SDDR: Light-Weight, Secure Mobile Encounters

Emerging mobile social apps use short-range radios to discover nearby devices and users. The device discovery protocol used by these apps must be highly energy-efficient since it runs frequently in the background. Also, a good protocol must enable secure communication (both during and after a period of device co-location), preserve user privacy (users must not be tracked by unauthorized third parties), while providing selective linkability (users can recognize friends when strangers cannot) and efficient silent revocation (users can permanently or temporarily cloak themselves from certain friends, unilaterally and without re-keying their entire friend set). We introduce SDDR (Secure Device Discovery and Recognition), a protocol that provides secure encounters and satisfies all of the privacy requirements while remaining highly energy-efficient. We formally prove the correctness of SDDR, present a prototype implementation over Bluetooth, and show how existing frameworks, such as Haggle, can directly use SDDR. Our results show that the SDDR implementation, run continuously over a day, uses only ∼10% of the battery capacity of a typical smartphone. This level of energy consumption is four orders of magnitude more efficient than prior cryptographic protocols with proven security, and one order of magnitude more efficient than prior (unproven) protocols designed specifically for energy-constrained devices.

[1]  Vitaly Shmatikov,et al.  "You Might Also Like:" Privacy Risks of Collaborative Filtering , 2011, 2011 IEEE Symposium on Security and Privacy.

[2]  Rui Zhang,et al.  Privacy-preserving spatiotemporal matching , 2013, 2013 Proceedings IEEE INFOCOM.

[3]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[4]  Dong Xuan,et al.  E-SmallTalker: A Distributed Mobile System for Social Networking in Physical Proximity , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[5]  Emiliano De Cristofaro,et al.  (If) Size Matters: Size-Hiding Private Set Intersection , 2011, IACR Cryptol. ePrint Arch..

[6]  Ely Porat,et al.  An Optimal Bloom Filter Replacement Based on Matrix Solving , 2008, CSR.

[7]  Srinivasan Seshan,et al.  Improving wireless privacy with an identifier-free link layer protocol , 2008, MobiSys '08.

[8]  Salvatore J. Stolfo,et al.  Privacy-Preserving Sharing of Sensitive Information , 2010, IEEE Secur. Priv..

[9]  Xiaomin Liu,et al.  Fast Secure Computation of Set Intersection , 2010, SCN.

[10]  Michiel H. M. Smid,et al.  On the false-positive rate of Bloom filters , 2008, Inf. Process. Lett..

[11]  Sven Laur,et al.  Efficient Mutual Data Authentication Using Manually Authenticated Strings , 2006, CANS.

[12]  Elaine Shi,et al.  EnCore: private, context-based communication for mobile social apps , 2014, MobiSys.

[13]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, Journal of Cryptology.

[14]  Shirley M. Radack Updated Digital Signature Standard Approved as Federal Information Processing Standard (FIPS)186-3 | NIST , 2009 .

[15]  Marco Gruteser,et al.  Enhancing Location Privacy in Wireless LAN Through Disposable Interface Identifiers: A Quantitative Analysis , 2003, WMASH '03.

[16]  Helen J. Wang,et al.  A Framework for Location Privacy in Wireless Networks , 2005 .

[17]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[18]  Jin Teng,et al.  D-Card: A distributed mobile phone based system for relaying verified friendships , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[19]  Murphy J. Stephen,et al.  You Might Also Like , 2014 .

[20]  Emmanuel Bresson,et al.  Provably secure authenticated group Diffie-Hellman key exchange , 2007, TSEC.

[21]  Dina Katabi,et al.  Secure In-Band Wireless Pairing , 2011, USENIX Security Symposium.

[22]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[23]  Changyu Dong,et al.  When private set intersection meets big data: an efficient and scalable protocol , 2013, CCS.

[24]  Marco Gruteser,et al.  Wireless device identification with radiometric signatures , 2008, MobiCom '08.

[25]  Emiliano De Cristofaro,et al.  Do I know you?: efficient and privacy-preserving common friend-finder protocols and applications , 2013, ACSAC.

[26]  Eyal de Lara,et al.  Haggle: Seamless Networking for Mobile Applications , 2007, UbiComp.

[27]  Christian Gehrmann,et al.  Manual authentication for wireless devices , 2004 .

[28]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[29]  Yijie Wang,et al.  BCE: A privacy-preserving common-friend estimation method for distributed online social networks without cryptography , 2012, 7th International Conference on Communications and Networking in China.

[30]  Emiliano De Cristofaro,et al.  Linear-Complexity Private Set Intersection Protocols Secure in Malicious Model , 2010, ASIACRYPT.

[31]  Aziz Mohaisen,et al.  Secure Encounter-Based Mobile Social Networks: Requirements, Designs, and Tradeoffs , 2013, IEEE Transactions on Dependable and Secure Computing.

[32]  Hung-Min Sun,et al.  SPATE: Small-Group PKI-Less Authenticated Trust Establishment , 2010, IEEE Transactions on Mobile Computing.

[33]  Serge Vaudenay,et al.  Secure Communications over Insecure Channels Based on Short Authenticated Strings , 2005, CRYPTO.

[34]  Landon P. Cox,et al.  SmokeScreen: flexible privacy controls for presence-sharing , 2007, MobiSys '07.

[35]  BressonEmmanuel,et al.  Provably secure authenticated group Diffie-Hellman key exchange , 2007 .

[36]  Chiemi Watanabe,et al.  Privacy-Preserving Queries for a DAS Model Using Encrypted Bloom Filter , 2009, DASFAA.

[37]  Justin Manweiler,et al.  SMILE: encounter-based trust for mobile social services , 2009, CCS.

[38]  Andrei Broder,et al.  Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[39]  Nitesh Saxena,et al.  Authenticated Key Agreement with Key Re-use in the Short Authenticated Strings Model , 2010, SCN.

[40]  Lionel M. Ni,et al.  PrudentExposure: a private and user-centric service discovery protocol , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.