Extending Signatures of Reputation

Reputation mechanisms are a powerful tool to reduce the potential risk of interacting with almost or completely unknown users in environments in which there is no incentive to behave trustworthily, e.g. in open and large-scale systems. However, by collecting feedback about users, reputation mechanisms can easily be manipulated to deduce users’ profiles; thus, these mechanisms jeopardize users’ privacy, which clearly compromise their wide adoption. Privacy-preserving reputation mechanisms have recently been proposed to solve this issue. All the proposed designs either rely on a trusted central authority to handle the casting of votes and the derivation of reputation scores, or are based on a distributed environment and use cryptographic tools (e.g. non-interactive zero-knowledge proofs of knowledge and homomorphic encryption) to demonstrate the validity of votes and reputation scores. However, to the best of our knowledge, all the proposed distributed mechanisms produce solely monotonic reputation scores: whatever the outcome of an interaction, a service provider’s reputation can never decrease. In this article, we propose a distributed privacy-preserving reputation mechanism handling both positive and negative votes. This is achieved by combining algorithms and tools from both the distributed and the cryptographic communities.