Eric Lugo

80403319
Fuzzy Privacy Preserving Peer-to-Peer Reputation Management
What is Peer-to-Peer (P2P)
Peer-to-peer (P2P) networks are a collection of peers that share resources with
each other. They are the preferred model of data sharing as they have excellent
availability, reliability and scalability. The downsides of a P2P network is they
often have no centralized authorities to maintain the network or the
trustworthiness of its peers.
Why we need reputation management
Trustworthiness is important to avoid wastage of resources and to avoid
malicious peers. Malicious peers are those who not only would send malicious
data, but also those who send low quality or otherwise unwanted material
through the network. Having a reputation system that gives a reputation rating
to each peer helps to improve the quality of service. This is where the P2PRep
algorithm can help maintain quality in the network.
P2PRep algorithm phases
The Peer-to-Peer Reputation algorithm (P2PRep) consists of 5 phases:

Resource Searching
A peer (the requester) sends a broadcast message to others in the
network requesting some resource. Other peers (offerors) respond with
offers of service if they have the requested resource.

Polling
The requester broadcasts a request for opinions on the quality of the
service provided by the offerors. Peers that have interacted with the
offerors in the past respond to the request by sending their opinions,
which is essentially a vote of their reputation.

Vote Cleaning
The requester then cleans votes based on its own experiences with the
voters. Some votes may be discarded if the requester doesnt trust the
source.

Vote Aggregation
The clean set of votes are aggregated, resulting in a computation of a
global reputation value of the offeror.

Resource Downloading
The requested resource is then downloaded from the offeror, or set of
offerors with the highest global reputation.

How P2PRep is calculated

The P2PRep Reputation model has two levels of reputation, local and global.
Local reputation - the amount of trust one peer has with another based on its own
interactions with
it.
Global reputations - are an aggregation of many local reputations, and is used to
allow new peers or peers with insufficient interactions with offerors to decide which
offeror provides the best quality of service.

Local reputations are calculated using the equation:

r (nij )= ( n ) r (n1)
+ ( 1 ( n ) ) t (n)
ij
ij
i is the requestor, j is the offeror.
(n) is a freshness value between 0 and 1 used to denote the
importance of is past interaction with j. If (n) 1, then i had an
interaction with j more recently and will give a larger weight to that
vote. Basically votes degrade over time and older votes hold less
importance that newer votes.
(n)

t ij

= 1 for a satisfactory transaction, and

(n)

t ij

= 0 for an

unsatisfactory transaction.

If a peer has not interacted with an offeror sufficiently it enters the polling
phase. A vote rk,j is sent for each peer k for the offeror j. The Order
Weighted Average is calculated to get global reputation score.
n

W k rt ,

OW A

k=1n

k j

Wk
k=1

n is the number of votes r to be aggregated

W is the weighing vector, which is used to give bias to trustworthiness as
the system views
malicious behavior as an exception. This system
assumes malicious users are a minority and that most users just want to
get the requested resource.

Global reputation is calculated using the equation:

d +1

( d x+2 )D x

x=1
d +1

x
( d +2
) DxD x
x=1

R j=
Dx denotes the xth distinct vote value
|Dx | denotes the number of identical votes with value D x that were received
In this system a higher importance is given to multiple occurrences of the
same vote value. Votes are portioned into intervals d+1 in size and their
extreme values are used as a set of weights in the weighing vector W for
collecting the d distinct local reputations.
Why the P2PRep algorithm is insufficient
The local reputations are sent from offerors to the requestor in the form of an ID
and local reputation pair. The ID is often in the form of an IP address which is public
to every other peer in the polling phase. If a malicious peer were to collect the set
of peers who assigned them a low vote of reputation, they could use it to retaliate.
Retaliation includes sending fake data, viruses or launching DoS attacks on peers,
which degrades the quality of service for everyone. A revised algorithm is needed.
3PRep: Privacy Preserving P2PRep

Phase I: Resource Searching in 3PRep

A querying peer can attempt to reduce the set of offerors by providing a
set of minimum requirements such as minimum bandwidth of the offeror.

Phase II: Polling in 3PRep

Pre-trusted peers are selected and are given a log of private keys to use
when polling other peers as a form of Paillier cryptosystem. A pre-trusted
peer is used to facilitate the polling by sending a request to all other peers
requesting the reputation value of the offeror and their private key if
available from a stored log.

Phase III: Vote Cleaning in 3PRep

As with P2PRep votes obtained from untrustworthy peers are filtered out.
The set of votes to be verified are checked against the pre-trusted peers
logs to check for vote spoofing or modification so that this vote can be
discarded and reported.

Phase IV: Vote Aggregation in 3PRep

Votes are sent cleaned and encrypted to the requester and the Order
Weighted Average of these votes are calculated, this time giving more
importance to low reputation votes and recurring values.

Phase V: Resource Downloading in 3PRep

The peer downloads the resource. After the transaction is complete he
updates his locally computed reputation log for the offeror depending on
his satisfaction with the interaction and encrypts it.

Paillier Cryptosystem
The Paillier Cryptosystem is very similar to the RSA cryptosystem in that it
uses a private and public key which are calculate form large prime numbers p and
q.
The public key is (n , g). Public to all users where

Private key is ( ,

). Held by pre-trusted users, which are usually

founders of the network.

Encryption:
m n

c=g r mod n r {0, , n1}

Decryption:

c
2
m L( mod n ) mod n

3PRep Global Reputation Algorithm:

Weight with malicious bias:

n=p q

Wy

( d +2y ) D
y

3PRep Reputation:
d +1

W y

y=1
d+1

W yD y
y=1

R j=
|Dy | denotes the number of identical votes with value D y
Wy denotes the weight of the vote vectors with bias toward maliciousness.
This new system assumes users are malicious first then calculates their
reputation based on that assumption.