Anonymous and Verifiable Reputation System for E-commerce Platforms based on Blockchain

Meng Li; Liehuang  Zhu; Zijian Zhang; Chhagan Lal; Mauro Conti; Mamoun  Alazab

doi:10.1109/TNSM.2021.3098439

Anonymous and Verifiable Reputation System for E-commerce Platforms based on Blockchain

Meng Li, Liehuang Zhu, Zijian Zhang, Chhagan Lal, Mauro Conti, Mamoun Alazab

Cyber Security

Research output: Contribution to journal › Article › Scientific › peer-review

21 Citations (Scopus)

314 Downloads (Pure)

Abstract

E-commerce platforms incorporate reputation systems that allow customers to rate suppliers following financial transactions. Existing reputation systems cannot defend the centralized server against arbitrarily tampering with the supplier’s reputation. Furthermore, they do not offer reputation access across platforms. Rates are faced with privacy leakages because rating activities are correlated with privacy (e.g., identity and rating). Meanwhile, raters could be malicious and initiate multiple rating attacks and abnormal rating attacks. Determining how to address these issues have both research and practical value. In this paper, we propose a blockchain-based privacy-preserving reputation system for e-commerce platforms named RepChain; our system allows cross-platform reputation access and anonymous and private ratings. Using RepChain, all e-commerce platforms collaborate and share users’ reputations by co-constructing a consortium blockchain and modeling the rating process as a finite state machine. In particular, we facilitate one-show anonymous credentials constructed from two-move blind signatures to protect customers’ identities and resist multiple rating attacks, leverage zero-knowledge range proof to verify the correctness of ratings and defend against abnormal rating attacks, design a secure sum computation protocol among nodes to update reputations, and verify ratings via batch processing and consensus hashes. Finally, we demonstrate the security and privacy of RepChain via a formal analysis and evaluate its performance based on Ethereum test network.

Original language	English
Article number	9490665
Pages (from-to)	4434-4449
Number of pages	16
Journal	IEEE Transactions on Network and Service Management
Volume	18
Issue number	4
DOIs	https://doi.org/10.1109/TNSM.2021.3098439
Publication status	Published - 2021

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

Blockchain
E-commerce platforms
Privacy
Rating
Security

Access to Document

10.1109/TNSM.2021.3098439

Anonymous_and_Verifiable_Reputation_System_for_E-commerce_Platforms_based_on_BlockchainAccepted author manuscript, 5.69 MB
Anonymous_and_Verifiable_Reputation_System_for_E_Commerce_Platforms_Based_on_BlockchainFinal published version, 2.24 MB

Cite this

@article{8d910b72a1b5420298a1a74bbe2b4e34,

title = "Anonymous and Verifiable Reputation System for E-commerce Platforms based on Blockchain",

abstract = "E-commerce platforms incorporate reputation systems that allow customers to rate suppliers following financial transactions. Existing reputation systems cannot defend the centralized server against arbitrarily tampering with the supplier{\textquoteright}s reputation. Furthermore, they do not offer reputation access across platforms. Rates are faced with privacy leakages because rating activities are correlated with privacy (e.g., identity and rating). Meanwhile, raters could be malicious and initiate multiple rating attacks and abnormal rating attacks. Determining how to address these issues have both research and practical value. In this paper, we propose a blockchain-based privacy-preserving reputation system for e-commerce platforms named RepChain; our system allows cross-platform reputation access and anonymous and private ratings. Using RepChain, all e-commerce platforms collaborate and share users{\textquoteright} reputations by co-constructing a consortium blockchain and modeling the rating process as a finite state machine. In particular, we facilitate one-show anonymous credentials constructed from two-move blind signatures to protect customers{\textquoteright} identities and resist multiple rating attacks, leverage zero-knowledge range proof to verify the correctness of ratings and defend against abnormal rating attacks, design a secure sum computation protocol among nodes to update reputations, and verify ratings via batch processing and consensus hashes. Finally, we demonstrate the security and privacy of RepChain via a formal analysis and evaluate its performance based on Ethereum test network.",

