing (SAC ’10), pp. 1460–1465. New York, NY: ACM.

  7. Benaloh, J. (1994). Dense probabilistic encryption. In Proceedings of the workshop on selected areas of cryptography, pp. 120–128.

  8. Pederson T. (1991) Non-interactive and information secure veriable secret sharing. Advances in Cryptology—Crypto 91: 129–140

    Google Scholar 

  9. Dolev, S., Gilboa, N., & Kopeetsky, M. (2010). Computing trust anonymously in the presence of curious users. In Proceedings of the international symposium on stochastic models in reliability engineering, life science and operations management. Beer Sheva: Sami Shamoon College of Engineering.

  10. Pohlig S. C., Hellman M. E. (1978) An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory 24(1): 106–110

    MathSciNet  MATH  Article  Google Scholar 

  11. Weis, S. A. (2006). New foundations for efficient authentication, commutative cryptography, and private disjointness testing. PhD thesis, Massachusetts Institute of Technology.

  12. Zhang, Y., Wong, W. K., Yiu, S. M., Mamoulis, N., & Cheung, D. W. (2011–2012). Lightweight privacy-preserving peer-to-peer data integration. Technical Report TR-2011-12.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Antonis Michalas.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Michalas, A., Dimitriou, T., Giannetsos, T. et al. Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes. Wireless Pers Commun 66, 559–575 (2012). https://doi.org/10.1007/s11277-012-0734-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-012-0734-z

Keywords

  • Decentralized reputation systems
  • Security
  • Voter privacy