Reclaiming privacy for smartphone applications

The scope of mobile phones has skyrocketed in recent years to such an extent that smartphone sales are expected to surpass those of PCs by the end of 2011. Equipped with relatively powerful processors and fairly large memory and storage capabilities, smartphones can accommodate increasingly complex interactive applications. As a result, the growing amount of sensitive information shared by smartphone users raises serious privacy concerns and motivates the need for appropriate privacy-preserving mechanisms. In this paper, we present a novel architecture geared for privacy-sensitive applications where personal information is shared among users and decisions are made based on given optimization criteria. Specifically, we focus on two application scenarios: (i) privacy-preserving interest sharing, i.e., discovering shared interests without leaking users' private information, and (ii) private scheduling, i.e., determining common availabilities and location preferences that minimize associate costs, without exposing any sensitive information. We propose efficient yet provably-private solutions, and conduct an extensive experimental analysis that attests to the practicality of the attained privacy features.

[1]  Emiliano De Cristofaro,et al.  (If) Size Matters: Size-Hiding Private Set Intersection , 2011, IACR Cryptol. ePrint Arch..

[2]  Christian Cachin,et al.  Efficient private bidding and auctions with an oblivious third party , 1999, CCS '99.

[3]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[4]  Rui Zhang,et al.  PriSense: Privacy-Preserving Data Aggregation in People-Centric Urban Sensing Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[5]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[6]  Valtteri Niemi,et al.  Privacy-preserving activity scheduling on mobile devices , 2011, CODASPY '11.

[7]  Rainer Böhme,et al.  Privacy-Enhanced Event Scheduling , 2009, 2009 International Conference on Computational Science and Engineering.

[8]  Ian Goldberg,et al.  Louis, Lester and Pierre: Three Protocols for Location Privacy , 2007, Privacy Enhancing Technologies.

[9]  Dimitris Gritzalis,et al.  Secure Electronic Voting , 2003, Advances in Information Security.

[10]  Nalini Venkatasubramanian,et al.  Privacy-preserving event detection in pervasive spaces , 2009, 2009 IEEE International Conference on Pervasive Computing and Communications.

[11]  Marcelo R. Campo,et al.  Chronos: A multi-agent system for distributed automatic meeting scheduling , 2009, Expert Syst. Appl..

[12]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[13]  Wenliang Du,et al.  A practical approach to solve Secure Multi-party Computation problems , 2002, NSPW '02.

[14]  Ben Y. Zhao,et al.  Preserving privacy in location-based mobile social applications , 2010, HotMobile '10.

[15]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[16]  Levent Ertaul,et al.  Computing Aggregation Function Minimum/Maximum using Homomorphic Encryption Schemes in Wireless Sensor Networks (WSNs) , 2007, ICWN.

[17]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[18]  Emiliano De Cristofaro,et al.  Linear-Complexity Private Set Intersection Protocols Secure in Malicious Model , 2010, ASIACRYPT.

[19]  Boi Faltings,et al.  Privacy-Preserving Multi-agent Constraint Satisfaction , 2009, 2009 International Conference on Computational Science and Engineering.

[20]  Makoto Yokoo,et al.  Secure distributed constraint satisfaction: reaching agreement without revealing private information , 2002, Artif. Intell..

[21]  Euiho Suh,et al.  Context-aware systems: A literature review and classification , 2009, Expert Syst. Appl..

[22]  Ge Zhong Distributed Approaches for Location Privacy , 2008 .

[23]  Sushil Jajodia,et al.  Privacy-Aware Proximity Based Services , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[24]  Christian S. Jensen,et al.  Preserving location and absence privacy in geo-social networks , 2010, CIKM '10.

[25]  Minho Shin,et al.  Anonysense: privacy-aware people-centric sensing , 2008, MobiSys '08.

[26]  Xiaomin Liu,et al.  Fast Secure Computation of Set Intersection , 2010, SCN.

[27]  Bart De Decker,et al.  On Securely Scheduling a Meeting , 2001, SEC.

[28]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[29]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[30]  G. S. Vernam,et al.  Cipher Printing Telegraph Systems For Secret Wire and Radio Telegraphic Communications , 1926, Transactions of the American Institute of Electrical Engineers.

[31]  Sanjit Chatterjee,et al.  A New Protocol for the Nearby Friend Problem , 2009, IMACC.

[32]  Gene Tsudik,et al.  QUEST Software and , 2022 .

[33]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[34]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[35]  Carmit Hazay,et al.  Efficient Set Operations in the Presence of Malicious Adversaries , 2010, Public Key Cryptography.

[36]  John C. Tang,et al.  Mobile taskflow in context: a screenshot study of smartphone usage , 2010, CHI.

[37]  Jacques Stern,et al.  Sharing Decryption in the Context of Voting or Lotteries , 2000, Financial Cryptography.

[38]  Paul Johns,et al.  Working Overtime: Patterns of Smartphone and PC Usage in the Day of an Information Worker , 2009, Pervasive.