Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Selected papers from the 12th Conference on Security and Cryptography for Networks
Guest editors: Clemente Galdi and Vladimir Kolesnikov
Article type: Research Article
Authors: Garms, Lydiaa; b; **; * | Ng, Siaw-Lynnb | Quaglia, Elizabeth A.b | Traverso, Giuliac
Affiliations: [a] IMDEA Software Institute, Spain. E-mail: Lydia.Garms@imdea.org | [b] Information Security Group, Royal Holloway, University of London, UK. E-mails: S.Ng@rhul.ac.uk, Elizabeth.Quaglia@rhul.ac.uk | [c] Ernst&Young, Switzerland. E-mail: giulia.traverso@ey.ch.com
Correspondence: [*] Corresponding author. E-mail: Lydia.Garms@imdea.org.
Note: [1] This paper is an extended and revised version of a paper presented at the 12th Conference on Security and Cryptography for Networks.
Note: [**] The author was supported by the EPSRC and the UK government as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London (EP/K035584/1) and by the InnovateUK funded project AQuaSec.
Abstract: When peers rate each other, they may rate inaccurately to boost their own reputation or unfairly lower another’s. This could be mitigated by having a reputation server incentivise accurate ratings with a reward. However, assigning rewards becomes challenging when ratings are anonymous, since the reputation server cannot tell which peers to reward for rating accurately. To address this, we propose an anonymous peer rating system in which users can be rewarded for accurate ratings, and we formally define its model and security requirements. In our system ratings are rewarded in batches, so that users claiming their rewards only reveal they authored one in this batch of ratings. To ensure the anonymity set of rewarded users is not reduced, we also split the reputation server into two entities, the Rewarder, who knows which ratings are rewarded, and the Reputation Holder, who knows which users were rewarded. We give a provably secure construction satisfying all the security properties required. For our construction we use a modification of a Direct Anonymous Attestation scheme to ensure that peers can prove their own reputation when rating others, and that multiple feedback on the same subject can be detected. We then use Linkable Ring Signatures to enable peers to be rewarded for their accurate ratings, while still ensuring that ratings are anonymous. Our work results in a system which allows accurate ratings to be rewarded, whilst still providing anonymity of ratings with respect to the central entities managing the system.
Keywords: Reputation, incentives, anonymity
DOI: 10.3233/JCS-200113
Journal: Journal of Computer Security, vol. 30, no. 1, pp. 109-165, 2022
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl