Abstract
Online Social Networks (OSNs) are online services that people use to build social relations with other people. Friends retrieval over OSNs is an important activity among users. However, in existing friends retrieval solutions, user may leak private and sensitive information, such as personal data and friends relation. Traditional end-to-end encryption methods can protect users’ information, while it is not available for them to share contents with others. In this paper, aiming at preventing attack launched by the service provider, we propose PAFR, a Privacy-Aware Friends Retrieval scheme over OSNs. Inspired by private set interaction protocols, our scheme allows user to upload his encrypted contents to server, obliviously connect with others as friends, and retrieve friends with specific content. In addition, we design a dual-server model where two non-collude servers \(\mathcal {S}_1\) and \(\mathcal {S}_2\) perform secure sorting protocol to retrieve the ranked relevant friends without learning the underlying query and friends relationship. Compared with the approach with single server holding the whole knowledge of the OSN, each of them only has a part of the information make our scheme achieve a high level of privacy. Both security and performance analysis demonstrate that our scheme has both a very light user workload and a moderate server workload while being secure against user-server collusion.
This work was supported in part by the Natural Science Foundation of China under Grant Nos. 61772127and 61472184, the National Science and Technology Major Project under Grant No. 2013ZX03002006, the Liaoning Province Science and Technology Projects under Grant No. 2013217004, the Fundamental Research Funds for the Central Universities under Grant N151704002.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
https://www.cnn.com/2018/04/08/politics/cambridge-analytica-data-millions/index.html
Raso Mattos, L.R., Varadharajan, V., Nallusamy, R.: Data protection and privacy preservation using searchable encryption on outsourced databases. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Alcaraz Calero, J.M., Thomas, T. (eds.) SNDS 2012. CCIS, vol. 335, pp. 178–184. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34135-9_18
https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html
Waldman, A.E.: Privacy, sharing, and trust: the Facebook study. Case W. Res. L. Rev. 67, 193 (2016)
Ferrag, M.A., Maglaras, L., Ahmim, A.: privacy-preserving schemes for ad hoc social networks: a survey. IEEE Commun. Surv. Tutor. 19(4), 3015–3045 (2017)
Standard, Data Encryption. Data encryption standard. Federal Information Processing Standards Publication (1999)
Rijmen, V., Daemen, J.: Advanced encryption standard. Proceedings of Federal Information Processing Standards Publications, National Institute of Standards and Technology, pp. 19–22 (2001)
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
Cash, D., et al.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: NDSS, vol. 14, pp. 23–26, February 2014
Parit, S.C., Rachh, R.: Ciphertext Policy Attribute Based Encryption (2017)
Baden, R., Bender, A., Spring, N., Bhattacharjee, B., Starin, D.: Persona: an online social network with user-defined privacy. In: Proceedings of the ACM SIGCOMM (2009)
Vaidya, J., Clifton, C.: Secure set intersection cardinality with application to association rule mining. J. Comput. Secur. 13(4), 593–622 (2005)
Zhang, R., Zhang, Y., Sun, J., Yan, G.: Fine-grained private matching for proximity-based mobile social networking. In: INFOCOM, 2012 Proceedings IEEE, pp. 1969–1977. IEEE, March, 2012
Niu, B., Li, X., Zhu, X., Li, X., Li, H.: Are you really my friend? Exactly spatiotemporal matching scheme in privacy-aware mobile social networks. In: Tian, J., Jing, J., Srivatsa, M. (eds.) SecureComm 2014. LNICST, vol. 153, pp. 33–40. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23802-9_5
Fu, Y., Wang, Y.: BCE: A privacy-preserving common-friend estimation method for distributed online social networks without cryptography. In: 2012 7th International ICST Conference on Communications and Networking in China (CHINACOM), pp. 212–217. IEEE, August 2012
Sun, J., Zhang, R., Zhang, Y.: Privacy-preserving spatiotemporal matching. In: INFOCOM, 2013 Proceedings IEEE, pp. 800–808. IEEE, April 2013
Popa, R.A., Zeldovich, N.: Multi-key searchable encryption. IACR Cryptology ePrint Archive 2013, p. 508 (2013)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Damgrd, I., Jurik, M., Nielsen, J.B.: A generalization of Pailliers public-key system with applications to electronic voting. Int. J. Inf. Secur. 9(6), 371–385 (2010)
Baldimtsi, F., Ohrimenko, O.: Sorting and searching behind the curtain. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 127–146. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_8
Batcher, K.E.: Sorting networks and their applications. In: AFIPS Spring Joint Computing Conference (1968)
Sun, H., Jafar, S.A.: The capacity of private information retrieval. IEEE Trans. Inf. Theory 63(7), 4075–4088 (2017)
Damgrd, I., Geisler, M., Krigaard, M.: Homomorphic encryption and secure comparison. J. Appl. Cryptol. 1(1), 22–31 (2008)
Cao, N., Wang, C., Li, M., et al.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25(1), 222–233 (2014)
Strizhov, M., Ray, I.: Multi-keyword similarity search over encrypted cloud data. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 52–65. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_5
Xia, Z., Wang, X., Sun, X., et al.: A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27(2), 340–352 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Li, Y., Zhou, F., Xu, Z. (2019). PAFR: Privacy-Aware Friends Retrieval over Online Social Networks. In: Liu, F., Xu, J., Xu, S., Yung, M. (eds) Science of Cyber Security. SciSec 2019. Lecture Notes in Computer Science(), vol 11933. Springer, Cham. https://doi.org/10.1007/978-3-030-34637-9_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-34637-9_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34636-2
Online ISBN: 978-3-030-34637-9
eBook Packages: Computer ScienceComputer Science (R0)