Street Rep: A Privacy-Preserving Reputation Aggregation System

Over the last decade, online reputation has become a central aspect of our digital lives. Most online services and communities assign a reputation score to users, based on feedback from other users about various criteria such as how reliable, helpful, or knowledgeable a person is. While many online services compute reputation based on the same set of such criteria, users currently do not have the ability to use their reputation scoresacrossservices. As a result, users face trouble establishing themselves on new services or trusting each other on services that do not support reputation tracking. Existing systems that aggregate reputation scores, unfortunately, provide no guarantee in terms of user privacy, and their use makes user accountslinkable. Such a lack of privacy may result in embarrassment, or worse, place users in danger.

In this paper, we presentStreet Rep, a practical system for aggregating user reputation scores in a privacy-preserving manner.Street Repmakes it possible for users to provide their aggregated scores over multiple serviceswithoutrevealing their respective identities on each service. We discuss our novel approach for tamper-proof privacy preserving score aggregation from multiple sources by combining existing techniques such as blind signatures, homomorphic signatures and private information retrieval. We discuss its practicality and resiliency against different types of attacks. We also built a prototype implementation ofStreet Rep. Our evaluation demonstrates thatStreet Rep(a) performs efficiently and (b) practically scales to a large user base.