In this thesis we consider reputation systems and their security from a cryptographic perspective. The security properties a reputation system has to provide, as well as attacks against them and appropriate countermeasures, are extensively discussed in the literature and well understood. However, no generally accepted security model has emerged. This is due to the fact that some properties seem to mutually exclude each other, which complicates the design of models for secure reputation systems. Interestingly, each of the security properties can be realized with cryptographic primitives, albeit not necessarily simultaneously. Hence, it is reasonable to analyze the security of reputation systems in a cryptographic context. Our main contribution is the design of two models for cryptographically secure reputation systems. The first model we propose follows an experiment-based approach to define security and extends the model of (dynamic) group signatures. Experiment-based security definitions have the advantage that they allow one to precisely formalize the desired security properties. But this approach is also susceptible to miss subtle details in the security definition. Therefore, we propose a second model, defined as an ideal functionality in the Universal Composability Framework. This ideal functionality defines security implicitly and is therefore able to cover subtle security properties, and is also able to overcome certain other disadvantages of the first model. Furthermore, the second model eliminates some disadvantages of the first model. Moreover, the Universal Composability Framework guarantees security for concurrently composed applications, which is an important property for reputation systems. For both security models we additionally provide efficient constructions of reputation systems that are provably secure in their respective model.