Skip to main content
SpringerLink
Log in

Private discovery of common social contacts

  • Special Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Digital services that are offered, and consumed, on the basis of social relationships form the backbone of social clouds—an emerging new concept that finds its roots in online social networks. The latter have already taken an essential role in people’s daily life, helping users to build and reflect their social relationships to other participants. A key step in establishing new links entails the reconciliation of shared contacts and friends. However, for many individuals, personal relationships belong to the private sphere, and, as such, should be concealed from potentially prying eyes of strangers. Consequently, the transition toward social clouds cannot set aside mechanisms to control the disclosure of social links. This paper motivates and introduces the concept of Private Discovery of Common Social Contacts, which allows two users to assess their social proximity through interaction and learn the set of contacts (e.g., friends) that are common to both users, while hiding contacts that they do not share. We realize private contact discovery using a new cryptographic primitive, called contact discovery scheme (CDS), whose functionality and privacy is formalized in this work. To this end, we define a novel privacy feature, called contact-hiding, that captures our strong privacy goals. We also propose the concept of contact certification and show that it is essential to thwart impersonation attacks on social relationships. We build provably private and realistically efficient CDS protocols for private discovery of mutual contacts. Our constructions do not rely on a trusted third party (TTP)—all contacts are managed independently by the users. The practicality of our proposals is confirmed both analytically and experimentally on different computing platforms. We show that they can be efficiently deployed on smartphones, thus allowing ad hoc and ubiquitous contact discovery outside of existing social networks. Our CDS constructions allow users to select their (certified) contacts to be included in individual protocol executions. That is, users may perform context-dependent contact discovery using any subset (circle) of their contacts.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Ateniese, G., De Cristofaro, E., Tsudik, G.: (If) size matters: Size-hiding private set intersection. In: D. Catalano, N. Fazio, R. Gennaro, and A. Nicolosi (eds.) PKC 2011: 14th International Workshop on Theory and Practice in Public Key Cryptography, vol. 6571 of Lecture Notes in Computer Science, pp. 156–173. Taormina, Italy, March 6–9. Springer, Germany, Berlin (2011)

  2. Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Berlin (2003)

    Google Scholar 

  3. Chapman, P., Evans, D., Huang, Y., Koo, S.: Common Contacts–Privacy-preserving shared contact computation. http://www.mightbeevil.com/contacts/

  4. Chiou, S.-Y., Chang, S.-Y., Sun, H.-M.: Common friends discovery with privacy and authenticity. In: IAS, pp. 337–340. IEEE Computer Society (2009)

  5. Dachman-Soled, D., Malkin, T., Raykova, M., Yung, M.: Efficient robust private set intersection. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 09: 7th International Conference on Applied Cryptography and Network Security, vol. 5536 of Lecture Notes in Computer Science, pp. 125–142. Paris-Rocquencourt, France, June 2–5. Springer, Germany, Berlin (2009)

  6. Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Berlin (2004)

    MATH  Google Scholar 

  7. De Cristofaro, E., Kim, J., Tsudik, G.: Linear-complexity private set intersection protocols secure in malicious model. In: Abe, M. (ed.) Advances in Cryptology–ASIACRYPT, vol. 6477 of Lecture Notes in Computer Science, pp. 213–231. Singapore, December 5–9. Springer, Germany, Berlin (2010)

  8. De Cristofaro, E., Manulis, M., Poettering, B.: Private discovery of common social contacts. In: Lopez, J., Tsudik, G. (eds.) ACNS 11: 9th International Conference on Applied Cryptography and Network Security, vol. 6715 of Lecture Notes in Computer Science, pp. 147–165, Nerja, Spain, June 7–10. Springer, Germany, Berlin (2011)

  9. De Cristofaro, E., Tsudik, G.: Practical private set intersection protocols with linear complexity. In: Sion, R. (ed.), FC 2010: 14th International Conference on Financial Cryptography and Data Security, vol. 6052 of Lecture Notes in Computer Science, pp. 143–159. Tenerife, Canary Islands, Spain, January 25–28. Springer, Germany, Berlin (2010)

  10. De Cristofaro, E., Jarecki, S., Kim, J., Tsudik, G.: Privacy-preserving policy-based information transfer. In: Goldberg, I., Atallah, M.J. (eds.) Privacy Enhancing Technologies, vol. 5672 of Lecture Notes in Computer Science, pp. 164–184. Springer, Berlin (2009)

