TY - GEN
T1 - Street Rep
T2 - 19th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2023
AU - Hauser, Christophe
AU - Nilizadeh, Shirin
AU - Shoshitaishvili, Yan
AU - Trieu, Ni
AU - Ravi, Srivatsan
AU - Kruegel, Christopher
AU - Vigna, Giovanni
N1 - Publisher Copyright:
© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2025.
PY - 2025
Y1 - 2025
N2 - Over the last decade, online reputation has become a central aspect of our digital lives. Most online services and communities assign a reputation score to users, based on feedback from other users about various criteria such as how reliable, helpful, or knowledgeable a person is. While many online services compute reputation based on the same set of such criteria, users currently do not have the ability to use their reputation scores across services. As a result, users face trouble establishing themselves on new services or trusting each other on services that do not support reputation tracking. Existing systems that aggregate reputation scores, unfortunately, provide no guarantee in terms of user privacy, and their use makes user accounts linkable. Such a lack of privacy may result in embarrassment, or worse, place users in danger. In this paper, we present Street Rep, a practical system for aggregating user reputation scores in a privacy-preserving manner. Street Rep makes it possible for users to provide their aggregated scores over multiple services without revealing their respective identities on each service. We discuss our novel approach for tamper-proof privacy preserving score aggregation from multiple sources by combining existing techniques such as blind signatures, homomorphic signatures and private information retrieval. We discuss its practicality and resiliency against different types of attacks. We also built a prototype implementation of Street Rep. Our evaluation demonstrates that Street Rep (a) performs efficiently and (b) practically scales to a large user base.
AB - Over the last decade, online reputation has become a central aspect of our digital lives. Most online services and communities assign a reputation score to users, based on feedback from other users about various criteria such as how reliable, helpful, or knowledgeable a person is. While many online services compute reputation based on the same set of such criteria, users currently do not have the ability to use their reputation scores across services. As a result, users face trouble establishing themselves on new services or trusting each other on services that do not support reputation tracking. Existing systems that aggregate reputation scores, unfortunately, provide no guarantee in terms of user privacy, and their use makes user accounts linkable. Such a lack of privacy may result in embarrassment, or worse, place users in danger. In this paper, we present Street Rep, a practical system for aggregating user reputation scores in a privacy-preserving manner. Street Rep makes it possible for users to provide their aggregated scores over multiple services without revealing their respective identities on each service. We discuss our novel approach for tamper-proof privacy preserving score aggregation from multiple sources by combining existing techniques such as blind signatures, homomorphic signatures and private information retrieval. We discuss its practicality and resiliency against different types of attacks. We also built a prototype implementation of Street Rep. Our evaluation demonstrates that Street Rep (a) performs efficiently and (b) practically scales to a large user base.
UR - http://www.scopus.com/inward/record.url?scp=85207543593&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85207543593&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-64954-7_18
DO - 10.1007/978-3-031-64954-7_18
M3 - Conference contribution
AN - SCOPUS:85207543593
SN - 9783031649530
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 345
EP - 368
BT - Security and Privacy in Communication Networks - 19th EAI International Conference, SecureComm 2023, Proceedings
A2 - Duan, Haixin
A2 - Debbabi, Mourad
A2 - de Carné de Carnavalet, Xavier
A2 - Luo, Xiapu
A2 - Au, Man Ho Allen
A2 - Du, Xiaojiang
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 19 October 2023 through 21 October 2023
ER -