Reputation Based Trust - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

Reputation Based Trust

Description:

Reputation Based Trust. The using of reputation to accomplish trust between users ... Sybil Attacks. Mobile Virus Attacks. Conclusions ... – PowerPoint PPT presentation

Number of Views:147
Avg rating:3.0/5.0
Slides: 21
Provided by: Mar1271
Category:

less

Transcript and Presenter's Notes

Title: Reputation Based Trust


1
Reputation Based Trust
  • The using of reputation to accomplish trust
    between users on the Internet

M.Voloin, R.Gore, Ibe2roc. PF UPJ, Koice,
Slovakia
2
Contents
  • What is Reputation Based Trust
  • Various systems for Reputation Based Trust on
    Internet
  • Human driven environments
  • Auctions systems
  • Ebay
  • Amazon Auctions
  • Yahoo Auctions (retired from June 2007)
  • Expert Sites like www.Allexperts.com
  • Reviews sites like www.Epinions.com
  • Other
  • Automated environments
  • P2P networks
  • Computing markets and grids
  • (One such system we describe here in detail)

3
What is Reputation Based Trust?
  • Anonymity on the Internet
  • Viruses
  • Why we trust our friends
  • Name recorded past activities
  • available and visible for everybody
  • Reputation Based Trust

4
Ebay
  • How to sell goods somebody from Australia? How to
    make it secure?
  • Feedback forum on Ebay
  • Ebay is Auction system
  • Bussiness on Ebay

5
(No Transcript)
6
(No Transcript)
7
(No Transcript)
8
Reputation Based Trust in Automated Environments
  • P2P networks
  • Distributed computation markets

9
Distributed Computation Markets
  • The Servers provides service complicated
    time-consuming computations And the Clients pay
    for this.
  • How to trust a server that it has least-costly,
    fastest service, how it advertised?
  • How to ensure that Server performed all work and
    didn't give fake results?
  • Solution Proof by computation ringers and
    threshold witnessing mechanism

10
  • Step 1 Witness selection
  • Step 2 B sends service request
  • Step 3 Server selection process
  • Step 4 Executing of computation
  • Step 5 Returning the execution proofs and
    computation result
  • Step 6 Signing new rating by witnesses

11
Securing reputation mechanism in computing markets
12
Witnessing details
13
Building blocks
  • Rating Store management
  • Every participant stores the most recent data for
    every other participant
  • Reputation value can be created or changed only
    if at least c1 participants agree.
  • Witness Selection
  • B select 2c1 witnesses randomly
  • creates a multicast channel for the witnesses
  • sends the (signed) job description f, the set of
    input valuesx1...xa, the maximum time B is
    willing to wait for job completion, the maximum
    amount B is willing to pay for the computation

14
  • Server Selection
  • The 2c1 witnesses selects the most suitable
    service provider (A)
  • A is added to the witness multicast group.
  • One of the witnesses multicasts the job
    description received from B.
  • Threshold Witnessing
  • Ringer Generation
  • Each witness (Wj) selects one random value xz
    from the input set specified by B in the job
    description and computes a ringer rj H(f(xz))
  • Wj sends SWj(H(Id(Wj) sid rj)), its identifier,
    sid, the ringer, together with the signed digest
    and Wj's public key certifcate to A
  • A waits to receive 2c1 valid messages
  • A sends a multicast message to all the witnesses
    with concatenation of all the signed ringers
    received
  • The witnesse, inquire the remaining witnesses for
    their ringers.

15
  • Revealing the Ringers
  • A performs the computation and reveals the input
    values xz hidden in the 2c1 ringers
  • A creates a single message containing Swj
    (H(Id(Wj) sid rj)) and SA(H(Id(A) sid z)),
    for j 1...2c1. There also are the results of
    the computation, f(x1),...,f(xA), along with its
    signed digest.
  • Each witness Wj verifies the correctness of only
    its own ringer
  • If any witness Wj discovers that rj ltgt H(f(xz)),
    Wj sends a multicast message to all the other
    witnesses revealing this fact
  • The witnesses are able to verify the claim by
    computing the correct answer to Wj's ringer and
    compare it with the answer sent back by Alice

16
  • Signature Generation
  • each witness Wj is able to compute A's new rating
  • Each Wj then generates a verifiable signature
    share of A's new reputation
  • Wj sends this value, its certified verification
    key VKj and A's new rating in clear, to all the
    other witnesses, using the group's multicast
    channel
  • Each witness waits to receive c correct signature
    shares for the same new reputation of A as the
    one generated by itself.
  • each witness is able to generate the signed new
    rating of A locally
  • Reputation Distribution
  • The results of the computation are returned to B
    and the new reputation of A is distributed (by
    the first witness is in charge on the broadcast
    channel to all the participants in the system)
  • Note that a witness cannot simply send an
    incorrect reputation since it will be easily
    detected
  • Punishing Malicious Witnesses

17
Securing reputation mechanism in computing markets
18
Witnessing details
19
Possible attacks?
  • Bad-mouthing (incorrect negative feedback)
  • Ballot-stuffing (un-earned positive feedback)
  • Lazy behavior
  • Improvement adding fake ringers
  • Sybil Attacks
  • Mobile Virus Attacks

20
Conclusions
  • With reputation based trust we can make Internet
    more secure and usable in more areas of our
    activities.

Thank you.
Write a Comment
User Comments (0)
About PowerShow.com