PRSONA: Private Reputation Supporting Ongoing Network Avatars
Authors: 
Stan Gurtler and Ian GoldbergAuthors Info & Claims
Stan Gurtler and Ian GoldbergAuthors Info & ClaimsNovember 2022
Pages 55 - 68
Abstract
As an increasing amount of social activity moves online, online communities have become important outlets for their members to interact and communicate with one another. At times, these communities may identify opportunities where providing their members specific privacy guarantees would promote new opportunities for healthy social interaction and assure members that their participation can be conducted safely. On the other hand, communities also face the threat of bad actors, who may wish to disrupt their activities or bring harm to members. Reputation can help mitigate the threat of such bad actors, and there has been a wide body of work on privacy-preserving reputation systems. However, previous work has overlooked the needs of small, tight-knit communities, failing to provide important privacy guarantees or address shortcomings with common implementations of reputation. This work features a novel design for a privacy-preserving reputation system which provides these privacy guarantees and implements a more appropriate reputation function for this setting. Further, this work implements and benchmarks said system to determine its viability in real-world deployment. This novel construction addresses shortcomings with previous approaches and provides new opportunity to its target audience.
References
[1]
Sharad Agarwal, Travis Dawson, and Christos Tryfonas. DDoS mitigation via regional cleaning centers. Technical report, Sprint ATL, January 2004.
[2]
Carlos Aguilar Melchor, Boussad Ait-Salem, and Philippe Gaborit. A collusionresistant distributed scalar product protocol with application to privacypreserving computation of trust. In 2009 Eighth IEEE International Symposium on Network Computing and Applications, pages 140--147, July 2009.
[3]
Jay Allen. The invasion boards that set out to ruin lives. https://boingboing.net/ 2015/01/19/invasion-boards-set-out-to-rui.html, January 2015.
[4]
Yonatan Aumann and Yehuda Lindell. Security against covert adversaries: Efficient protocols for realistic adversaries. In Salil P. Vadhan, editor, Theory of Cryptography, pages 137--156, Berlin, Heidelberg, 2007. Springer Berlin Heidelberg.
[5]
Dan Boneh, Eu-Jin Goh, and Kobbi Nissim. Evaluating 2-dnf formulas on ciphertexts. In Joe Kilian, editor, Theory of Cryptography, pages 325--341, Berlin, Heidelberg, 2005. Springer Berlin Heidelberg.
[6]
Jan Camenisch and Markus Stadler. Efficient Group Signature Schemes for Large Groups. In CRYPTO 1997, pages 410--424, 1997.
[7]
CBS News. Facebook whistleblower Frances Haugen testifies before Senate committee | full video. https://www.youtube.com/watch?v=juZEkeTjTRY, October 2021.
[8]
Tassos Dimitriou. Decentralized reputation. In Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy, CODASPY '21, pages 119--130, New York, NY, USA, 2021. Association for Computing Machinery.
[9]
Robin Ian MacDonald Dunbar. Neocortex size as a constraint on group size in primates. Journal of Human Evolution, 22(6):469--493, 1992.
[10]
Taher Elgamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4):469--472, 1985.
[11]
David Mandell Freeman. Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In Henri Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, pages 44--61, Berlin, Heidelberg, 2010. Springer Berlin Heidelberg.
[12]
Stan Gurtler and Ian Goldberg. SoK: Privacy-preserving reputation systems. Proceedings on Privacy Enhancing Technologies, 2021(1):107--127, 2021.
[13]
Sufian Hameed and Hassan Ahmed Khan. Leveraging SDN for collaborative DDoS mitigation. In 2017 International Conference on Networked Systems (NetSys), pages 1--6, 2017.
[14]
Ryan Henry and Ian Goldberg. Batch proofs of partial knowledge. In Michael Jacobson, Michael Locasto, Payman Mohassel, and Reihaneh Safavi-Naini, editors, Applied Cryptography and Network Security, pages 502--517, Berlin, Heidelberg, 2013. Springer Berlin Heidelberg.
[15]
Vincent Herbert, Bhaskar Biswas, and Caroline Fontaine. Design and implementation of low-depth pairing-based homomorphic encryption scheme. Journal of Cryptographic Engineering, 9(2):185--201, June 2019.
[16]
Aapo Kalliola, Kiryong Lee, Heejo Lee, and Tuomas Aura. Flooding DDoS mitigation and traffic management with software defined networking. In 2015 IEEE 4th International Conference on Cloud Networking (CloudNet), pages 248--254, 2015.
[17]
Karen Hao. The Facebook whistleblower says its algorithms are dangerous. Here's why. https://www.technologyreview.com/2021/10/05/1036519/facebookwhistleblower-frances-haugen-algorithms/, October 2021.
[18]
Soon Hin Khor and Akihiro Nakao. DaaS: DDoS mitigation-as-a-service. In 2011 IEEE/IPSJ International Symposium on Applications and the Internet, pages 160--171, 2011.
[19]
Vishnu Teja Kilari, Ruozhou Yu, Satyajayant Misra, and Guoliang Xue. EARS: Enabling private feedback updates in anonymous reputation systems. In 2020 IEEE Conference on Communications and Network Security (CNS), pages 1--9, 2020.
[20]
Patrick Lindenfors, Andreas Wartel, and Johan Lind. 'Dunbar's number' deconstructed. Biology Letters, 17(5):1--4, April 2021.
[21]
Michael Naehrig, Ruben Niederhagen, and Peter Schwabe. New software speed records for cryptographic pairings. In Proceedings of the First International Conference on Progress in Cryptology: Cryptology and Information Security in Latin America, LATINCRYPT'10, pages 109--123, Berlin, Heidelberg, 2010. SpringerVerlag.
[22]
Arvind Narayanan, Hristo S. Paskov, Neil Zhenqiang Gong, John Bethencourt, Emil Stefanov, Eui Chul Richard Shin, and Dawn Xiaodong Song. On the feasibility of internet-scale author identification. 2012 IEEE Symposium on Security and Privacy, pages 300--314, 2012.
[23]
Elan Pavlov, Jeffrey S. Rosenschein, and Zvi Topol. Supporting privacy in decentralized additive reputation systems. In Christian Jensen, Stefan Poslad, and Theo Dimitrakos, editors, Trust Management, pages 108--119, Berlin, Heidelberg, 2004. Springer Berlin Heidelberg.
[24]
Margaret Pless. Kiwi Farms, the web's biggest community of stalkers. https://nymag.com/intelligencer/2016/07/kiwi-farms-the-webs-biggestcommunity-of-stalkers.html, July 2016.
[25]
John M Pollard. Monte Carlo methods for index computation (mod p). Mathematics of Computation, 32(143):918--924, 1978.
[26]
Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, and Hervé Debar. Towards autonomic DDoS mitigation using software defined networking. In SENT 2015: NDSS Workshop on Security of Emerging Networking Technologies, San Diego, Ca, United States, February 2015. Internet Society.
[27]
Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, and Hervé Debar. ArOMA: An SDN based autonomic DDoS mitigation framework. Computers & Security, 70:482--499, 2017.
[28]
Kyle Soska, Albert Kwon, Nicolas Christin, and Srinivas Devadas. Beaver: A decentralized anonymous marketplace with secure reputation. Cryptology ePrint Archive, Report 2016/464, 2016. https://eprint.iacr.org/2016/464.
[29]
Adam Steinbaugh. Kevin Bollaert sentenced to 18 years over revenge porn site "You Got Posted". http://adamsteinbaugh.com/2015/04/03/kevin-bollaertsentenced-to-years-over-revenge-porn-site-you-got-posted/, April 2015.
[30]
Jonathan Wells. Tyler Oakley: How the internet revolutionised LGBT life. https://www.telegraph.co.uk/men/thinking-man/tyler-oakley-how-theinternet-revolutionised-lgbt-life/, November 2015.
[31]
Danfeng Yao, Roberto Tamassia, and Seth Proctor. Private distributed scalar product protocol with application to privacy-preserving computation of trust. In Sandro Etalle and Stephen Marsh, editors, Trust Management, pages 1--16, Boston, MA, 2007. Springer US.
[32]
Ennan Zhai, David Isaac Wolinsky, Ruichuan Chen, Ewa Syta, Chao Teng, and Bryan Ford. AnonRep: Towards tracking-resistant anonymous reputation. In 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16), pages 583--596. USENIX Association, March 2016.
[33]
Mingwu Zhang, Yong Xia, Ou Yuan, and Kirill Morozov. Privacy-friendly weighted-reputation aggregation protocols against malicious adversaries in cloud services. International Journal of Communication Systems, 29(12):1863--1872, 2016.
[34]
Luying Zhou, Huaqun Guo, and Gelei Deng. A fog computing based approach to DDoS mitigation in IIoT systems. Computers & Security, 85:51--62, 2019
Index Terms
- PRSONA: Private Reputation Supporting Ongoing Network Avatars
Recommendations
Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection
The massive amount of sensitive survey data about individuals that agencies collect and share through the Internet is causing a great deal of privacy concerns. These concerns may discourage individuals from revealing their sensitive information. ...
Doxing: a conceptual analysis
Doxing is the intentional public release onto the Internet of personal information about an individual by a third party, often with the intent to humiliate, threaten, intimidate, or punish the identified individual. In this paper I present a conceptual ...
(α, k)-anonymous data publishing
Privacy preservation is an important issue in the release of data for mining purposes. The k-anonymity model has been introduced for protecting individual identification. Recent studies show that a more sophisticated model is necessary to protect the ...
Comments
Information & Contributors
Information
Published In
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 November 2022
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
Conference
CCS '22
Sponsor:
CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security
November 7, 2022
CA, Los Angeles, USA
Acceptance Rates
Overall Acceptance Rate 106 of 355 submissions, 30%
Upcoming Conference
CCS '24
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 68Total Downloads
- Downloads (Last 12 months)32
- Downloads (Last 6 weeks)0
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in