nach oben

Erschienen in:

2013 | OriginalPaper | Buchkapitel

Encryption for Peer-to-Peer Social Networks

verfasst von : Oleksandr Bodriagov, Sonja Buchegger

Erschienen in: Security and Privacy in Social Networks

Verlag: Springer New York

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

To address privacy concerns over online social networking services, several decentralized alternatives have been proposed. These peer-to-peer (P2P) online social networks do not rely on centralized storage of user data. Rather, data can be stored not only on a profile owner’s computer but almost anywhere (friends’ computers, random peers from the social network, third-party external storage, etc.). Because external storage is often untrusted or only semi-trusted, encryption plays a fundamental role in the security of P2P social networks.

Such a system needs to be efficient for use on a large scale, provide functionality for changing access rights suitable for social networks, and, most importantly, it should preserve the network’s privacy properties. That is, other than user data confidentiality, it has to protect against information leakage regarding users’ access rights and behaviors. In this paper we explore the encryption requirements for P2P social networks and propose a list of evaluation criteria that we use to compare existing approaches. We have found that none of the current P2P architectures for social networks achieve secure, efficient, 24/7 access control enforcement and data storage. They rely on trust, require constantly running servers for each user, use expensive encryption, or fail to protect the privacy of access information. In a search for solutions that better fulfill our criteria, we found that some broadcast encryption (BE) and predicate encryption (PE) schemes exhibit several desirable properties.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Recognizing Your Digital Friends

Nächstes Kapitel Crowdsourcing and Ethics

Afify Y (2008) Access control in a peer-to-peer social network. Master’s thesis, EPFL, Lausanne, Switzerland

Altshuler Y, Aharony N, Pentland A, Elovici Y, Cebrian M (2011) Stealing reality: when criminals become data scientists (or vice versa). Intell Syst IEEE 26(6):22–30CrossRef

Baden R, Bender A, Spring N, Bhattacharjee B, Starin D (2009) Persona: an online social network with user-defined privacy. SIGCOMM Comput Commun Rev 39:135–146. http://doi.acm.org/10.1145/1594977.1592585

Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 I.E. symposium on security and privacy, SP ’07, Berkeley. IEEE Computer Society, Los Alamitos, pp 321–334. http://dx.doi.org/10.1109/SP.2007.11

Buchegger S, Schiöberg D, Vu LH, Datta A (2009) Peerson: P2p social networking: early experiences and insights. In: Proceedings of the second ACM EuroSys workshop on social network systems, SNS ’09, Nuremberg, pp 46–52. http://doi.acm.org/10.1145/1578002.1578010

Cutillo L, Molva R, Strufe T (2009) Safebook: a privacy-preserving online social network leveraging on real-life trust. Commun Mag IEEE 47(12):94–101CrossRef

Cutillo L, Molva R, Strufe T (2010) On the security and feasibility of safebook: a distributed privacy-preserving online social network. In: Privacy and identity management for life. IFIP advances in information and communication technology, vol 320. Springer, Boston, pp 86–101

Delerablee C (2007) Identity-based broadcast encryption with constant size ciphertexts and private keys. In: Advances in cryptology ASIACRYPT 2007. Lecture notes in computer science, vol 4833. Springer, Berlin/Heidelberg, pp 200–215

Delerablee C, Paillier P, Pointcheval D (2007) Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In: Pairing-based cryptography pairing 2007. Lecture notes in computer science, vol 4575. Springer, Berlin/Heidelberg, pp 39–59

10.

Egele M, Kruegel C, Kirda E, Vigna G (2011) Pios: detecting privacy leaks in ios applications. In: Proceedings of the ISOC network and distributed systems security (NDSS) symposium, San Diego

11.

Enck W, Gilbert P, Chun BG, Cox LP, Jung J, McDaniel P, Sheth AN (2010) Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX symposium on operating systems design and implementation (OSDI), Vancouver

12.

Fiat A, Naor M (1994) Broadcast encryption. In: Advances in cryptology CRYPTO 93. Lecture notes in computer science, vol 773. Springer, Berlin/Heidelberg, pp 480–491

13.

Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, CCS ’06. ACM, New York, pp 89–98

14.

Grippi D, Sofaer R, Salzberg M, Zhitomirsky I (2010) Diaspora. A little more about the project. http://blog.joindiaspora.com/2010/04/21/a-little-more-about-the-project.html. Accessed Nov 2011

15.

Grippi D, Sofaer R, Salzberg M, Zhitomirsky I (2010) Diaspora security architecture proposal. https://github.com/diaspora/diaspora/wiki/Security-Architecture-Proposal. Accessed Nov 2011

16.

Grippi D, Sofaer R, Salzberg M, Zhitomirsky I (2010) Encryption. https://github.com/diaspora/diaspora/wiki/Encryption. Accessed Nov 2011

17.

Grippi D, Sofaer R, Salzberg M, Zhitomirsky I (2011) Diaspora roadmap. https://github.com/diaspora/diaspora/wiki/Roadmap. Accessed Nov 2011

18.

Grippi D, Sofaer R, Salzberg M, Zhitomirsky I (2011) Diaspora’s federation protocol. https://github.com/diaspora/diaspora/wiki/Diaspora\%27s-federation-protocol

19.

Gross R, Acquisti A (2005) Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM workshop on privacy in the electronic society, WPES ’05. ACM, New York, pp 71–80

20.

Gupta V, Gupta S, Chang S, Stebila D (2002) Performance analysis of elliptic curve cryptography for ssl. In: Proceedings of the 1st ACM workshop on wireless security, WiSE ’02. ACM, New York, pp 87–94

21.

Ibraimi L, Tang Q, Hartel P, Jonker W (2009) Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: Proceedings of the 5th international conference on information security practice and experience, ISPEC ’09. Springer, Berlin, pp 1–12

22.

Jiang H, Xu Q, Shang J (2010) An efficient dynamic identity-based broadcast encryption scheme. In: Data, privacy and E-commerce (ISDPE), 2010 second international symposium on, Buffalo, pp 27–32

23.

Katz J, Sahai A, Waters B (2008) Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on advances in cryptology, EUROCRYPT’08, Istanbul. Springer, Berlin/Heidelberg, pp 146–162

24.

Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Advances in cryptology EUROCRYPT 2010. Lecture notes in computer science, vol 6110. Springer, Berlin/Heidelberg, pp 62–91

25.

Nechvatal J, Barker E, Bassham L, Burr W, Dworkin M, Foti J, Roback E (2000) Report on the development of the advanced encryption standard (aes). Technical report MSU-CSE-99-39, Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology. http://csrc.nist.gov/archive/aes/round2/r2report.pdf

26.

Okamoto T, Takashima K (2009) Hierarchical predicate encryption for inner-products. In: Advances in cryptology ASIACRYPT 2009. Lecture notes in computer science, vol 5912. Springer, Berlin/Heidelberg, pp 214–231

27.

Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM conference on computer and communications security, CCS ’07. ACM, New York, pp 195–203. http://doi.acm.org/10.1145/1315245.1315270

28.

Shen E, Shi E, Waters B (2009) Predicate privacy in encryption systems. In: Proceedings of the 6th theory of cryptography conference on theory of cryptography, TCC ’09. Springer, Berlin/Heidelberg, pp 457–473

29.

Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Public key cryptography PKC 2011. Lecture notes in computer science, vol 6571. Springer, Berlin/Heidelberg, pp 53–70

30.

Zhang W, Xu Q, He P (2010) Identity-based broadcast encryption with recipient privacy. In: 3rd IEEE international conference on Computer science and information technology (ICCSIT 2010), vol 8, Chengdu, pp 483–487

Titel: Encryption for Peer-to-Peer Social Networks
verfasst von: Oleksandr Bodriagov
Sonja Buchegger
Verlag: Springer New York
Buch: Security and Privacy in Social Networks
Print ISBN: 978-1-4614-4138-0

Electronic ISBN: 978-1-4614-4139-7

Copyright-Jahr: 2013
DOI: https://doi.org/10.1007/978-1-4614-4139-7_4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"