Efficient private techniques for verifying social proximity
Download
1 / 19

Efficient Private Techniques for Verifying Social Proximity - PowerPoint PPT Presentation


  • 58 Views
  • Uploaded on

Efficient Private Techniques for Verifying Social Proximity. Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet. Outline. Introduction The Problem Motivation Model Constructions Discussion. Introduction. Transitive trust relationships

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Efficient Private Techniques for Verifying Social Proximity' - philip-avila


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Efficient private techniques for verifying social proximity

Efficient Private Techniques for Verifying Social Proximity

Michael J. Freedman and Antonio Nicolosi

Discussion by: A. ZiadHatahet


Outline
Outline

  • Introduction

  • The Problem

  • Motivation

  • Model

  • Constructions

  • Discussion


Introduction
Introduction

  • Transitive trust relationships

  • Goal: to leverage social relationships to guide interactions with others users in online systems that use social networks.

  • Email or IM contexts

    • Black/white-listing


The problem
The Problem

  • Compare list of friends/contacts and find intersection

  • Privacy issues


Motivation
Motivation

  • Content-based spam filters

    • False positives

  • Whitelists

    • Forge From: addresses

    • Does not accept email from previously unknown sources

    • Populating requires manual effort

  • RE:

    • Automatically expands set of senders who to accept email from by examining user’s social network

    • Does not prevent parties from “lying” about information they present (friends they give out)


Model
Model

  • Social network can be modeled as a directed graph where a presence of an arc (or ) indicates existence of social relationship

  • Find bridgingfriends and

  • Privacy concerns


Model1
Model

  • Social link should express consent of both parties

  • Forward trust

    • ,

  • Backward authorization

    • ,


Constructions
Constructions

  • Hash-based construction

  • Privacy in the face of collusions


Hash based implementation
Hash-Based Implementation

  • Each user R has a signing/verification key pair SKR/VKR, and a secret seed for cryptographic pseudo-random hash function F

  • For each social link , user R creates an attestation for user X and sends it along with . R receives from X.

  • Each arc is associated with a (pseudo-)random key (a-value)


Privacy in the face of collusions
Privacy in the Face of Collusions

  • Backward authorization implemented in hash-based scheme is transferable

  • Hash-based scheme, R gives out the same secret to all X s.t.

  • Solution: different shared secret key to each X

  • Proximity check protocol uses same overall structure as that of hash-based scheme


Discussion
Discussion

  • Where else can this be applied?

    • P2P file sharing

    • Bluetooth

    • Phone services/VoIP

  • Does the model make sense?

    • It is assumed that system has proximity check mechanism

    • Can be implemented at a higher level?

  • How to transfer attestations?


Discussion1
Discussion

  • How to revoke attestations?

    • Time limit

  • Is collusion a privacy concern?

    • Would share their resources anyway!

  • What are the effects of multi-hop proximity?

    • Is it practical/safe?


Discussion2
Discussion

  • How would a malicious user exploit the system?

    • Viruses

    • Sybil attacks

    • Are the consequences worse?

  • Anything else?


Proximity checking
Proximity Checking

  • Consider , and

  • For , S encrypts attestation

    • where is a secure symmetric cipher

    • and

  • S also includes

    • tab


Proximity checking1
Proximity Checking

  • S creates list of tabbed encrypted attestations (one for each incoming social relationship), and sends to R along with request


Proximity checking2
Proximity Checking

  • User R processes list by looking at tab components

  • Looks for relationships of the form

  • Since R holds

    • can compute

    • Generates own set of tabs

    • Compares with received from S


Proximity checking3
Proximity Checking

  • Match between tabs guarantees same seed was used by both R and S

  • Bridging friend T revealed

  • R computes key and decrypts encrypted attestation, recovering

  • Concludes and



ad