Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reputation Based Trust The using of reputation to accomplish trust between users on the Internet M.Vološin, R.Gore, Ibe2roč. PF UPJŠ, Košice, Slovakia.

Published byLucy Powers Modified over 8 years ago

Similar presentations

Presentation on theme: "Reputation Based Trust The using of reputation to accomplish trust between users on the Internet M.Vološin, R.Gore, Ibe2roč. PF UPJŠ, Košice, Slovakia."— Presentation transcript:

1 Reputation Based Trust The using of reputation to accomplish trust between users on the Internet M.Vološin, R.Gore, Ibe2roč. PF UPJŠ, Košice, Slovakia

2 Contents What is Reputation Based Trust What is Reputation Based Trust Various systems for Reputation Based Trust on Internet Various systems for Reputation Based Trust on Internet –Human driven environments Auctions systems Auctions systems –Ebay –Amazon Auctions –Yahoo Auctions (retired from June 2007) “Expert Sites” like www.Allexperts.com “Expert Sites” like www.Allexperts.comwww.Allexperts.com Reviews sites like www.Epinions.com Reviews sites like www.Epinions.comwww.Epinions.com Other … Other … –Automated environments P2P networks P2P networks Computing markets and grids Computing markets and grids (One such system we describe here in detail) (One such system we describe here in detail)

3 What is Reputation Based Trust? Anonymity on the Internet Anonymity on the Internet Viruses Viruses Why we trust our friends Why we trust our friends Name + recorded past activities Name + recorded past activities available and visible for everybody available and visible for everybody = Reputation Based Trust = Reputation Based Trust

4 Ebay How to sell goods somebody from Australia? How to make it secure? How to sell goods somebody from Australia? How to make it secure? Feedback forum on Ebay Feedback forum on Ebay Ebay is Auction system Ebay is Auction system Bussiness on Ebay Bussiness on Ebay

5

6

7

8 Reputation Based Trust in Automated Environments P2P networks P2P networks Distributed computation markets Distributed computation markets

9 Distributed Computation Markets The Servers provides service – complicated time- consuming computations And the Clients pay for this. The Servers provides service – complicated time- consuming computations And the Clients pay for this. How to trust a server that it has least-costly, fastest service, how it advertised? How to trust a server that it has least-costly, fastest service, how it advertised? How to ensure that Server performed all work and didn't give fake results? How to ensure that Server performed all work and didn't give fake results? Solution: Proof by computation ”ringers” and “threshold witnessing” mechanism Solution: Proof by computation ”ringers” and “threshold witnessing” mechanism

10 Step 1 – Witness selection Step 1 – Witness selection Step 2 – B sends service request Step 2 – B sends service request Step 3 – Server selection process Step 3 – Server selection process Step 4 – Executing of computation Step 4 – Executing of computation Step 5 – Returning the execution proofs and computation result Step 5 – Returning the execution proofs and computation result Step 6 – Signing new rating by witnesses Step 6 – Signing new rating by witnesses

11

12

13 Building blocks Rating Store management Rating Store management –Every participant stores the most recent data for every other participant –Reputation value can be created or changed only if at least c+1 participants agree. Witness Selection Witness Selection –B select 2c+1 witnesses randomly –creates a multicast channel for the witnesses –sends the (signed) job description: f, the set of input values{x1...xa}, the maximum time B is willing to wait for job completion, the maximum amount B is willing to pay for the computation

14 Server Selection Server Selection –The 2c+1 witnesses selects the most suitable service provider (A) –A is added to the witness multicast group. –One of the witnesses multicasts the job description received from B. Threshold Witnessing Threshold Witnessing –Ringer Generation – Each witness (Wj) selects one random value xz from the input set specified by B in the job description and computes a ringer r j = H(f(xz)) Each witness (Wj) selects one random value xz from the input set specified by B in the job description and computes a ringer r j = H(f(xz)) Wj sends SWj(H(Id(Wj); sid; rj)), its identifier, sid, the ringer, together with the signed digest and Wj's public key certifcate to A Wj sends SWj(H(Id(Wj); sid; rj)), its identifier, sid, the ringer, together with the signed digest and Wj's public key certifcate to A A waits to receive 2c+1 valid messages A waits to receive 2c+1 valid messages A sends a multicast message to all the witnesses with concatenation of all the signed ringers received A sends a multicast message to all the witnesses with concatenation of all the signed ringers received The witnesse, inquire the remaining witnesses for their ringers. The witnesse, inquire the remaining witnesses for their ringers.

