Advertisement

Private Discovery of Common Social Contacts

  • Emiliano De Cristofaro
  • Mark Manulis
  • Bertram Poettering
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6715)

Abstract

The increasing use of computing devices for social interactions propels the proliferation of online social applications, yet, it prompts a number of privacy concerns. One common problem occurs when two unfamiliar users, in the process of establishing social relationships, want to assess their social proximity by discovering mutual contacts. In this paper, we introduce Private Contact Discovery, a novel cryptographic primitive that lets two users, on input their respective contact lists, learn their common contacts (if any), and nothing else. We present an efficient and provably secure construction, that (i) prevents arbitrary list manipulation by means of contact certification, and (ii) guarantees user authentication and revocability. Following a rigorous cryptographic treatment of the problem, we define the privacy-protecting contact-hiding property and prove it for our solution, under the RSA assumption in the Random Oracle Model (ROM). We also show that other related cryptographic techniques, such as Private Set Intersection and Secret Handshakes, are unsuitable in this context. Experimental analysis attests to the practicality of our technique, which achieves computational and communication overhead (almost) linear in the number of contacts.

Keywords

Random Oracle Model Contact List Protocol Execution User Versus Anonymous Credential 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ahtiainen, A., Kalliojarvi, K., Kasslin, M., Leppanen, K., Richter, A., Ruuska, P., Wijting, C.: Awareness Networking in Wireless Environments: Means of Exchanging Information. IEEE Vehicular Technology Magazine, 48–54 (2009)Google Scholar
  2. 2.
    Ateniese, G., De Cristofaro, E., Tsudik, G.: (If) Size Matters: Size-Hiding Private Set Intersection. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 156–173. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  3. 3.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D.K., Staddon, J., Wong, H.-C.: Secret Handshakes from Pairing-Based Key Agreements. In: IEEE Symposium on Security and Privacy, pp. 180–196 (2003)Google Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM CCS, pp. 62–73 (1993)Google Scholar
  5. 5.
    Boudot, F., Schoenmakers, B., Traoré, J.: A Fair and Efficient Solution to the Socialist Millionaires’ Problem. Discrete Applied Mathematics 111(1-2), 23–36 (2001)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Bradshaw, R., Holt, J., Seamons, K.: Concealing Complex Policies with Hidden Credentials. In: ACM CCS, pp. 146–157 (2004)Google Scholar
  7. 7.
    Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)Google Scholar
  8. 8.
    Camenisch, J., Casati, N., Groß, T., Shoup, V.: Credential Authenticated Identification and Key Exchange. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 255–276. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Camenisch, J., Zaverucha, G.M.: Private intersection of certified sets. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 108–127. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Castelluccia, C., Jarecki, S., Tsudik, G.: Secret Handshakes from CA-Oblivious Encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Chiou, S., Chang, S., Sun, H.: Common Friends Discovery with Privacy and Authenticity. In: IAS, pp. 337–340 (2009)Google Scholar
  13. 13.
    Dachman-Soled, D., Malkin, T., Raykova, M., Yung, M.: Efficient Robust Private Set Intersection. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 125–142. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  14. 14.
    De Cristofaro, E., Kim, J., Tsudik, G.: Linear-Complexity Private Set Intersection Protocols Secure in Malicious Model. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 213–231. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    De Cristofaro, E., Tsudik, G.: Practical Private Set Intersection Protocols with Linear Complexity. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 143–159. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Desmedt, Y.: Securing Traceability of Ciphertexts - Towards a Secure Software Key Escrow System. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 147–157. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  17. 17.
    Diehl, C., Namata, G., Getoor, L.: Relationship Identification for Social Network Discovery. AAAI 22(1), 546–552 (2007)Google Scholar
  18. 18.
    Free Software Foundation. The GNU MP Bignum Library, http://gmplib.org/
  19. 19.
    Freedman, M.J., Nicolosi, A.: Efficient Private Techniques for Verifying Social Proximity. In: IPTPS (2007)Google Scholar
  20. 20.
