Do You Believe in Tinker Bell? The Social Externalities of Trust
31 Mar 2015-pp 224-236
TL;DR: This work presents a privacy-preserving reputation system to enhance quality of service in Tor, or a similar proxy network, with built-in incentives for correct behaviour and proposes a new approach: a trust service whose power arises directly from the number of users who decide to rely on it.
Abstract: In the play Peter Pan, the fairy Tinker Bell is about to fade away and die because nobody believes in her any more, but is saved by the belief of the audience. This is a very old meme; the gods in Ancient Greece became less or more powerful depending on how many mortals sacrificed to them. On the face of it, this seems a democratic model of trust; it follows social consensus and crumbles when that is lost. However, the world of trust online is different. People trust CAs because they have to; Verisign and Comodo are dominant not because users trust them, but because merchants do. Two-sided market effects are bolstered by the hope that the large CAs are too big to fail. Proposed remedies from governments are little better; they declare themselves to be trusted and appoint favoured contractors as their bishops. Academics have proposed, for example in SPKI/SDSI, that trust should flow from individual users' decisions; but how can that be aggregated in ways compatible with incentives? The final part of the problem is that current CAs are not just powerful but all-powerful: a compromise can let a hostile actor not just take over your session or impersonate your bank, but 'upgrade' the software on your computer. Omnipotent CAs with invisible failure modes are better seen as demons rather than as gods.
Inspired by Tinker Bell, we propose a new approach: a trust service whose power arises directly from the number of users who decide to rely on it. Its power is limited to the provision of a single service, and failures to deliver this service should fairly rapidly become evident. As a proof of concept, we present a privacy-preserving reputation system to enhance quality of service in Tor, or a similar proxy network, with built-in incentives for correct behaviour. Tokens enable a node to interact directly with other nodes and are regulated by a distributed authority. Reputation is directly proportional to the number of tokens a node accumulates. By using blind signatures, we prevent the authority learning which entity has which tokens, so it cannot compromise privacy. Tokens lose value exponentially over time; this negative interest rate discourages hoarding. We demotivate costly system operations using taxes. We propose this reputation system not just as a concrete mechanism for systems requiring robust and privacy-preserving reputation metrics, but also as a thought experiment in how to fix the security economics of emergent trust.
Citations
More filters
TL;DR: Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks and offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness.
Abstract: Peer-to-Peer (P2P) overlay networks have gained popularity due to their robustness, cost advantage, network efficiency and openness. Unfortunately, the same properties that foster their success, also make them prone to several attacks. To mitigate these attacks, several scalable security mechanisms which are based on the concepts of trust and reputation have been proposed. These proposed methods tend to ignore some core practical requirements that are essential to make them more useful in the real world. Some of such requirements include efficient bootstrapping of each newcomer’s reputation, and mitigating seeder(s) exploitation. Additionally, although interaction among participating peers is usually the bases for reputation, the importance given to the frequency of interaction between the peers is often minimized or ignored. This can result in situations where barely known peers end-up having similar trust scores to the well-known and consistently cooperative nodes. After a careful review of the literature, this work proposes a novel and scalable reputation based security mechanism that addresses the aforementioned problems. The new method offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness. To evaluate its performance, the new reputation model has been implemented as an extension of the BitTorrent protocol. Its robustness was tested by exposing it to popular malicious behaviors in a series of extensive PeerSim simulations. Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks.
14 citations
20 Mar 2017
TL;DR: It is argued that the evolution of protocols is one of the most important yet least understood aspects of the governance of information systems and a possible framework inspired by research in institutional economics is sketched.
Abstract: In this paper we argue that the evolution of protocols is one of the most important yet least understood aspects of the governance of information systems. At the deepest level, security protocols determine the power structure of a system: who can do what with whom. The development, adoption, spread and evolution of protocols, and competition between them, are both political and economic activities. They may reconcile multiple objectives or be the battlefield in which one interest defeats another. They occur at all levels in the online ecosystem, from individual and small-firm action, up through organisations and networks to whole ecosystems – and may eventually play a role in shaping culture, values and norms. They play a key role in innovation: early movers may use protocols to establish a strategic advantage and lock competitors out. How can we understand such complex behaviour? In this paper we sketch a possible framework inspired by research in institutional economics.
4 citations
Cites background from "Do You Believe in Tinker Bell? The ..."
...At previous protocols workshops we have touched on economic models of protocols [5], asked whether in a democratic system there should be a ‘loyal attacker’, inspired by the ‘loyal opposition’ in parliament [7] and discussed crowdsourcing social trust [11]....
[...]
24 Nov 2018
2 citations
Cites methods from "Do You Believe in Tinker Bell? The ..."