15 –Revealing the Ringers A performs the computation and reveals the input values x z hidden in the 2c+1 ringers A performs the computation and reveals the input values x z hidden in the 2c+1 ringers A creates a single message containing Swj (H(Id(Wj); sid; rj)) and SA(H(Id(A); sid; z)), for j = 1...2c+1. There also are the results of the computation, f(x1),...,f(xA), along with its signed digest. A creates a single message containing Swj (H(Id(Wj); sid; rj)) and SA(H(Id(A); sid; z)), for j = 1...2c+1. There also are the results of the computation, f(x1),...,f(xA), along with its signed digest. Each witness Wj verifies the correctness of only its own ringer Each witness Wj verifies the correctness of only its own ringer If any witness Wj discovers that rj <> H(f(xz)), Wj sends a multicast message to all the other witnesses revealing this fact If any witness Wj discovers that rj <> H(f(xz)), Wj sends a multicast message to all the other witnesses revealing this fact The witnesses are able to verify the claim by computing the correct answer to Wj's ringer and compare it with the answer sent back by Alice The witnesses are able to verify the claim by computing the correct answer to Wj's ringer and compare it with the answer sent back by Alice

16 –Signature Generation each witness Wj is able to compute A's new rating each witness Wj is able to compute A's new rating Each Wj then generates a verifiable signature share of A's new reputation Each Wj then generates a verifiable signature share of A's new reputation Wj sends this value, its certified verification key VKj and A's new rating in clear, to all the other witnesses, using the group's multicast channel Wj sends this value, its certified verification key VKj and A's new rating in clear, to all the other witnesses, using the group's multicast channel Each witness waits to receive c correct signature shares for the same new reputation of A as the one generated by itself. Each witness waits to receive c correct signature shares for the same new reputation of A as the one generated by itself. each witness is able to generate the signed new rating of A locally each witness is able to generate the signed new rating of A locally Reputation Distribution Reputation Distribution –The results of the computation are returned to B and the new reputation of A is distributed (by the first witness is in charge on the broadcast channel to all the participants in the system) –Note that a witness cannot simply send an incorrect reputation since it will be easily detected –Punishing Malicious Witnesses

17

18

19 Possible attacks? Bad-mouthing (incorrect negative feedback) Bad-mouthing (incorrect negative feedback) Ballot-stuffing (un-earned positive feedback) Ballot-stuffing (un-earned positive feedback) Lazy behavior Lazy behavior –Improvement: adding fake ringers Sybil Attacks Sybil Attacks Mobile Virus Attacks Mobile Virus Attacks

20 Conclusions With reputation based trust we can make Internet more secure and usable in more areas of our activities. Thank you.

Download ppt "Reputation Based Trust The using of reputation to accomplish trust between users on the Internet M.Vološin, R.Gore, Ibe2roč. PF UPJŠ, Košice, Slovakia."

Similar presentations

Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.

Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.
Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Secure Multiparty Computations on Bitcoin

Secure Multiparty Computations on Bitcoin
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
ITIS 6200/8200. 2 Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07 2007.

KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys
Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi USC.

Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi USC.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Byzantine Generals Problem: Solution using signed messages.

Byzantine Generals Problem: Solution using signed messages.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
RBAC and JXTA 1 Role Based Access Control and the JXTA P2P Framework Mark Stamp Dept. of Computer Science San Jose State University

RBAC and JXTA 1 Role Based Access Control and the JXTA P2P Framework Mark Stamp Dept. of Computer Science San Jose State University
A Secure Fault-Tolerant Conference- Key Agreement Protocol Wen-Guey Tzeng Source : IEEE Transactions on computers Speaker : LIN, KENG-CHU.

A Secure Fault-Tolerant Conference- Key Agreement Protocol Wen-Guey Tzeng Source : IEEE Transactions on computers Speaker : LIN, KENG-CHU.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Anonymity and Security in Public Internet Forums Ho-fung LEUNG Senior Member, IEEE Dept. of Computer Science & Engineering The Chinese University of Hong.

Anonymity and Security in Public Internet Forums Ho-fung LEUNG Senior Member, IEEE Dept. of Computer Science & Engineering The Chinese University of Hong.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Optimistic Synchronous Multi-Party Contract Signing N. Asokan, Baum-Waidner, M. Schunter, M. Waidner Presented By Uday Nayak Advisor: Chris Lynch.

Optimistic Synchronous Multi-Party Contract Signing N. Asokan, Baum-Waidner, M. Schunter, M. Waidner Presented By Uday Nayak Advisor: Chris Lynch.

Similar presentations

Ads by Google