We consider the polling problem in a social network: participants express support for a given option and expect an outcome reflecting the opinion of the majority. Individuals in a social network care about their reputation: they do not want their vote to be disclosed or any potential misbehavior to be publicly exposed. We exploit this social aspect of users to model dishonest behavior, and show that a simple secret sharing scheme, combined with lightweight verification procedures, enables private and accurate polling without requiring any central authority or cryptography. We present DPol, a simple and scalable distributed polling protocol in which misbehaving nodes are exposed with positive probability and in which the probability of honest participants having their privacy violated is traded off against the impact of dishonest participants on the accuracy of the polling result. The trade-off is captured by a generic parameter of the protocol, an integer k called the privacy parameter. In a system of N nodes with B dishonest participants, the probability of disclosing a participant’s vote is bounded by ( B / N ) k + 1 , whereas the impact on the score of each polling option is at most ( 3 k + 2 ) B , with high probability when dishonest users are a minority (i.e., B < N / 2 ), assuming nodes are uniformly spread across groups used by the system. When dishonest users are few (i.e., B < N ), the impact bound holds deterministically and our protocol is asymptotically accurate: there is negligible difference between the true result score of the poll and the outcome of our protocol. To demonstrate the practicality of DPol, we report on its deployment on 400 PlanetLab nodes. The relative error of the polling result is less than 10 % when faced with the message loss, crashes and delays inherent in PlanetLab. Our experiments show that the impact on the score of each polling option by dishonest nodes is ( 2 k + 1 ) B on average, consistently lower that the theoretical bound of ( 3 k + 2 ) B .
Read full abstract