View
46
Download
2
Category
Tags:
Preview:
DESCRIPTION
VENETA: Serverless Friend-of-Friend Detection in Mobile Social Networking. Marco von Arb Matthias Bader Michael Kuhn Roger Wattenhofer WiMob 2008 Avignon, France. Success of Social Networking Services. Wikipedia: List of Social Networking Services. number of services listed. - PowerPoint PPT Presentation
Citation preview
DistributedComputing
Group
VENETA: Serverless Friend-of-Friend Detection inMobile Social Networking
Marco von ArbMatthias BaderMichael KuhnRoger Wattenhofer
WiMob 2008Avignon, France
2Michael Kuhn, ETH Zurich @ WiMob 2008
Success of Social Networking Services
Wikipedia: List of Social Networking Services
number of services listed growth of services
3Michael Kuhn, ETH Zurich @ WiMob 2008
Biggest Virtual Social Network?
Orkut(67M)
Facebook(124M)
LinkedIn(27M)
Classmates(50M)Windows Live
Spaces (120M)
MySpace(246M)
E-Mail(1.5B Internet users)
(Jun. 2008)Mobile Phone Contact Book(3.3B mobile subscribers)
(Nov. 2007)
4Michael Kuhn, ETH Zurich @ WiMob 2008
Mobile Social Networking?• Perfect combination
– Excellent penetration– Permanent reachability– Location awareness
• Success?– No comparison to MySpace,
Facebook, etc.– Twitter: 2.5M Unique users (08/2008)
micro-blogging service
5Michael Kuhn, ETH Zurich @ WiMob 2008
Lovegety• Introduced in 1998, Japan• Male (blue) and female (pink) device• Beeps if another lovegety of
opposite sex is nearby• As of 2004, 600K devices were sold• Was presumably the most
successful mobile social networking service for a long time
“In the two and a half months since the product entered markets, we've already shipped 350,000 Lovegetys. Right now we can't
produce enough of them to meet demand”Takeya Takafuji, CEO
“I just had it on one day when it started to beep all of sudden. I started looking around while getting ready to run, if the boy was
strange. He wasn't, so I said hello, and we went and ate Takoyaki”
Kaori Mikuriya, 16
Quotes from: Iwatani, Wired News, 1998
6Michael Kuhn, ETH Zurich @ WiMob 2008
(Possible) Reasons for Success and Failure
simple
Lovegety: 3 modes (talk, karaoke, get2)
Twitter: Short messages(<140 characters)
cheap
adapted to mobile interface
low user interaction
clones of webapps
high user interaction
high data volumes
expensive
overloaded
7Michael Kuhn, ETH Zurich @ WiMob 2008
Why Clones?
Friend Browsing
8Michael Kuhn, ETH Zurich @ WiMob 2008
Friends-of-Friends• Clustering Coefficient
– Probability that two friends are friends themselves
• High Clustering Coefficients in Social Networks– Approx. 0.25– Feature is highly used– Better indicator for friendship than profile match
10Michael Kuhn, ETH Zurich @ WiMob 2008
Friends-of-Friends on Mobile Devices
browsing is inefficient on small displays
requires access to server=> expensive
not appropriate for mobile devices
true?
11Michael Kuhn, ETH Zurich @ WiMob 2008
Mobile Friend-of-Friend Detection
compare address books!
peer-to-peer (e.g. Bluetooth)
device rather than user searches
12Michael Kuhn, ETH Zurich @ WiMob 2008
Privacy?
• Not everybody should know my contacts!• Compare hash values? => lookup tables• Possible to protect privacy? Yes!
Privacy?
multiparty-computation
13Michael Kuhn, ETH Zurich @ WiMob 2008
Multi-Party Computation
• n participants want to evaluate a function f(x1, x2, ..., xn)
• Everybody knows the result, but nothing about the others‘ inputs
What‘s our average age?
Result: 41.7 years
33
69
3755
46
41
11Participants do NOT learn individual ages
14Michael Kuhn, ETH Zurich @ WiMob 2008
Multi-party Computation
• Adversaries– Passive (honest but curious): Follow the protocol– Active (malicious): Can do whatever they like to compromise
somebody‘s privacy
• „Protocols for Secure Computations“– Andrew Yao, FOCS, 1982– Any 0-1 valued function can be evaluated in the passive
adversary model
high computational complexity
real world adversaries are malicious
16Michael Kuhn, ETH Zurich @ WiMob 2008
Multiparty-Computation for Contacts?
