Secret interest groups (SIGs) in social networks with an implementation on Facebook

In this paper we present the first framework that allows the creation of Secret Interest Groups (SIGs) in Online Social Networks; SIGs are self managed groups formed outside of the social network, around secret, sensitive or private topics. Members exchange credentials that can be used inside the social network to authenticate upon friendship requests or to secure user-generated content. To this end we present a set of cryptographic algorithms leveraging on well-studied primitives, and we describe a java implementation of the framework for Facebook.

[1]  K. Kurosawa,et al.  New EIGamal Type Threshold Digital Signature Scheme , 1996 .

[2]  Dan Boneh,et al.  Digital Signature Standard , 2005, Encyclopedia of Cryptography and Security.

[3]  Dirk Fox,et al.  Digital Signature Standard (DSS) , 2001, Datenschutz und Datensicherheit.

[4]  Torben P. Pedersen Distributed Provers with Applications to Undeniable Signatures , 1991, EUROCRYPT.

[5]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[6]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[7]  Mihir Bellare,et al.  OCB: a block-cipher mode of operation for efficient authenticated encryption , 2001, CCS '01.

[8]  Kaoru KUROSAWAzy New Elgamal Type Threshold Digital Signature Scheme , 1996 .

[9]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[10]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[11]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[12]  Yvo Desmedt,et al.  Society and Group Oriented Cryptography: A New Concept , 1987, CRYPTO.

[13]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[14]  Sushil Jajodia,et al.  Redistributing Secret Shares to New Access Structures and Its Applications , 1997 .

[15]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[16]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[17]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[18]  Diana K. Smetters,et al.  Secret handshakes from pairing-based key agreements , 2003, 2003 Symposium on Security and Privacy, 2003..

[19]  Ninghui Li,et al.  Oblivious signature-based envelope , 2003, PODC '03.

[20]  Gene Tsudik,et al.  Revisiting Oblivious Signature-Based Envelopes , 2006, Financial Cryptography.

[21]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).