Glycos: The Basis for a Peer-to-Peer, Private Online Social Network

  • Ruben De SmetEmail author
  • Ann Dooms
  • An Braeken
  • Jo Pierson
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 547)


Typical Web 2.0 applications are built on abstractions, allowing developers to rapidly and securely develop new features. For decentralised applications, these abstractions are often poor or non-existent.

By proposing a set of abstract but generic building blocks for the development of peer-to-peer (decentralised), private online social networks, we aim to ease the development of user-facing applications. Additionally, an abstract programming system decouples the application from the data model, allowing to alter the front-end independently from the back-end.

The proposed proof-of-concept protocol is based on existing cryptographic building blocks, and its viability is assessed in terms of performance.


Online social network Peer-to-peer Privacy by design Privacy 


  1. 1.
    Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n signatures from a variety of keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002). Scholar
  2. 2.
    Agre, P.E., Rotenberg, M.: Technology and Privacy: The New Landscape. MIT Press, Cambridge (1998)Google Scholar
  3. 3.
    Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. J. Cryptol. 22(1), 1–61 (2009)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006). ISBN 978-3-540-33852-9CrossRefGoogle Scholar
  5. 5.
    Bertino, E., Byun, J.-W., Li, N.: Privacy-preserving database systems. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2004-2005. LNCS, vol. 3655, pp. 178–206. Springer, Heidelberg (2005). Scholar
  6. 6.
    Bertoni, G., et al.: Keccak sponge function family main document. In: Submission to NIST (Round 2), vol. 3, p. 30 (2009)Google Scholar
  7. 7.
    Buchegger, S., et al.: PeerSoN: P2P social networking - early experiences and insights. In: Proceedings of the Second ACM Workshop on Social Network Systems Social Network Systems 2009, co-located with Eurosys 2009, Nüurnberg, Germany, March 2009, pp. 46–52 (2009)Google Scholar
  8. 8.
    Cao, N., et al.: Privacy-preserving query over encrypted graph-structured data in cloud computing. In: 2011 31st International Conference on Distributed Computing Systems (ICDCS), pp. 393–402. IEEE (2011)Google Scholar
  9. 9.
    Datanyze: Email Hosting Market Share Report. Datanyze, 12 June 2018. Accessed 14 June 2018
  10. 10.
    Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Graham-Harrison, E., Cadwalladr, C.: Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. In: The Guardian, March 2018.
  12. 12.
    Irvine, D.: MaidSafe Distributed File System. Technical report (2010)Google Scholar
  13. 13.
    Khan, O.: Major email provider trends in 2015: Gmail’s Lead in- creases. Mailchimp, 15 July 2015.
  14. 14.
    Lambert, N., Ma, Q., Irvine, D.: The Decentralised Network Token. Technical report MaidSafe, Technical report, Safecoin (2015)Google Scholar
  15. 15.
    Lamport, L.: Time, clocks and the ordering of events in a distributed system. Commun. ACM 21(7), 558–565 (1978)CrossRefGoogle Scholar
  16. 16.
    Lassila, O., Swick, R.R.: Resource Description Framework (RDF): Model and Syntax. W3C Recommendation. W3C (1997). Accessed 20 Oct 2017
  17. 17.
    Lewis, S.J.: On emergent centralization (2018). Accessed 31 Oct 2018
  18. 18.
    Lewkowicz, K.: Here’s What We Learned After Tracking 17 Billion Email Opens [Infographic], 21 March 2017. Accessed 14 June 2018
  19. 19.
    Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002). Scholar
  20. 20.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). Scholar
  21. 21.
    Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management (2010)Google Scholar
  22. 22.
    Platform for Privacy Preferences (P3P) Project. W3C Recommendation. W3C, February 2014. Accessed 31 Oct 2018
  23. 23.
    Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), 27 April 2016Google Scholar
  24. 24.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). Scholar
  25. 25.
    Van Saberhagen, N.: Cryptonote v2.0 (2013)Google Scholar
  26. 26.
    Schnorr, C.-P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)CrossRefGoogle Scholar
  27. 27.
    Schnorr, C.-P.: Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system. U.S. pat. 4995082, February 1991Google Scholar
  28. 28.
    Soler, C.: A Generic Data Exchange System for Friend-to-Friend Net- works. Technical report, INRIA Grenoble-Rhone-Alpes (2017)Google Scholar
  29. 29.
    Todd, P.: [bitcoin-development] Stealth addresses (2014). Accessed 12 Feb 2017
  30. 30.
    Troncoso, C., et al.: Systematizing decentralization and privacy: lessons from 15 years of research and deployments. In: Proceedings on Privacy Enhancing Technologies, vol. 2017, no. 4, pp. 404–426 (2017)CrossRefGoogle Scholar
  31. 31.
    user ‘bytecoin’. Untraceable transactions which can contain a secure message are inevitable (2011). Accessed 12 Feb 2017

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  • Ruben De Smet
    • 1
    Email author
  • Ann Dooms
    • 1
  • An Braeken
    • 1
  • Jo Pierson
    • 1
  1. 1.Vrije Universiteit BrusselBrusselsBelgium

Personalised recommendations