1-3hit |
In anonymous reputation systems, where after an interaction between anonymous users, one of the users evaluates the peer by giving a rating. Ratings for a user are accumulated, which becomes the reputation of the user. By using the reputation, we can know the reliability of an anonymous user. Previously, anonymous reputation systems have been proposed, using an anonymous e-cash scheme. However, in the e-cash-based systems, the bank grasps the accumulated reputations for all users, and the fluctuation of reputations. These are private information for users. Furthermore, the timing attack using the deposit times is possible, which makes the anonymity weak. In this paper, we propose an anonymous reputation system, where the reputations of users are secret for even the reputation manager such as the bank. Our approach is to adopt an anonymous credential certifying the accumulated reputation of a user. Initially a user registers with the reputation manager, and is issued an initial certificate. After each interaction with a rater, the user as the ratee obtains an updated certificate certifying the previous reputation summed up by the current rating. The update protocol is based on the zero-knowledge proofs, and thus the reputations are secret for the reputation manager. On the other hand, due to the certificate, the user cannot maliciously alter his reputation.
Hsiao-Chien TSAI Nai-Wei LO Tzong-Chen WU
In recent years huge potential benefits from novel applications in mobile ad hoc networks (MANET) have been discussed extensively. However, without robust security mechanisms and systems to provide safety shell through the MANET infrastructure, MANET applications can be vulnerable and hammered by malicious attackers easily. In order to detect misbehaved message routing and identify malicious attackers in MANET, schemes based on reputation concept have shown their advantages in this area in terms of good scalability and simple threshold-based detection strategy. We observed that previous reputation schemes generally use predefined thresholds which do not take into account the effect of behavior dynamics between nodes in a period of time. In this paper, we propose a Threshold-Adaptive Reputation System (TARS) to overcome the shortcomings of static threshold strategy and improve the overall MANET performance under misbehaved routing attack. A fuzzy-based inference engine is introduced to evaluate the trustiness of a node's one-hop neighbors. Malicious nodes whose trust values are lower than the adaptive threshold, will be detected and filtered out by their honest neighbors during trustiness evaluation process. The results of network simulation show that the TARS outperforms other compared schemes under security attacks in most cases and at the same time reduces the decrease of total packet delivery ratio by 67% in comparison with MANET without reputation system.
Li-ming HAO Song-nian LU Shu-tang YANG Ning LIU Qi-shan HUANG
In 2006, Miranda et al. proposed an anonymity scheme to achieve peers' anonymity in Peer-to-Peer (P2P) reputation systems. In this paper, we show that this scheme can not achieve peers' anonymity in two cases. We also propose an improvement which solves the problem and improves the degree of anonymity.