We construct a system, Sandi, to bring trust in online communication between parties that share little or no context. Sandi is based on a unique ``somewhat monotone'' privacy-preserving reputation system, with strong privacy and security properties. Registered senders request cryptographic tags from Sandi, which they attach to their messages. Message receivers do not need registered accounts, but they can use a sender's score to decide how much the sender should be trusted. If a receiver finds the message inappropriate, they can use the tag to report the sender to Sandi, thus decreasing the sender's score. The design of Sandi ensures compatibility with any communication system that allows for small binary data transmission. Sandi aims to benefit both senders and receivers. Senders benefit, as receivers are more likely to react to their messages with reputation scores attached. Receivers benefit, as they can make better choices in who to interact with based on indisputable evidence from prior receivers. Sandi does not require senders or receivers to maintain long-term secret keys. We provide a score integrity guarantee for the senders, a full communication privacy guarantee for the senders and receivers, a report privacy guarantee to protect reporting receivers, and an unlinkability guarantee to protect senders. Finally, we provide a game-theoretic analysis for the sender. We prove that, for any score function satisfying a list of properties, Sandi drives rational senders towards a strategy, which reduces the amount of inappropriate messages.
翻译:暂无翻译