a next generation reputation system based on the blockchain
TRANSCRIPT
![Page 1: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/1.jpg)
Rep on the block : A next generation reputation system based on the blockchain
BY: MAGED MOHAMED ELGAZZAR@MMELJAZZAR
LINKEDIN.COM/IN/MMJAZZAR
7/11/2016 1
![Page 2: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/2.jpg)
Conference The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015)
7/11/2016 2
![Page 3: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/3.jpg)
Agenda Introduction. Attacks on reputation systems Current reputation systems. blockchain reputation system. Limitation. Conclusion.
7/11/2016 3
![Page 4: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/4.jpg)
Introduction eBay has the most widely used reputation system and processes over a billion transactions per day.
Multidimensional reputations.
Reliability of reputations.
7/11/2016 4
![Page 5: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/5.jpg)
The common Attacks on reputation systems
7/11/2016 5
![Page 6: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/6.jpg)
Types of attacks Unfair ratings attack.
Collusion attack.
The Sybil attack.
The re-entry attack.
7/11/2016 6
![Page 7: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/7.jpg)
Unfair ratings attack. prove and prevent is the unfair ratings attack.
comparing ratings of users to ratings left by higher trustedusers on the network
7/11/2016 7
![Page 8: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/8.jpg)
Collusion attackA group of nodes who collude between each other.
aim of lowering a target node’s reputation.
One solution is to calculate the reputation score based on the average of all reputations.
7/11/2016 8
![Page 9: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/9.jpg)
The Sybil attack A single user gains access to multiple legal identities.
depends on the cost of obtaining an identity.
It makes entrance to the network expensive for the network.
7/11/2016 9
![Page 10: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/10.jpg)
The re-entry attackWith this attack, an attacker can choose to behave maliciously.
They have a low reputation that impacts their attack, they stop using that account and generate a new account.
7/11/2016 10
![Page 11: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/11.jpg)
The proposed blockchain reputation system
7/11/2016 11
![Page 12: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/12.jpg)
Goal of the new system Withstand previously documented attacks on reputation systems.
provide a generalized reputation system that can beimplemented into any network.
7/11/2016 12
![Page 13: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/13.jpg)
Transaction Store single dimensional reputation
1 for a positive transaction, or a 0 for a non satisfactory transaction
Classify a transaction, signed by the sender’s private key to a user who requested it.
7/11/2016 13
![Page 14: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/14.jpg)
The unfair ratings attack The user sends a transaction consisting of the reputation score, a timestamp, and a hash of the received file.
This data is encrypted with the receiver’s private key and is sent to the miners.
This ensures the reputation left by a user is based on a real transaction.
7/11/2016 14
![Page 15: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/15.jpg)
The unfair ratings attack
7/11/2016 15
![Page 16: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/16.jpg)
The Sybil attack Link the indemnity creation to the IP address of a user.
While this method does not prevent an attacker from creating multiple identities,
It makes the cost of doing so much more expensive.
7/11/2016 16
![Page 17: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/17.jpg)
Multiple identities The ability to prevent multiple identities from a singlemachine, is key in preventing a Sybil attack.
The data sent to the miners would be transaction hash sender public key receiver public key.
7/11/2016 17
![Page 18: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/18.jpg)
Malicious transactions A user with a low reputation stakes a small amount of currency into a triple signed wallet.
Sending a small amount of currency to the wallet set up especially for this transaction.
7/11/2016 18
![Page 19: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/19.jpg)
Malicious transactions This would mean if the user were to behave dishonestly and send a malicious file.
The amount stored in the wallet would be sent to a pool which the network uses to act as a reward for miners finding blocks.
7/11/2016 19
![Page 20: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/20.jpg)
Multidimensional reputation The also stores reputation from peers it has had previous interactions with.
This could be done to enhance speed of the transaction, quality of file, etc.
10/24/2016 20
![Page 21: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/21.jpg)
The limitations of the reputation blockchain
system
10/24/2016 21
![Page 22: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/22.jpg)
limitations of the system Number of transactions per sec. Large scale development. Low resourced users. Trustworthiness of a peer. Latency. Technical flaws.
10/24/2016 22
![Page 23: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/23.jpg)
Number of transactions per sec. A maximum block size, our network would only be able to process 10 transactions a second
Malicious colluding nodes would spam the miners withtransactions.
10/24/2016 23
![Page 24: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/24.jpg)
Number of transactions per sec. Remove the maximum size of a block.
Increase the transactions per second, is to reduce the time required for each block to be created.
10/24/2016 24
![Page 25: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/25.jpg)
large scale development The required resources on each node make this expensive to implement, with the proposed 1MB block size.
the blockchain could increase at a rate of 144MB a day (53GBa year).
10/24/2016 25
![Page 26: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/26.jpg)
Low resourced users Greater bandwidth to receive blocks. This would also further limit the participation of low-resourced nodes such as mobile devices.
Solution: propose that each node is no longer required to download the entire blockchain.
10/24/2016 26
![Page 27: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/27.jpg)
Trustworthiness of a peer It would take several months from deployment for thereputation system to become effective.
Gaining the necessary data and feedback from users that would allow other users on the network to make informed decisions on the trustworthiness of a peer.
10/24/2016 27
![Page 28: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/28.jpg)
Latency The network latency Validation of any request would add additional delay.
10/24/2016 28
![Page 29: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/29.jpg)
Technical flaws The risk of unknown technical flaws in the cryptography used could undermine security on the network.
An intelligent colluding attack. it might still be possible for an attacker to profit from the system.
10/24/2016 29
![Page 30: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/30.jpg)
Conclusion As now a malicious peer would be able to be detected 50% faster than before.
The increased resources (storage space for the blockchain) on the miners could result in fewer miners on the network; this would in turn lower the security of the network.
10/24/2016 30
![Page 31: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/31.jpg)
Conclusion The proposed reputation system is client controlled.
The client can calculate the reputation score based on parameters set by them.
For example, a user could only view reputations from users on a specific network. To prevent against the collusion attack,
10/24/2016 31
![Page 32: A next generation reputation system based on the blockchain](https://reader036.vdocuments.net/reader036/viewer/2022070516/58738afb1a28ab272d8b69c5/html5/thumbnails/32.jpg)
Benefits of the system Each user will only be given a reputation score based on the average of all their reputation score.
This ensures if two nodes are transacting together, they will get the same reputation scores whether they send one transaction or a thousand transactions to each other
10/24/2016 32