Privacy-Preserving Reputation Management

Reputation systems provide reputation values of rated parties to users. These reputation values, typically aggregations of individual user ratings, shall be reliable, i.e. should enable a realistic assessment of the probability that the rated party behaves as expected in a transaction. In order for the reputation values to stay reliable and, thus, for the reputation system to provide a benefit, the system needs to be resistant against manipulations by users, the rated parties trying to improve their reputation values, and even against competitors trying to worsen a reputation value. At the same time, a reputation system shall provide privacy protection for users: rated parties shall not be able to learn who provided a certain rating. Otherwise users might not take part in the system as they fear bad feedback in revenge for bad ratings, or users do not want to be connected to certain transactions based on their provided ratings. In this paper we come up with a solution that provides both, reliability of reputation values on the one hand, and privacy protection for users on the other hand. In contrast to related work, our solution only makes use of a single reputation provider that needs to be trusted (to a certain extent) and does not require any bulletin boards to be present in the system. We make use of the Paillier cryptosystem to provide an aggregation of individual user ratings in a way that no party can learn which user provided a certain rating.