Privacy Preserving Payments in Credit Networks: Enabling trust with privacy in online marketplaces

A credit network models trust between agents in a distributed environment and enables payments between arbitrary pairs of agents. With their flexible design and robustness against intrusion, credit networks form the basis of several Sybil-tolerant social networks, spam-resistant communication protocols, and payment systems. Existing systems, however, expose agents’ trust links as well as the existence and volumes of payment transactions, which is considered sensitive information in social environments or in the financial world. This raises a challenging privacy concern, which has largely been ignored by the research on credit networks so far. This paper presents PrivPay, the first provably secure privacypreserving payment protocol for credit networks. The distinguishing feature of PrivPay is the obliviousness of transactions, which entails strong privacy guarantees for payments. PrivPay does not require any trusted third party, maintains a high accuracy of the transactions, and provides an economical solution to network service providers. It is also general-purpose trusted hardwarebased solution applicable to all credit network-based systems. We implemented PrivPay and demonstrated its practicality by privately emulating transactions performed in the Ripple payment system over a period of four months.

[1]  Barbara Carminati,et al.  Private Relationships in Social Networks , 2007, 2007 IEEE 23rd International Conference on Data Engineering Workshop.

[2]  Aziz Mohaisen,et al.  Dynamix: anonymity on dynamic social structures , 2013, ASIA CCS '13.

[3]  Prateek Mittal,et al.  Pisces: Anonymous Communication Using Social Networks , 2013, NDSS.

[4]  Ben Y. Zhao,et al.  Sharing graphs using differentially private graph models , 2011, IMC '11.

[5]  Keith W. Ross,et al.  I Know What You're Buying: Privacy Breaches on eBay , 2014, Privacy Enhancing Technologies.

[6]  Carmela Troncoso,et al.  Drac: An Architecture for Anonymous Low-Volume Communications , 2010, Privacy Enhancing Technologies.

[7]  Elaine Shi,et al.  Towards Practical Oblivious RAM , 2011, NDSS.

[8]  David M. Pennock,et al.  Mechanism Design on Trust Networks , 2007, WINE.

[9]  Yefim Dinitz,et al.  Dinitz' Algorithm: The Original Version and Even's Version , 2006, Essays in Memory of Shimon Even.

[10]  Michael P. Wellman,et al.  Strategic formation of credit networks , 2012, WWW.

[11]  Earl T. Barr,et al.  TrustDavis: a non-exploitable online reputation system , 2005, Seventh IEEE International Conference on E-Commerce Technology (CEC'05).

[12]  M. Mobius,et al.  Trust and Social Collateral , 2007 .

[13]  G. Sicuranza,et al.  The landmark hierarchy: A new hierarchy for routing in very large networks , 1988 .

[14]  Aziz Mohaisen,et al.  Keep your friends close: Incorporating trust into social network-based Sybil defenses , 2011, 2011 Proceedings IEEE INFOCOM.

[15]  Ramesh Govindan,et al.  Liquidity in credit networks: a little trust goes a long way , 2011, EC '11.

[16]  Elaine Shi,et al.  Path ORAM: an extremely simple oblivious RAM protocol , 2012, CCS.

[17]  Krishna P. Gummadi,et al.  Ostra: Leveraging Trust to Thwart Unwanted Communication , 2008, NSDI.

[18]  Peter Williams,et al.  Building castles out of mud: practical access pattern privacy and correctness on untrusted storage , 2008, CCS.

[19]  Helen Nissenbaum,et al.  A Critical Look at Decentralized Personal Data Architectures , 2012, ArXiv.

[20]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[21]  Radu Sion,et al.  TrustedDB: A Trusted Hardware based Outsourced Database Engine , 2011, Proc. VLDB Endow..

[22]  Marina Blanton,et al.  Data-oblivious graph algorithms for secure computation and outsourcing , 2013, ASIA CCS '13.

[23]  Michael P. Wellman,et al.  An empirical game-theoretic analysis of credit network formation , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[24]  Alan Mislove,et al.  Iolaus: securing online content rating systems , 2013, WWW.

[25]  George Danezis,et al.  An Automated Social Graph De-anonymization Technique , 2014, WPES.

[26]  Donald F. Towsley,et al.  Resisting structural re-identification in anonymized social networks , 2010, The VLDB Journal.

[27]  Dmitri Asonov Querying Databases Privately: A New Approach to Private Information Retrieval , 2004, Lecture Notes in Computer Science.

[28]  Ashish Choudhury,et al.  Asynchronous MPC with a strict honest majority using non-equivocation , 2014, PODC '14.

[29]  Alan Mislove,et al.  Bazaar: Strengthening User Reputations in Online Marketplaces , 2011, NSDI.

[30]  Dawn Xiaodong Song,et al.  Preserving Link Privacy in Social Network Based Systems , 2012, NDSS.

[31]  Sean W. Smith Outbound authentication for programmable secure coprocessors , 2004, International Journal of Information Security.

[32]  Aziz Mohaisen,et al.  Trustworthy Distributed Computing on Social Networks , 2013, IEEE Transactions on Services Computing.

[33]  Elaine Shi,et al.  PHANTOM: practical oblivious computation in a secure processor , 2013, CCS.

[34]  Ariel J. Feldman,et al.  Privacy and Integrity are Possible in the Untrusted Cloud , 2012, IEEE Data Eng. Bull..

[35]  Lise Getoor,et al.  Preserving the Privacy of Sensitive Relationships in Graph Data , 2007, PinKDD.

[36]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[37]  D. R. Fulkerson,et al.  Maximal Flow Through a Network , 1956 .

[38]  Andrew V. Goldberg,et al.  A new approach to the maximum flow problem , 1986, STOC '86.

[39]  Mark Ryan,et al.  Verifying privacy-type properties of electronic voting protocols , 2009, J. Comput. Secur..

[40]  Aniket Kate,et al.  ObliviAd: Provably Secure and Practical Online Behavioral Advertising , 2012, 2012 IEEE Symposium on Security and Privacy.

[41]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[42]  Krishna P. Gummadi,et al.  Canal: scaling social network-based Sybil tolerance schemes , 2012, EuroSys '12.