...The content of this chapter is adapted from our paper Do you believe in Tinker Bell? The social externalities of trust, by Khaled Baqer and Ross Anderson, which appears in the Proceedings of the International Workshop on Security Protocols 2015 [16]....
[...]
References
More filters
Proceedings Article•
11 Nov 1999
TL;DR: This paper describes PageRank, a mathod for rating Web pages objectively and mechanically, effectively measuring the human interest and attention devoted to them, and shows how to efficiently compute PageRank for large numbers of pages.
Abstract: The importance of a Web page is an inherently subjective matter, which depends on the readers interests, knowledge and attitudes. But there is still much that can be said objectively about the relative importance of Web pages. This paper describes PageRank, a mathod for rating Web pages objectively and mechanically, effectively measuring the human interest and attention devoted to them. We compare PageRank to an idealized random Web surfer. We show how to efficiently compute PageRank for large numbers of pages. And, we show how to apply PageRank to search and to user navigation.
14,400 citations
13 Aug 2004
TL;DR: This second-generation Onion Routing system addresses limitations in the original design by adding perfect forward secrecy, congestion control, directory servers, integrity checking, configurable exit policies, and a practical design for location-hidden services via rendezvous points.
Abstract: We present Tor, a circuit-based low-latency anonymous communication service. This second-generation Onion Routing system addresses limitations in the original design by adding perfect forward secrecy, congestion control, directory servers, integrity checking, configurable exit policies, and a practical design for location-hidden services via rendezvous points. Tor works on the real-world Internet, requires no special privileges or kernel modifications, requires little synchronization or coordination between nodes, and provides a reasonable tradeoff between anonymity, usability, and efficiency. We briefly describe our experiences with an international network of more than 30 nodes. We close with a list of open problems in anonymous communication.
3,960 citations
"Do You Believe in Tinker Bell? The ..." refers background in this paper
...The Tor network [9] consists of volunteer relays mixing users’ traffic to provide anonymity....
[...]
01 Jan 1983
TL;DR: Automation of the way the authors pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers.
Abstract: Automation of the way we pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers. The ultimate structure of the new electronic payments system may have a substantial impact on personal privacy as well as on the nature and extent of criminal use of payments. Ideally a new payments system should address both of these seemingly conflicting sets of concerns.
3,308 citations
"Do You Believe in Tinker Bell? The ..." refers background in this paper
...He does this by generating a well-formed token CB , blinds it with a multiplier, and sends it to Samantha, who generates a blind signature [4] and returns it....
[...]
10 Apr 1996
646 citations
01 Jan 1996
TL;DR: Ve presents two simple micropayment schemes, "PayWord" and :'MicroMint," for making small purchases over the Internet, using hash operations instead whenever possible to minimize the number of public-key operations required per payment.
Abstract: 1 Introduction ~Ve present two simple micropayment schemes, "PayWord" and :'MicroMint," for making small purchases over the Internet. We were inspired to work on this problem by DEC's "Millicent" scheme[10]. Surveys of some electronic payment schemes can be found in Hallam-Baker [6], Schneier[16], and Wayner[18]. Our main goal is to minimize the number of public-key operations required per payment, using hash operations instead whenever possible. As a rough guide, hash functions are about 100 times faster than RSA signature verification, and about 10,000 times faster than RSA signature generation: on a typical workstation , one can sign two messages per second, verify 200 signatures per second, and compute 20,000 hash function values per second. To support micropayments, exceptional efficiency is required, otherwise the cost of the mechanism will exceed the value of the payments. As a consequence, our micropayment schemes are lightweight compared to full macropayment schemes. We "don't sweat the small stuff": a user who loses a micropayment is similar to someone who loses a nickel in a candy machine. Similarly, candy machines aren't built with expensive mechanisms for detecting forged coins, and yet they work well in practice, and the overall level of abuse is low. Large-scale and/or persistent fraud must be detected and eliminated, but if the scheme delivers a volume of payments to the right parties that is roughly correct, we're happy. In our schemes the players are brokers, users, and vendors. Brokers authorize users to make micropayments to vendors, and redeem the payments collected by the vendors. While user-vendor relationships are transient, broker-user and broker-vendor relationships are long-term. In a typical transaction a vendor sells access to a WorldWide Web page for one cent. Since a user may access only a few pages before moving on, standard credit-card arrangements incur unacceptably high overheads. The first scheme, "PayWord," is a credit-based scheme, based on chains of "paywords" (hash values). Similar chains have been previously proposed for different purposes: by Lamport [9] and Haller (in S/Key) for access control [7], and by Winternitz [11] as a one-time signature scheme. The application of this
632 citations
"Do You Believe in Tinker Bell? The ..." refers methods in this paper
...In LIRA [14], the authors attempt to increase efficiency by introducing a probabilistic micropayment protocol into their design (in fact, the authors use a similar construction to MicroMint [22])....
[...]