GDPR-Compliant Reputation System Based on Self-certifying Domain Signatures

  • Mirosław KutyłowskiEmail author
  • Jakub LemieszEmail author
  • Marta Słowik
  • Marcin Słowik
  • Kamil Kluczniak
  • Maciej Gebala
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11879)


Creating a distributed reputation system compliant with the GDPR Regulation faces a number of problems. Each record should be protected regarding its integrity and origin, while the record’s author should remain anonymous, as long as there is no justified legal reason to reveal his real identity. Thereby, the standard digital signatures cannot be applied to secure the records.

In this paper we propose a Privacy Aware Distributed Reputation Evaluation system, where each subject of evaluation holds its recommendation record. By application of a novel technique of domain signatures we are able to guarantee that (a) integrity of each entry is strongly protected; in particular, the evaluation subject cannot modify it, (b) the author of each entry is anonymous, however all entries of the same author on the same subject appear under the same pseudonym (so the Sybil attacks are repelled), (c) the entries corresponding to the same author but for different evaluation subjects are unlinkable, (d) only registered users can create valid entries, (e) the real identity of the author of an entry can be revealed by relevant authorities by running a multi-party protocol, (f) for each entry one can create a pseudorandom key in a deterministic way.

The first five features correspond directly to the requirements of the GDPR Regulation. In particular, they guard against profiling the users based on the entries created by them.

In order to facilitate practical applications we propose to maintain a pseudorandom sample of all entries concerning a given evaluation subject. We show how to guarantee that the sample is fairly chosen despite the fact that the sample is kept by the evaluation subject. We present a few strategies enabling to mimic some important probability distributions for choosing the sample.


Reputation system Privacy Anonymity Pseudonym Domain signature LRSW Certificate GDPR Probabilistic counter Random sample 


  1. 1.
    Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: Domain-specific pseudonymous signatures for the German identity card. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 104–119. Springer, Heidelberg (2012). Scholar
  2. 2.
    Brickell, E., Li, J.: Enhanced privacy ID from bilinear pairing for hardware authentication and attestation. In: 2010 IEEE 2nd International Conference on Social Computing, pp. 768–775, August 2010Google Scholar
  3. 3.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM (2004)Google Scholar
  4. 4.
    Brickell, E., Li, J.: Enhanced privacy ID: a direct anonymous attestation scheme with enhanced revocation capabilities. Cryptology ePrint Archive, Report 2007/194 (2007)Google Scholar
  5. 5.
    BSI: Technical guideline TR-03110 v2.21 - advanced security mechanisms for machine readable travel documents and eIDAS token (2016).
  6. 6.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004). Scholar
  7. 7.
    Chassaing, P., Gerin, L.: Efficient estimation of the cardinality of large data sets. In: 4th Colloquium on Mathematics and Computer Science, DMTCS Proceedings, pp. 419–422 (2006)Google Scholar
  8. 8.
    Cichoń, J., Lemiesz, J., Szpankowski, W., Zawada, M.: Two-phase cardinality estimation protocols for sensor networks with provable precision. In: Proceedings of IEEE Wireless Communications and Networking Conference, WCNC 2012, Paris, France. IEEE, April 2012Google Scholar
  9. 9.
    Cichoń, J., Lemiesz, J., Zawada, M.: On cardinality estimation protocols for wireless sensor networks. In: Frey, H., Li, X., Ruehrup, S. (eds.) ADHOC-NOW 2011. LNCS, vol. 6811, pp. 322–331. Springer, Heidelberg (2011). Scholar
  10. 10.
    David, H., Nagaraja, H.: Order Statistics. Wiley Series in Probability and Mathematical Statistics. Wiley, Hoboken (2003)CrossRefGoogle Scholar
  11. 11.
    Giroire, F.: Order statistics and estimating cardinalities of massive data sets. Discrete Appl. Math. 157(2), 406–427 (2009)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Group, T.C.: Main Specification version 2.0 (2016).
  13. 13.
    Hanzlik, L., Kutyłowski, M., Yung, M.: Hard invalidation of electronic signatures. In: Lopez, J., Wu, Y. (eds.) ISPEC 2015. LNCS, vol. 9065, pp. 421–436. Springer, Cham (2015). Scholar
  14. 14.
    Intel: Intel Software Guard Extensions (Intel SGX).
  15. 15.
    ISO/EIC: 20008–1:2013, anonymous digital signatures - part 1: General (2013).
  16. 16.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)CrossRefGoogle Scholar
  17. 17.
    Kolonko, M., Wäsch, D.: Sequential reservoir sampling with a nonuniform distribution. ACM Trans. Math. Softw. 32(2), 257–273 (2006)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Liau, C.Y., Zhou, X., Bressan, S., Tan, K.-L.: Efficient distributed reputation scheme for peer-to-peer systems. In: Chung, C.-W., Kim, C.-K., Kim, W., Ling, T.-W., Song, K.-H. (eds.) HSI 2003. LNCS, vol. 2713, pp. 54–63. Springer, Heidelberg (2003). Scholar
  19. 19.
    Slowik, M., Wszola, M.: An efficient verification of CL-LRSW signatures and a pseudonym certificate system. In: Proceedings of the 4th ACM International Workshop on ASIA Public-Key Cryptography, APKC 2017, New York, NY, USA, pp. 13–23. ACM (2017)Google Scholar
  20. 20.
    Teacy, W.T.L., Patel, J., Jennings, N.R., Luck, M., Systems, M.: Coping with inaccurate reputation sources: experimental analysis of a probabilistic trust model. In: Proceedings of the 4th International Joint Conference on Autonomous Agents and Multiagent Systems, AAMAS 2005, pp. 997–1004. ACM Press (2005)Google Scholar
  21. 21.
    The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ec (General Data Protection Regulation). Official Journal of the European Union 119(1) (2016)Google Scholar
  22. 22.
    Whang, K.Y., Vander-Zanden, B.T., Taylor, H.M.: A linear-time probabilistic counting algorithm for database applications. ACM Trans. Database Syst. 15(2), 208–229 (1990)CrossRefGoogle Scholar
  23. 23.
    Zhou, R., Hwang, K.: PowerTrust: a robust and scalable reputation system for trusted peer-to-peer computing. IEEE Trans. Parallel Distrib. Syst. 18(4), 460–473 (2007)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Mirosław Kutyłowski
    • 1
    Email author
  • Jakub Lemiesz
    • 1
    Email author
  • Marta Słowik
    • 1
  • Marcin Słowik
    • 1
  • Kamil Kluczniak
    • 2
  • Maciej Gebala
    • 1
  1. 1.Department of Computer Science, Faculty of Fundamental Problems of TechnologyWrocław University of Science and TechnologyWrocławPoland
  2. 2.CISPA Helmholtz Center for Information SecuritySaarbrückenGermany

Personalised recommendations