Paper 2013/620

Do I know you? -- Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications

Marcin Nagy, Emiliano De Cristofaro, Alexandra Dmitrienko, N. Asokan, and Ahmad-Reza Sadeghi

Abstract

The increasing penetration of Online Social Networks (OSNs) prompts the need for effectively accessing and utilizing social networking information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends. This paper introduces the Common Friends service, a framework for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First, we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to enforce access control based on users' social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the context of an existing application for sharing (tethered) Internet access, whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.

Note: A preliminary version of this paper appears in ACSAC'13 -- this is the full version

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. ACSAC'13
Keywords
Privacy enhancing technologiessocial networksaccess control
Contact author(s)
me @ emilianodc com
History
2013-09-27: received
Short URL
https://ia.cr/2013/620
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/620,
      author = {Marcin Nagy and Emiliano De Cristofaro and Alexandra Dmitrienko and N.  Asokan and Ahmad-Reza Sadeghi},
      title = {Do I know you? -- Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2013/620},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/620}},
      url = {https://eprint.iacr.org/2013/620}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.