    Freedman, M.J., Nissim, K., Pinkas, B.: Efficient Private Matching and Set Intersection. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 1–19. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  21. 21.
    Goldreich, O., Micali, S., Wigderson, A.: How to Play any Mental Game or A Completeness Theorem for Protocols with Honest Majority. In: 19th STOC, pp. 218–229 (1987)Google Scholar
  22. 22.
    Günther, F., Manulis, M., Strufe, T.: Cryptographic Treatments of Private User Profiles. In: Financial Cryptography Workshops. Springer, Heidelberg (2011), http://eprint.iacr.org/2011/064 Google Scholar
  23. 23.
    Hazay, C., Lindell, Y.: Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 155–175. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  24. 24.
    Hazay, C., Nissim, K.: Efficient Set Operations in the Presence of Malicious Adversaries. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 312–331. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  25. 25.
    Huberman, B., Franklin, M., Hogg, T.: Enhancing Privacy and Trust in Electronic Communities. In: ACM Conference on Electronic Commerce, pp. 78–86 (1999)Google Scholar
  26. 26.
    Jarecki, S., Kim, J., Tsudik, G.: Beyond Secret Handshakes: Affiliation-Hiding Authenticated Key Exchange. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 352–369. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. 27.
    Jarecki, S., Liu, X.: Affiliation-Hiding Envelope and Authentication Schemes with Efficient Support for Multiple Credentials. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 715–726. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  28. 28.
    Jarecki, S., Liu, X.: Private Mutual Authentication and Conditional Oblivious Transfer. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 90–107. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  29. 29.
    Jarecki, S., Liu, X.: Fast Secure Computation of Set Intersection. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 418–435. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  30. 30.
    Kissner, L., Song, D.X.: Privacy-Preserving Set Operations. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 241–257. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  31. 31.
    Korolova, A., Motwani, R., Nabar, S., Xu, Y.: Link Privacy in Social Networks. In: CIKM, pp. 289–298 (2008)Google Scholar
  32. 32.
    Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  33. 33.
    Manulis, M., Pinkas, B., Poettering, B.: Privacy-Preserving Group Discovery with Linear Complexity. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 420–437. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  34. 34.
    Manulis, M., Poettering, B.: Practical Affiliation-Hiding Authentication from Improved Polynomial Interpolation. In: ACM ASIACCS, pp. 286–295 (2011), http://eprint.iacr.org/2010/659
  35. 35.
    Manulis, M., Poettering, B., Tsudik, G.: Affiliation-Hiding Key Exchange with Untrusted Group Authorities. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 402–419. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  36. 36.
    Manulis, M., Poettering, B., Tsudik, G.: Taming Big Brother Ambitions: More Privacy for Secret Handshakes. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 149–165. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  37. 37.
    Okamoto, E.: Key Distribution Systems Based on Identification Information. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 194–202. Springer, Heidelberg (1988)Google Scholar
  38. 38.
    Pons, P., Latapy, M.: Computing Communities in Large Networks Using Random Walks. In: Yolum, p., Güngör, T., Gürgen, F., Özturan, C. (eds.) ISCIS 2005. LNCS, vol. 3733, pp. 284–293. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  39. 39.
    The Facebook, Inc. Facebook’s statistics (2010), http://www.facebook.com/press/info.php?statistics
  40. 40.
    Von Arb, M., Bader, M., Kuhn, M., Wattenhofer, R.: Veneta: Serverless Friend-of-Friend Detection in Mobile Social Networking. In: WiMob, pp. 184–189 (2008)Google Scholar
  41. 41.
    Xu, S., Yung, M.: k-Anonymous Secret Handshakes with Reusable Credentials. In: ACM CCS, pp. 158–167 (2004)Google Scholar
  42. 42.
    Yao, A.: How to Generate and Exchange Secrets. In: 27th FOCS, pp. 162–167 (1986)Google Scholar
  43. 43.
    Yu, P.S., Han, J., Faloutsos, C.: Link Mining: Models, Algorithms, and Applications. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  44. 44.
    Zheleva, E., Getoor, L., Golbeck, J., Kuter, U.: Using Friendship Ties and Family Circles for Link Prediction. In: SNA-KDD, pp. 97–113 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Emiliano De Cristofaro
    • 1
  • Mark Manulis
    • 2
  • Bertram Poettering
    • 2
  1. 1.Computer Science DepartmentUniversity of CaliforniaIrvineUSA
  2. 2.Cryptographic Protocols GroupTU Darmstadt & CASEDGermany

Personalised recommendations