Three Steps in Each Round A E(R A ) Nym C R c B E(R B ) Nym A R a Step1: Announcement C E(R C ) Nym D R d D E(R D ) Nym B R b Run by servers ... ... ... ... Reputation list Fresh pseudonym list Step2: Message Posting ID Msg User Score 1 Hi Nym B 3 2 Hello Nym A 2 ... ... ... ...
Three Steps in Each Round A E(R A ) Nym C R c B E(R B ) Nym A R a Step1: Announcement C E(R C ) Nym D R d D E(R D ) Nym B R b Run by servers ... ... ... ... Reputation list Fresh pseudonym list Step2: Message Posting A E(R’ A ) B E(R’ B ) C E(R’ C ) D E(R’ D ) ID Msg User Score ... ... 1 Hi Nym B 3 Step3: Feedback Updated Collection Reputation list 2 Hello Nym A 2 ... ... ... ... Run by servers
Step1: Announcement
Step1: Announcement S 1 S 2 S 3 -1 Reputations have been encrypted Reputation List Fresh Nym List by all the servers
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List * C. Andrew Neff. A verifiable secret shuffle and its application to e-voting. In CCS’01.
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List
Step1: Announcement S 1 S 2 S 3 Reputation List Shuffle Fresh Nym List
Step1: Announcement Proof S 1 S 2 S 3 Reputation List Shuffle Fresh Nym List
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List
Step1: Announcement Proof S 1 S 2 S 3 Reputation List Fresh Nym List Shuffle
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List
Step1: Announcement S 1 S 2 S 3 Reputation List Fresh Nym List
Step2: Message Posting
Step2: Message Posting Nym Score -2 Nym C Nym A 2 Nym D -1 Nym B 3 ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C Nym A 2 Nym D -1 ... ... ... ... Nym B 3 ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C Nym A 2 Nym D -1 ... ... ... ... Nym B 3 Bob ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C Nym A 2 Nym D -1 ... ... ... ... Nym B 3 Bob (“Hi”, Nym B , Sig b ) ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C ) Nym A 2 g b i S , m B Nym D -1 y N ... ... ... ... , ” i H Nym B 3 “ ( Bob ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C Msg1 Hi Nym B 3 ) Nym A 2 g b i S , m B Nym D -1 y N ... ... ... ... , ” i H Nym B 3 “ ( Bob ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C Alice Msg1 Hi Nym B 3 (“OK”, Nym A , Sig a ) Nym A 2 Nym D -1 ... ... ... ... Nym B 3 ... ... Fresh Nym List
Step2: Message Posting Nym Score MsgID Msg User Score -2 Nym C Alice Msg1 Hi Nym B 3 (“OK”, Nym A , Sig a ) Nym A 2 Msg2 OK Nym A 2 Nym D -1 ... ... ... ... Nym B 3 ... ... Fresh Nym List
Step3: Feedback Collection
Step3: Feedback Collection MsgID Msg User Score Votes Msg1 Hi Nym B 3 Msg2 Hello Nym A 2 ... ... ... ...
Step3: Feedback Collection MsgID Msg User Score Votes Msg1 Hi Nym B 3 Msg2 Hello Nym A 2 (“+1”, Msg2, sig) ... ... ... ... Dave
Step3: Feedback Collection MsgID Msg User Score Votes Msg1 Hi Nym B 3 Msg2 Hello Nym A 2 (“+1”, Msg2, sig) ... ... ... ... Positive feedback Dave
Step3: Feedback Collection MsgID Msg User Score Votes Msg1 Hi Nym B 3 Msg2 Hello Nym A 2 (“+1”, Msg2, sig) ... ... ... ... Message ID Dave
Step3: Feedback Collection MsgID Msg User Score Votes Msg1 Hi Nym B 3 Msg2 Hello Nym A 2 (“+1”, Msg2, sig) ... ... ... ... Dave Linkable Ring Signature
Linkable Ring Signature (LRS) One member signed the msg, (PK 2 ,SK 2 ) but I do not know who did that. (PK 1 ,SK 1 ) (PK 3 ,SK 3 ) Verifier * Liu et al. Linkable ring signatures: Security models and new schemes. In ICCSA’05.