• Alice and Bob both own a set of items from a given universe V– Alice: X = {x1, x2, ..., xN} (subset of V)– Bob: Y = {y1, y2, ..., yM} (subset of V)
• Goal: Find intersection without knowing the other party‘s elements
• This is exactly our friend-of-friend finding problem!– X: phone numbers in Alice‘s contact book– Y: phone numbers in Bob‘s contact book– V: universe of all (107) phone numbers
two-party set intersection
X
Y
17Michael Kuhn, ETH Zurich @ WiMob 2008
Two-Party Set Intersection
• Yao‘s generic approach computationally infeasible
homomorphic encryption & roots of polynomials(Freedman et al., EUROCRYPT, 2004)
relatively complex fixes required against malicious adversaries
commutative encryption(Hubermann et al., ACM EC, 1999)
homomorphic encryption & roots of polynomials(Freedman et al., EUROCRYPT, 2004)
18Michael Kuhn, ETH Zurich @ WiMob 2008
Two-Party Set Intersection
• Commutative Encryption: Eα(Eβ(x)) = Eβ(Eα(x))
1) A → B: Eα(x1), ..., Eα(xN)
2) B → A: Eβ(y1), ..., Eβ(yM)
3) A → B: Eα(Eβ(y1)), ..., Eα(Eβ(yM))
4) B → A: Eβ(Eα(x1)), ..., Eβ(Eα(xN))
Commutativity: xi = yj => Eβ(Eα(xi)) = Eα(Eβ(yj))
reveals input set sizes
19Michael Kuhn, ETH Zurich @ WiMob 2008
Analysis
• Agraval et al., SIGMOD, 2003– Passive adversaries
• Protocol is secure if:– Decisional Diffie-Hellmann (DDH) assumption holds – Eκ(m) = mκ mod p– p is strong prime (i.e. p = 2*q+1 with p, q large prime)– Dom E: quadratic residues modulo q– κ {1, 2, ..., q – 1}– Ideal hash function h: V → Dom E exists to map each v element
V to d Dom E
Eκ(m) = mκ mod p [m = h(x)]
20Michael Kuhn, ETH Zurich @ WiMob 2008
For Phone Numbers
Barbara Smith
Christa Doe
Brian Lewis
Vanessa Platt
Walter Boyd
...
Arthur V.
Brad K.
Brian L.
Vincent M.
William M.
...
6503800721
+18312380902
...
+18317280422
8314568721
+442088709929
6521257
+16503807210
9826735
+442086294528
...
Alice Bob
BrianAlice Bob
Barbara
Christa
Vanessa
Walter
Arthur
Brad
Vincent
William
+41791324328
Bob is a friend-of-a-friend of Alice
21Michael Kuhn, ETH Zurich @ WiMob 2008
+417913243286503807210
+18312380902...
6521257+442088709929
+16503807210...
h(6521257)β
h(8709929)β
h(3807210)β
...h(1324328)αβ
h(3807210)αβ
h(2380902)αβ
...
h(6521257)βα h(8709929)βα
h(3807210)βα
...
For Phone Numbers
h(1324328)αβ
h(3807210)αβ
h(2380902)αβ
...
h(6521257)βα h(8709929)βα
h(3807210)βα
...
equal due to commutativity
h(1324328)α
h(3807210)α
h(2380902)α
...
(mod p)
22Michael Kuhn, ETH Zurich @ WiMob 2008
Active Adversaries• Zhang and Zhao, VLDB, 2005• Li et al., Computer Security, 2005
• Changing input set (e.g. adding a number)– If somebody can add a number (and knows
whose number it is), it could have been in the contact book, anyways
– Limited to 300 entries (no brute-force attacks)
• Asymmetry (Alice could skip last step)– Simulaneously exchange values
– Zhan and Zhao– Expensive
– Interesting only for delicate contacts– Bob would not have made such a contact available
23Michael Kuhn, ETH Zurich @ WiMob 2008
Prototype Application: veNETa
• Let‘s use our protocol– Only makes sense if other people use it
as well...– Why should people use it, if there is
litteraly no chance of meeting another user?
– Bootstrapping problem
• Integration into a more comprehensive application– veNETa– Decentralized as well as serverbound
features– J2ME
24Michael Kuhn, ETH Zurich @ WiMob 2008
veNETa
• Decentralized– Free of charge– Friend-of-friend detection
(as explained)– Profile matching (age, gender)
– Simple, recall Lovegety– Multihop messaging over Bluetooth (max. 3 hops, epidemic
routing)
• Server bound– Text-Messaging (encrypted,
public-key infrastructure provided by server)
– Location tracking:– veNETa can (optionally) alert
users if people of interest (friends or profile matches) are nearby
– Requires JSR-179 (Java Location-API)
friend-finding(new friends)
messaging(stay in contact)
location-awareness(re-discover)
25Michael Kuhn, ETH Zurich @ WiMob 2008
Conclusions• Mobile social software as huge potential
– Market penetration of mobile devices– Success of social networking applications
• Major target group: Young people– Low budget
• Serverless core features– Free of charge– Cover the extremely popular friend-of-friend detection– Based on real friends
• Future– Improve usability– Extend to e-mail addresses, ICQ numbers, etc.– Other matching mechanisms (e.g. music taste?)– Micro-blogging?
26Michael Kuhn, ETH Zurich @ WiMob 2008
Thanks for your Attention
• Questions?
Recommended