Preserving Privacy of Feedback Providers in Decentralized Reputation Systems Omar Hasan a,∗ , Lionel Brunie a , Elisa Bertino b a University of Lyon, CNRS, INSA-Lyon, LIRIS, UMR5205, F-69621, France b Department of Computer Science, Purdue University, IN 47907, USA Abstract Reputation systems make the users of a distributed application accountable for their behavior. The reputation of a user is computed as an aggregate of the feedback provided by other users in the system. Truthful feedback is clearly a prerequisite for computing a reputation score that accurately represents the behavior of a user. However, it has been observed that users often hesitate in providing truthful feedback, mainly due to the fear of retaliation. We present a decentralized privacy preserving reputation protocol that enables users to provide feedback in a private and thus uninhibited manner. The protocol has linear message complexity, which is an improvement over comparable decentral- ized reputation protocols. Moreover, the protocol allows users to quantify and maximize the probability that their privacy will be preserved. Keywords: reputation, privacy, trust, secret sharing, decentralization 1. Introduction In recent years, reputation systems have gained popularity as a solution for securing distributed applications from misuse by dishonest users. A reputation system computes the reputation score of a user as an aggregate of the feedback provided by fellow users. Good behavior is rewarded by positive feedback and consequently a high reputation score. On the contrary, bad behavior results in negative feedback and a low reputation score, which can lead to isolation or exclusion from the application. Some examples of applications of reputation systems are as follows: • According to a survey on fraud in e-commerce [1], fraud accounted for a total loss of US$ 2.7 billion in the United States and Canada in 2010. Reputation systems used by e-commerce websites (such as ebay.com, * Corresponding author Email addresses: omar.hasan@insa-lyon.fr (Omar Hasan), lionel.brunie@insa-lyon.fr (Lionel Brunie), bertino@cs.purdue.edu (Elisa Bertino) Preprint submitted to Elsevier December 2, 2011