Linkable Ring Signature (LRS) One member signed the msg, (PK 2 ,SK 2 ) but I do not know who did that. (PK 1 ,SK 1 ) (PK 3 ,SK 3 ) Verifier • LRS can hide voter’s pseudonym • LRS can avoid duplicate votes • Di ff erent messages have di ff erent LRS * Liu et al. Linkable ring signatures: Security models and new schemes. In ICCSA’05.
Linkable Ring Signature (LRS) One member signed the msg, (PK 2 ,SK 2 ) but I do not know who did that. (PK 1 ,SK 1 ) (PK 3 ,SK 3 ) Verifier • LRS can hide voter’s pseudonym • LRS can avoid duplicate votes • Di ff erent messages have di ff erent LRS * Liu et al. Linkable ring signatures: Security models and new schemes. In ICCSA’05.
Linkable Ring Signature (LRS) One member signed the msg, (PK 2 ,SK 2 ) but I do not know who did that. (PK 1 ,SK 1 ) (PK 3 ,SK 3 ) Verifier • LRS can hide voter’s pseudonym • LRS can avoid duplicate votes • Di ff erent messages have di ff erent LRS * Liu et al. Linkable ring signatures: Security models and new schemes. In ICCSA’05.
Step3: Feedback Collection MsgID Msg User Score Votes Like: 2 Msg1 Hi Nym B 3 Dislike: 1 Like: 1 Msg2 Hello Nym A 2 ... ... ... ...
Step3: Feedback Collection MsgID Msg User Score Votes Like: 2 Msg1 Hi Nym B 3 Dislike: 1 Like: 1 Msg2 Hello Nym A 2 ... ... ... ... AnonRep supports diverse reputation algorithms
Step3: Feedback Collection MsgID Msg User Score Votes Like: 2 3+2-1=4 Msg1 Hi Nym B 3 Dislike: 1 Like: 1 2+1=3 Msg2 Hello Nym A 2 ... ... ... ...
Step3: Feedback Collection MsgID Msg User Score Votes Like: 2 3+2-1=4 Msg1 Hi Nym B 4 Dislike: 1 Like: 1 2+1=3 Msg2 Hello Nym A 3 ... ... ... ... Nym B ’s reputation becomes 4 Nym A ’s reputation becomes 3
Step3: Feedback Collection MsgID Msg User Score Votes Like: 2 3+2-1=4 Msg1 Hi Nym B 4 Dislike: 1 Like: 1 2+1=3 Msg2 Hello Nym A 3 ... ... ... ... Fresh Nym list with updated reputation
Step3: Feedback Collection Reverse Process Updated Fresh Nym List
Step3: Feedback Collection Reverse Announcement Process Updated Updated Fresh Reputation List Nym List
Three Steps in Each Round A E(R A ) Nym C R c B E(R B ) Nym A R a Step1: Announcement C E(R C ) Nym D R d D E(R D ) Nym B R b Run by servers ... ... ... ... Reputation list Fresh pseudonym list Step2: Message Posting A E(R’ A ) B E(R’ B ) C E(R’ C ) D E(R’ D ) ID Msg User Score ... ... 1 Hi Nym B 3 Step3: Feedback Updated Collection Reputation list 2 Hello Nym A 2 ... ... ... ... Run by servers
Session, Rounds and Steps A E(R’’ A ) A E(R’’’ A ) A E(R’ A ) B E(R’’ B ) B E(R’’’ B ) A E(R A ) B E(R’ B ) C E(R’’ C ) C E(R’’’ C ) C E(R’ C ) B E(R B ) D E(R’’ D ) D E(R’’’ D ) C E(R C ) D E(R’ D ) ... ... ... ... ... ... D E(R D ) ... ... 1 2 3 1 2 3 1 2 3 ... ... Session: A series of rounds
Road-Map • Motivations • AnonRep Design • Practical Considerations • Evaluation
Practical Considerations • Intersection attacks on special reputations • Performance optimization • Misbehavior detection • Registration veri fj cation
Practical Considerations • Intersection attacks on special reputations • Performance optimization • Misbehavior detection • Registration veri fj cation Please see our paper for more details
Intersection Attack like:1 Msg1 csdfsa(100) dislike:0 like:1 Msg2 9sf1aaa(2) dislike:4 like:3 Msg3 ty4azko(3) dislike:4 ... ... ... ... Round i
Recommend
More recommend