GDPR-Compliant Reputation System Based on Self-certifying Domain Signatures
Creating a distributed reputation system compliant with the GDPR Regulation faces a number of problems. Each record should be protected regarding its integrity and origin, while the record’s author should remain anonymous, as long as there is no justified legal reason to reveal his real identity. Thereby, the standard digital signatures cannot be applied to secure the records.
In this paper we propose a Privacy Aware Distributed Reputation Evaluation system, where each subject of evaluation holds its recommendation record. By application of a novel technique of domain signatures we are able to guarantee that (a) integrity of each entry is strongly protected; in particular, the evaluation subject cannot modify it, (b) the author of each entry is anonymous, however all entries of the same author on the same subject appear under the same pseudonym (so the Sybil attacks are repelled), (c) the entries corresponding to the same author but for different evaluation subjects are unlinkable, (d) only registered users can create valid entries, (e) the real identity of the author of an entry can be revealed by relevant authorities by running a multi-party protocol, (f) for each entry one can create a pseudorandom key in a deterministic way.
The first five features correspond directly to the requirements of the GDPR Regulation. In particular, they guard against profiling the users based on the entries created by them.
In order to facilitate practical applications we propose to maintain a pseudorandom sample of all entries concerning a given evaluation subject. We show how to guarantee that the sample is fairly chosen despite the fact that the sample is kept by the evaluation subject. We present a few strategies enabling to mimic some important probability distributions for choosing the sample.
KeywordsReputation system Privacy Anonymity Pseudonym Domain signature LRSW Certificate GDPR Probabilistic counter Random sample
- 2.Brickell, E., Li, J.: Enhanced privacy ID from bilinear pairing for hardware authentication and attestation. In: 2010 IEEE 2nd International Conference on Social Computing, pp. 768–775, August 2010Google Scholar
- 3.Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM (2004)Google Scholar
- 4.Brickell, E., Li, J.: Enhanced privacy ID: a direct anonymous attestation scheme with enhanced revocation capabilities. Cryptology ePrint Archive, Report 2007/194 (2007)Google Scholar
- 5.BSI: Technical guideline TR-03110 v2.21 - advanced security mechanisms for machine readable travel documents and eIDAS token (2016). https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html
- 7.Chassaing, P., Gerin, L.: Efficient estimation of the cardinality of large data sets. In: 4th Colloquium on Mathematics and Computer Science, DMTCS Proceedings, pp. 419–422 (2006)Google Scholar
- 8.Cichoń, J., Lemiesz, J., Szpankowski, W., Zawada, M.: Two-phase cardinality estimation protocols for sensor networks with provable precision. In: Proceedings of IEEE Wireless Communications and Networking Conference, WCNC 2012, Paris, France. IEEE, April 2012Google Scholar
- 12.Group, T.C.: Main Specification version 2.0 (2016). https://trustedcomputinggroup.org/tpm-main-specification/
- 14.Intel: Intel Software Guard Extensions (Intel SGX). https://software.intel.com/en-us/sgx
- 15.ISO/EIC: 20008–1:2013, anonymous digital signatures - part 1: General (2013). https://www.iso.org/standard/57018.html
- 18.Liau, C.Y., Zhou, X., Bressan, S., Tan, K.-L.: Efficient distributed reputation scheme for peer-to-peer systems. In: Chung, C.-W., Kim, C.-K., Kim, W., Ling, T.-W., Song, K.-H. (eds.) HSI 2003. LNCS, vol. 2713, pp. 54–63. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-45036-X_6CrossRefGoogle Scholar
- 19.Slowik, M., Wszola, M.: An efficient verification of CL-LRSW signatures and a pseudonym certificate system. In: Proceedings of the 4th ACM International Workshop on ASIA Public-Key Cryptography, APKC 2017, New York, NY, USA, pp. 13–23. ACM (2017)Google Scholar
- 20.Teacy, W.T.L., Patel, J., Jennings, N.R., Luck, M., Systems, M.: Coping with inaccurate reputation sources: experimental analysis of a probabilistic trust model. In: Proceedings of the 4th International Joint Conference on Autonomous Agents and Multiagent Systems, AAMAS 2005, pp. 997–1004. ACM Press (2005)Google Scholar
- 21.The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ec (General Data Protection Regulation). Official Journal of the European Union 119(1) (2016)Google Scholar