keywords = "Blockchain, E-commerce platforms, Privacy, Rating, Security",

author = "Meng Li and Liehuang Zhu and Zijian Zhang and Chhagan Lal and Mauro Conti and Mamoun Alazab",

note = "Green Open Access added to TU Delft Institutional Repository {\textquoteleft}You share, we take care!{\textquoteright} – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. ",

year = "2021",

doi = "10.1109/TNSM.2021.3098439",

language = "English",

volume = "18",

pages = "4434--4449",

journal = "IEEE Transactions on Network and Service Management",

issn = "1932-4537",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

number = "4",

}

TY - JOUR

T1 - Anonymous and Verifiable Reputation System for E-commerce Platforms based on Blockchain

AU - Li, Meng

AU - Zhu, Liehuang

AU - Zhang, Zijian

AU - Lal, Chhagan

AU - Conti, Mauro

AU - Alazab, Mamoun

N1 - Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

PY - 2021

Y1 - 2021

N2 - E-commerce platforms incorporate reputation systems that allow customers to rate suppliers following financial transactions. Existing reputation systems cannot defend the centralized server against arbitrarily tampering with the supplier’s reputation. Furthermore, they do not offer reputation access across platforms. Rates are faced with privacy leakages because rating activities are correlated with privacy (e.g., identity and rating). Meanwhile, raters could be malicious and initiate multiple rating attacks and abnormal rating attacks. Determining how to address these issues have both research and practical value. In this paper, we propose a blockchain-based privacy-preserving reputation system for e-commerce platforms named RepChain; our system allows cross-platform reputation access and anonymous and private ratings. Using RepChain, all e-commerce platforms collaborate and share users’ reputations by co-constructing a consortium blockchain and modeling the rating process as a finite state machine. In particular, we facilitate one-show anonymous credentials constructed from two-move blind signatures to protect customers’ identities and resist multiple rating attacks, leverage zero-knowledge range proof to verify the correctness of ratings and defend against abnormal rating attacks, design a secure sum computation protocol among nodes to update reputations, and verify ratings via batch processing and consensus hashes. Finally, we demonstrate the security and privacy of RepChain via a formal analysis and evaluate its performance based on Ethereum test network.

AB - E-commerce platforms incorporate reputation systems that allow customers to rate suppliers following financial transactions. Existing reputation systems cannot defend the centralized server against arbitrarily tampering with the supplier’s reputation. Furthermore, they do not offer reputation access across platforms. Rates are faced with privacy leakages because rating activities are correlated with privacy (e.g., identity and rating). Meanwhile, raters could be malicious and initiate multiple rating attacks and abnormal rating attacks. Determining how to address these issues have both research and practical value. In this paper, we propose a blockchain-based privacy-preserving reputation system for e-commerce platforms named RepChain; our system allows cross-platform reputation access and anonymous and private ratings. Using RepChain, all e-commerce platforms collaborate and share users’ reputations by co-constructing a consortium blockchain and modeling the rating process as a finite state machine. In particular, we facilitate one-show anonymous credentials constructed from two-move blind signatures to protect customers’ identities and resist multiple rating attacks, leverage zero-knowledge range proof to verify the correctness of ratings and defend against abnormal rating attacks, design a secure sum computation protocol among nodes to update reputations, and verify ratings via batch processing and consensus hashes. Finally, we demonstrate the security and privacy of RepChain via a formal analysis and evaluate its performance based on Ethereum test network.

KW - Blockchain

KW - E-commerce platforms

KW - Privacy

KW - Rating

KW - Security

U2 - 10.1109/TNSM.2021.3098439

DO - 10.1109/TNSM.2021.3098439

M3 - Article

SN - 1932-4537

VL - 18

SP - 4434

EP - 4449

JO - IEEE Transactions on Network and Service Management

JF - IEEE Transactions on Network and Service Management

IS - 4

M1 - 9490665

ER -

Anonymous and Verifiable Reputation System for E-commerce Platforms based on Blockchain

Abstract

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this