Advertisement

Secure Trust Evaluation Using Multipath and Referral Chain Methods

  • Mohammad G. RaeiniEmail author
  • Mehrdad Nojoumian
Conference paper
  • 122 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11738)

Abstract

The notions of trust and reputation have been well studied and integrated into computer networks and internet-based services, e.g., Amazon and eBay websites. Using trust and reputation as social mechanisms can enhance the quality, reliability and trustworthiness of networks or services. These social mechanisms can also be used to provide better security measures. Indeed, trust and reputation can be considered as soft security methods that compliment hard security techniques. However, data security and privacy are among the primary challenges in trust and reputation systems. We therefore propose a secure trust evaluation (STE) method in which privacy of trust values and corresponding weights are preserved. Our proposed method is constructed based on an information theoretic framework for modeling trust and two approaches that propagate trust in a network, i.e., multipath and referral chain techniques. In other words, we utilize secure multiparty computation to provide protocols by which the nodes in a network will be able to evaluate their trust values in a secure fashion. We also provide a fascinating application of our STE method in the context of network routing protocols.

Keywords

Secure trust evaluation Secure trust measurement Secure multiparty computation Secure function evaluation 

Notes

Acknowledgment

Research was sponsored by the Army Research Office and was accomplished under Grant Number W911NF-18-1-0483. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Office or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation herein.

