Affiliation:
1. IMDEA Software Institute, Spain. E-mail: Lydia.Garms@imdea.org
2. Information Security Group, Royal Holloway, University of London, UK. E-mails: S.Ng@rhul.ac.uk, Elizabeth.Quaglia@rhul.ac.uk
3. Ernst&Young, Switzerland. E-mail: giulia.traverso@ey.ch.com
Abstract
When peers rate each other, they may rate inaccurately to boost their own reputation or unfairly lower another’s. This could be mitigated by having a reputation server incentivise accurate ratings with a reward. However, assigning rewards becomes challenging when ratings are anonymous, since the reputation server cannot tell which peers to reward for rating accurately. To address this, we propose an anonymous peer rating system in which users can be rewarded for accurate ratings, and we formally define its model and security requirements. In our system ratings are rewarded in batches, so that users claiming their rewards only reveal they authored one in this batch of ratings. To ensure the anonymity set of rewarded users is not reduced, we also split the reputation server into two entities, the Rewarder, who knows which ratings are rewarded, and the Reputation Holder, who knows which users were rewarded. We give a provably secure construction satisfying all the security properties required. For our construction we use a modification of a Direct Anonymous Attestation scheme to ensure that peers can prove their own reputation when rating others, and that multiple feedback on the same subject can be detected. We then use Linkable Ring Signatures to enable peers to be rewarded for their accurate ratings, while still ensuring that ratings are anonymous. Our work results in a system which allows accurate ratings to be rewarded, whilst still providing anonymity of ratings with respect to the central entities managing the system.
Subject
Computer Networks and Communications,Hardware and Architecture,Safety, Risk, Reliability and Quality,Software