Abstract
In this work, we revisit the Anonymous Reputation Systems presented by Blömer et al. in (FC’15). An anonymous reputation system allows users to review/rate products that they have purchased. The main security guarantee that such systems ensure is privacy, i.e., users are allowed to anonymously write reviews for any products which they have purchased. However, to avoid abuse/misuse cases, a review-once-policy is also enforced, i.e., if a user tries to write a second review for the same product, his reviews will be publicly linkable. Therefore, the system manager can revoke this user from the system.
The contribution of this paper is threefold. First, we strengthen and re-formalize the security model for reputation systems of Blömer et al. so that it captures more accurately real-life threats. In particular, our security model captures all possible framing scenarios including when the adversary tries to produce a review that links to another review produced by an honest user. Without this security notion, an adversary can exploit this vulnerability in order to revoke or partially de-anonymize a particular user. Second, our reputation system is fully dynamic so that users and items can be added and revoked at any time. This is an attractive and should possibly be a default feature for reputations systems to have, since the system manager will not know the users/items in the time of setup of the system. Finally, we propose the first construction of a reputation system based on lattice assumptions that are conjectured to be resistant to quantum attacks by incorporating a lattice-based tag scheme.