  11. Diehl, C.P., Namata, G., Getoor, L.: Relationship identification for social network discovery. In: AAAI, pp. 546–552. AAAI Press (2007)

  12. Okamoto, E., Tanaka, K.: Key distribution system based on identification information. IEEE J. Sel. Areas Commun. 7(4), 481–485 (1989)

    Article  Google Scholar 

  13. Emerson, R.: Huffingtonpost: Facebook Users Expected To Pass 1 Billion In August 2012. http://www.huffingtonpost.com/2012/01/13/facebook-users-1-billion-icrossing_n_1204948.html, July 2012

  14. Free Software Foundation. The GNU MP Bignum Library. http://gmplib.org/

  15. Freedman, M.J., Nicolosi, A.: Efficient private techniques for verifying social proximity. IPTPS, In (2007)

    Google Scholar 

  16. Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology–EUROCRYPT 2004, vol. 3027 of Lecture Notes in Computer Science, pp. 1–19. Interlaken, Switzerland, May 2–6. Springer, Germany, Berlin (2004)

  17. Gennaro, R., Krawczyk, H., Rabin, T.: Okamoto-Tanaka revisited: Fully authenticated Diffie-Hellman with minimal overhead. Cryptology ePrint Archive, Report 2010/068, 2010. http://eprint.iacr.org/2010/068.pdf

  18. Gennaro, R., Krawczyk, H., Rabin, T.: Okamoto-Tanaka revisited: Fully authenticated Diffie-Hellman with minimal overhead. In: Zhou, J., Yung, M. (eds.) ACNS 10: 8th International Conference on Applied Cryptography and Network Security, vol. 6123 of Lecture Notes in Computer Science, pp. 309–328, Beijing, China, June 22–25. Springer, Germany, Berlin (2010)

  19. Google Inc. Google+. http://plus.google.com

  20. Hazay, C., Lindell, Y.: Efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries. In: Canetti, R. (ed.) TCC 2008: 5th Theory of Cryptography Conference, vol. 4948 of Lecture Notes in Computer Science, pp. 155–175. San Francisco, CA, USA, March 19–21. Springer, Germany, Berlin (2008)

  21. Hazay, C., Nissim, K.: Efficient set operations in the presence of malicious adversaries. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010: 13th International Conference on Theory and Practice of Public Key Cryptography, vol. 6056 of Lecture Notes in Computer Science, pp. 312–331. Paris, France, May 26–28. Springer, Germany, Berlin (2010)

  22. Huang, Y., Chapman, P., Evans, D.: Privacy-preserving applications on smartphones. In: 6th USENIX Workshop on Hot Topics in, Security (2011)

  23. Jarecki, S., Kim, J., Tsudik, G.: Beyond secret handshakes: Affiliation-hiding authenticated key exchange. In: Tal M. (ed.), Topics in Cryptology–CT-RSA 2008, vol. 4964 of Lecture Notes in Computer Science, pp. 352–369. San Francisco, CA, USA, April 7–11. Springer, Germany, Berlin (2008)

  24. Jarecki, S., Liu, X.: Efficient oblivious pseudorandom function with applications to adaptive OT and secure computation of set intersection. In: Reingold, O. (ed.) TCC 2009: 6th Theory of Cryptography Conference, vol. 5444 of Lecture Notes in Computer Science, pp. 577–594. Springer, Berlin, Germany, March 15–17, 2009

  25. Jarecki, S., Liu, X.: Fast secure computation of set intersection. In: Garay, J.A., De Prisco, R. (eds.) SCN 10: 7th International Conference on Security in Communication Networks, vol. 6280 of Lecture Notes in Computer Science, pp. 418–435. Amalfi, Italy, September 13–15. Springer, Germany, Berlin (2010)

  26. Kissner, L., Song, D.: Privacy-preserving set operations. In: Shoup, V. (ed.) Advances in Cryptology–CRYPTO 2005, vol. 3621 of Lecture Notes in Computer Science, pp. 241–257, Santa Barbara, CA, USA, August 14–18. Springer, Germany, Berlin (2005)

  27. Korolova, A., Motwani, R., Nabar, S.U., Xu, Y.: Link privacy in social networks. In: ICDE, pp. 1355–1357. IEEE (2008)

  28. Korolova, A., Motwani, R., Nabar, S.U., Xu, Y.: Link privacy in social networks. In: Shanahan, J.G., Amer-Yahia, S., Manolescu, I., Zhang, Y., Evans, D.A., Kolcz, A., Choi, K.-S., Chowdhury, A. (eds.) CIKM, pp. 289–298. ACM (2008)

