Message in a Sealed Bottle: Privacy Preserving Friending in Mobile Social Networks

Many proximity-based mobile social networks are developed to facilitate connections between any two people, or to help a user to find people with a matched profile within a certain distance. A challenging task in these applications is to protect the privacy of the participants' profiles and communications. In this paper, we design novel mechanisms, when given a preference-profile submitted by a user, that search persons with matching-profile in decentralized mobile social networks. Meanwhile, our mechanisms establish a secure communication channel between the initiator and matching users at the time when a matching user is found. These techniques can also be applied to conduct privacy preserving keywords based search without any secure communication channel. Our analysis shows that our mechanism is privacy-preserving (no participants' profile and the submitted preference-profile are exposed), verifiable (both the initiator and any unmatched user cannot cheat each other to pretend to be matched), and efficient in both communication and computation. Extensive evaluations using real social network data, and actual system implementation on smart phones show that our mechanisms are significantly more efficient than existing solutions.

[1]  Yuguang Fang,et al.  Privacy and security for online social networks: challenges and opportunities , 2010, IEEE Network.

[2]  Yunhao Liu,et al.  Verifiable private multi-party computation: Ranging and ranking , 2013, 2013 Proceedings IEEE INFOCOM.

[3]  Xiang-Yang Li,et al.  Privacy preserving cloud data access with multi-authorities , 2012, 2013 Proceedings IEEE INFOCOM.

[4]  Gustavo Alonso,et al.  Enabling social networking in ad hoc networks of mobile phones , 2009, Proc. VLDB Endow..

[5]  Shaojie Tang,et al.  Mechanism Design for Finding Experts Using Locally Constructed Social Referral Web , 2015, IEEE Transactions on Parallel and Distributed Systems.

[6]  Ming Li,et al.  FindU: Privacy-preserving personal profile matching in mobile social networks , 2011, 2011 Proceedings IEEE INFOCOM.

[7]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[8]  Shankar Kumar,et al.  Normalization of non-standard words , 2001, Comput. Speech Lang..

[9]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[10]  Yao Zheng,et al.  SHARP: Private Proximity Test and Secure Handshake with Cheat-Proof Location Tags , 2012, ESORICS.

[11]  Taeho Jung,et al.  Search me if you can: Privacy-preserving location query service , 2012, 2013 Proceedings IEEE INFOCOM.

[12]  Serge Vaudenay,et al.  SAS-Based Authenticated Key Agreement , 2006, Public Key Cryptography.

[13]  Xiang-Yang Li,et al.  Control Cloud Data Access Privilege and Anonymity With Fully Anonymous Attribute-Based Encryption , 2016, IEEE Transactions on Information Forensics and Security.

[14]  Mikhail J. Atallah,et al.  A secure protocol for computing dot-products in clustered and distributed environments , 2002, Proceedings International Conference on Parallel Processing.

[15]  David K. Y. Yau,et al.  Privacy vulnerability of published anonymous mobility traces , 2010, MobiCom.

[16]  Frank Stajano,et al.  The Resurrecting Duckling: security issues for ubiquitous computing , 2002, S&P 2002.

[17]  Andrei Mikheev,et al.  Document centered approach to text normalization , 2000, SIGIR '00.

[18]  Xiang-Yang Li,et al.  Collusion-Tolerable Privacy-Preserving Sum and Product Calculation without Secure Channel , 2015, IEEE Transactions on Dependable and Secure Computing.

[19]  Shaojie Tang,et al.  Relationship classification in large scale online social networks and its impact on information propagation , 2011, 2011 Proceedings IEEE INFOCOM.

[20]  Dong Xuan,et al.  E-SmallTalker: A Distributed Mobile System for Social Networking in Physical Proximity , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[21]  Roger Wattenhofer,et al.  VENETA: Serverless Friend-of-Friend Detection in Mobile Social Networking , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[22]  Yunhao Liu,et al.  Cloud-based Privacy Preserving Image Storage, Sharing and Search , 2014, ArXiv.

[23]  Xiang-Yang Li,et al.  Ranking of Closeness Centrality for Large-Scale Social Networks , 2008, FAW.

[24]  Yin Zhang,et al.  Secure friend discovery in mobile social networks , 2011, 2011 Proceedings IEEE INFOCOM.

[25]  Guanhua Yan,et al.  Fine-grained private matching for proximity-based mobile social networking , 2012, 2012 Proceedings IEEE INFOCOM.

[26]  Shaojie Tang,et al.  Privacy-preserving data aggregation without secure channel: Multivariate polynomial evaluation , 2013, 2013 Proceedings IEEE INFOCOM.

[27]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[28]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[29]  Xiang-Yang Li,et al.  WiFace: a secure geosocial networking system using WiFi-based multi-hop MANET , 2010, MCS '10.

[30]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[31]  Timothy Baldwin,et al.  Lexical Normalisation of Short Text Messages: Makn Sens a #twitter , 2011, ACL.

[32]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[33]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[34]  Yunhao Liu,et al.  Outsource Photo Sharing and Searching for Mobile Devices With Privacy Protection , 2014, ArXiv.