Privacy‐friendly weighted‐reputation aggregation protocols against malicious adversaries in cloud services

Summary Reputation systems are used for evaluating trustworthiness of the users based on their feedback (i.e., votes) about each other. Such systems are particularly important for cloud service providers, as they allow them to collect and aggregate feedback on the past behavior of users. Weighted‐reputation aggregation is a protocol, where the vote server has a weight vectorW → =w 1 , w 2 , ⋯ , w nfor all voters, each voter has a vote score y i , and they cooperate to compute∑ i = 1 nw iy i . We call it ‘privacy‐friendly’, if the respective inputs are kept private. In other words, a privacy‐friendly weighted aggregation protocol is a secure evaluation for functionalityπ WV :W → , y 1 , ⋯ , y n↦∑ i = 1 nw iy i , ⊥ , ⋯ , ⊥ . In this work, we propose two privacy‐friendly weighted‐reputation aggregation protocols: one in semi‐honest model and another one in malicious model. The latter protocol uses the cryptographic primitives of homomorphic encryption, verifiable encryption, and the proof of knowledge of a discrete logarithm. Our protocols need only two rounds of communications, which is very efficient in practice. Our protocols are secure against the collusion of at most n − 2malicious adversaries. Copyright © 2014 John Wiley & Sons, Ltd.