References

  1. 1.
    Aliasgari, M., Blanton, M., Zhang, Y., Steele, A.: Secure computation on floating point numbers. In: NDSS (2013)Google Scholar
  2. 2.
    Anceaume, E., Guette, G., Lajoie-Mazenc, P., Prigent, N., Tong, V.V.T.: A privacy preserving distributed reputation mechanism. In: 2013 IEEE International Conference on Communications (ICC), pp. 1951–1956. IEEE (2013)Google Scholar
  3. 3.
    Aringhieri, R., Damiani, E., Di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: Fuzzy techniques for trust and reputation management in anonymous peer-to-peer systems. J. Am. Soc. Inform. Sci. Technol. 57(4), 528–537 (2006)CrossRefGoogle Scholar
  4. 4.
    Clark, M.R., Stewart, K., Hopkinson, K.M.: Dynamic, privacy-preserving decentralized reputation systems. IEEE Trans. Mob. Comput. 16(9), 2506–2517 (2017)CrossRefGoogle Scholar
  5. 5.
    Gudes, E., Gal-Oz, N., Grubshtein, A.: Methods for computing trust and reputation while preserving privacy. In: Gudes, E., Vaidya, J. (eds.) DBSec 2009. LNCS, vol. 5645, pp. 291–298. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03007-9_20CrossRefGoogle Scholar
  6. 6.
    Hasan, O., Brunie, L., Bertino, E.: Preserving privacy of feedback providers in decentralized reputation systems. Comput. Secur. 31(7), 816–826 (2012)CrossRefGoogle Scholar
  7. 7.
    Hasan, O., Brunie, L., Bertino, E., Shang, N.: A decentralized privacy preserving reputation protocol for the malicious adversarial model. IEEE Trans. Inf. Forensics Secur. 8(6), 949–962 (2013)CrossRefGoogle Scholar
  8. 8.
    Hendrikx, F., Bubendorfer, K., Chard, R.: Reputation systems: a survey and taxonomy. J. Parallel Distrib. Comput. 75, 184–197 (2015)CrossRefGoogle Scholar
  9. 9.
    Josang, A.: An algebra for assessing trust in certification chains. In: Proceedings of the Network and Distributed Systems Security Symposium (NDSS 1999). The Internet Society (1999)Google Scholar
  10. 10.
    Jøsang, A.: A logic for uncertain probabilities. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 9(03), 279–311 (2001)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)CrossRefGoogle Scholar
  12. 12.
    Jsang, A., Ismail, R.: The beta reputation system. In: Proceedings of the 15th Bled Electronic Commerce Conference, vol. 5, pp. 2502–2511 (2002)Google Scholar
  13. 13.
    Kerschbaum, F.: A verifiable, centralized, coercion-free reputation system. In: Proceedings of the 8th ACM Workshop on Privacy in the Electronic Society, pp. 61–70. ACM (2009)Google Scholar
  14. 14.
    Manchala, D.W.: Trust metrics, models and protocols for electronic commerce transactions. In: Proceedings of the 18th International Conference on Distributed Computing Systems (Cat. No. 98CB36183), pp. 312–321. IEEE (1998)Google Scholar
  15. 15.
    Marsh, S.P.: Formalising trust as a computational concept. Ph.D. thesis, University of Stirling (1994)Google Scholar
  16. 16.
    Micali, S., Rogaway, P.: Secure computation. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 392–404. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_32CrossRefGoogle Scholar
  17. 17.
    Nithyanand, R., Raman, K.: Fuzzy privacy preserving peer-to-peer reputation management. IACR Cryptology ePrint Archive 2009, 442 (2009)Google Scholar
  18. 18.
    Nojoumian, M.: Novel secret sharing and commitment schemes for cryptographic applications. Ph.D. thesis, Department of Computer Science, University of Waterloo, Canada (2012)Google Scholar
  19. 19.
    Nojoumian, M., Golchubian, A., Njilla, L., Kwiat, K., Kamhoua, C.: Incentivizing blockchain miners to avoid dishonest mining strategies by a reputation-based paradigm. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) SAI 2018. AISC, vol. 857, pp. 1118–1134. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-01177-2_81CrossRefGoogle Scholar
  20. 20.
    Nojoumian, M., Lethbridge, T.C.: A new approach for the trust calculation in social networks. In: Filipe, J., Obaidat, M.S. (eds.) ICETE 2006. CCIS, vol. 9, pp. 64–77. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-70760-8_6CrossRefGoogle Scholar
  21. 21.
    Nojoumian, M., Stinson, D.R.: Socio-rational secret sharing as a new direction in rational cryptography. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 18–37. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34266-0_2CrossRefGoogle Scholar
  22. 22.
    Nojoumian, M., Stinson, D.R.: On dealer-free dynamic threshold schemes. Adv. Math. Commun. (AMC) 7(1), 39–56 (2013)MathSciNetCrossRefGoogle Scholar
  23. 23.
    Nojoumian, M., Stinson, D.R., Grainger, M.: Unconditionally secure social secret sharing scheme. IET Inf. Secur. (IFS) Spec. Issue Multi-Agent Distrib. Inf. Secur. 4(4), 202–211 (2010)Google Scholar
  24. 24.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_16CrossRefGoogle Scholar
  25. 25.
    Pavlov, E., Rosenschein, J.S., Topol, Z.: Supporting privacy in decentralized additive reputation systems. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 108–119. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24747-0_9CrossRefGoogle Scholar
  26. 26.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_9CrossRefGoogle Scholar
  27. 27.
    Raeini, M.G., Nojoumian, M.: Comprehensive survey on secure comparison protocols. Tecnical report (2019)Google Scholar
  28. 28.
    Rasmusson, L., Jansson, S.: Simulated social control for secure internet commerce (position paper). In: Proceedings, New Security Paradigms Workshop, Lake Arrowhead (1996)Google Scholar
  29. 29.
    Resnick, P., Zeckhauser, R.: Trust among strangers in internet transactions: Empirical analysis of Ebay’s reputation system. In: The Economics of the Internet and E-commerce, pp. 127–157. Emerald Group Publishing Limited (2002)Google Scholar
  30. 30.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  31. 31.
    Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: a scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Comput. Commun. Rev. 31(4), 149–160 (2001)CrossRefGoogle Scholar
  32. 32.
    Sun, Y.L., Yu, W., Han, Z., Liu, K.R.: Information theoretic framework of trust modeling and evaluation for ad hoc networks. IEEE J. Sel. Areas Commun. 24(2), 305–317 (2006)CrossRefGoogle Scholar
  33. 33.
    Yan, Z., Ding, W., Niemi, V., Vasilakos, A.V.: Two schemes of privacy-preserving trust evaluation. Future Gener. Comput. Syst. 62, 175–189 (2016)CrossRefGoogle Scholar
  34. 34.
    Yao, A.C.: Protocols for secure computations. In: 23rd Annual Symposium on Foundations of Computer Science, SFCS 1908, pp. 160–164. IEEE (1982)Google Scholar
  35. 35.
    Yu, B., Singh, M.P.: A social mechanism of reputation management in electronic communities. In: Klusch, M., Kerschberg, L. (eds.) CIA 2000. LNCS (LNAI), vol. 1860, pp. 154–165. Springer, Heidelberg (2000).  https://doi.org/10.1007/978-3-540-45012-2_15CrossRefGoogle Scholar
  36. 36.
    Yu, B., Singh, M.P.: An evidential model of distributed reputation management. In: Proceedings of the First International Joint Conference on Autonomous Agents and Multiagent Systems: Part 1, pp. 294–301. ACM (2002)Google Scholar
  37. 37.
    Zyskind, G., Nathan, O., et al.: Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE Security and Privacy Workshops (SPW), pp. 180–184. IEEE (2015)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Department of Computer and Electrical Engineering and Computer ScienceFlorida Atlantic UniversityBoca RatonUSA

Personalised recommendations