  29. Krawczyk, H.: SIGMA: The “SIGn-and-MAc” approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.), Advances in Cryptology—CRYPTO 2003, vol. 2729 of Lecture Notes in Computer Science, pp. 400–425, Santa Barbara, CA, USA, August 17–21. Springer. Germany, Berlin (2003)

  30. LinkedIn. Press center - about us. http://press.linkedin.com/about, July 2012

  31. Manulis, M., Pinkas, B., Poettering, B.: Privacy-preserving group discovery with linear complexity. In: Zhou, J., Yung, M. (eds.) ACNS 10: 8th International Conference on Applied Cryptography and Network Security, vol. 6123 of Lecture Notes in Computer Science, pp. 420–437, Beijing, China, June 22–25. Springer, Germany, Berlin (2010)

  32. Manulis, M., Poettering, B., Tsudik, G.: Taming big brother ambitions: More privacy for secret handshakes. In Atallah, M.J., Hopper, N.J. (eds) Privacy Enhancing Technologies, vol. 6205 of Lecture Notes in Computer Science, pp. 149–165. Springer (2010)

  33. Manulis, M., Poettering, B.: Practical affiliation-hiding authentication from improved polynomial interpolation. In: ASIACCS, pp. 286–295 (2011)

  34. Schatzman, M.: Numerical Analysis: A Mathematical Introduction. Clarendon Press, Oxford (2002)

  35. Goldreich, O., Rosen, V.: On the security of modular exponentiation with application to the construction of pseudorandom generators. J. Cryptol. 16(2), 71–93 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  36. Okamoto, E.: Key distribution systems based on identification information. In: Pomerance, C. (ed.) Advances in Cryptology—CRYPTO ’87, vol. 293 of Lecture Notes in Computer Science, pp. 194–202, Santa Barbara, CA, USA, August 16–20. Springer, Germany, Berlin (1988)

  37. Pons, P., Latapy, M.: Computing communities in large networks using random walks. J. Graph Algorithms Appl. 10(2), 191–218 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  38. Poettering, B.: Privacy protection for authentication protocols. PhD thesis 2012. http://tuprints.ulb.tu-darmstadt.de/2867

  39. von Arb, M., Bader, M., Kuhn, M., Wattenhofer, R.: Veneta: Serverless friend-of-friend detection in mobile social networking. In: WiMob, pp. 184–189. IEEE (2008)

  40. Yao, A.C.-C.: How to generate and exchange secrets (extended abstract). In: FOCS, pp. 162–167. IEEE Computer Society (1986)

  41. Yu, P.S., Han, J., Faloutsos, C.: Link Mining: Models, Algorithms, and Applications. Springer, Berlin (2010)

    Book  Google Scholar 

  42. Zhelevam, E., Getoor, L., Golbeck, J., Kuter, U.: Using friendship ties and family circles for link prediction. In: Giles, C.L., Smith, M., Yen, J., Zhang, H. (eds.) SNAKDD, vol. 5498 of Lecture Notes in Computer Science, pp. 97–113. Springer (2008)

Download references

Acknowledgments

Mark Manulis was supported by the German Research Foundation (DFG) through grant MA 4096. He and Bertram Poettering also acknowledge support from the Center of Advanced Security Research Darmstadt (CASED) and the European Center for Security and Privacy by Design (EC SPRIDE). Work has been partially done while Emiliano De Cristofaro was at UC Irvine, and Mark Manulis and Bertram Poettering were at CASED & TU Darmstadt. This is an extended version of the paper with the same title that appeared in the proceedings of ACNS 2011 in LNCS 6715, Springer.

Author information

Authors and Affiliations

  1. Palo Alto Research Center (PARC), 3333 Coyote Hill Road, Palo Alto, CA, 94041, USA

    Emiliano De Cristofaro

  2. Department of Computing, University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom

    Mark Manulis

  3. ISG, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, United Kingdom

    Bertram Poettering

Authors
  1. Emiliano De Cristofaro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mark Manulis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bertram Poettering
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bertram Poettering.

Rights and permissions

Reprints and permissions

About this article

Cite this article

De Cristofaro, E., Manulis, M. & Poettering, B. Private discovery of common social contacts. Int. J. Inf. Secur. 12, 49–65 (2013). https://doi.org/10.1007/s10207-012-0183-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-012-0183-4

Keywords

Search

Navigation