Change search
ReferencesLink to record
Permanent link

Direct link
Encryption for Peer-to-Peer Social Networks
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.ORCID iD: 0000-0001-5742-5462
2011 (English)Conference paper (Refereed)
Abstract [en]

To address privacy concerns over online social networking services, several distributed alternatives have been proposed. These peer-to-peer (P2P) online social networks do not rely on centralized storage of user data. Instead, data can be stored not only on a computer of a profile owner but almost anywhere (friends’ computers, random peers from the social network, third-party external storage, etc.). Since the external storage is often untrusted or only semi-trusted, encryption plays a fundamental role in security of P2P social networks. Encryption, however, also adds some overhead in both the time and space domains. To be scalable, a system that relies heavily on encryption should use as efficient algorithms as possible. It also needs to provide the functionality of changing access rights at reasonable cost, and, crucially, the system should preserve privacy properties itself. That is, beyond user data confidentiality, it has to protect against information leakage about users’ access rights and traffic analysis. In this paper we explore the requirements of encryption for P2P social networks in detail and propose a list of criteria for evaluation. We then compare a set of approaches from the literature according to these criteria. We find that none of the current P2P architectures for social networks manages to achieve secure, efficient, 24/7 access control enforcement and data storage. They either rely on trust, require constantly running servers for each user, use expensive encryption, or fail to protect privacy of access information. In the search for a solution that better fulfills the criteria, we found that some broadcast encryption (BE) schemes exhibit several desirable properties. We thus propose to use BE schemes with high performance encryption/decryption regardless of the number of identities/groups for an efficient encryption-based access control in the P2P environment. We define relevant properties for the BE schemes to be used in the P2P social network scenario and describe advantages that such schemes have compared to encryption techniques used in existing P2P architectures.

Place, publisher, year, edition, pages
2011. 1302-1309 p.
National Category
Computer and Information Science
Research subject
URN: urn:nbn:se:kth:diva-55862DOI: 10.1109/PASSAT/SocialCom.2011.158ScopusID: 2-s2.0-84856158154ISBN: 978-1-4577-1931-8OAI: diva2:471959
SPSN (Security and Privacy of Social Networks) 2011, Boston, USA
Swedish Research CouncilICT - The Next Generation
QC 20120113Available from: 2012-01-03 Created: 2012-01-03 Last updated: 2012-06-14Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Bodriagov, OleksandrBuchegger, Sonja
By organisation
Theoretical Computer Science, TCSACCESS Linnaeus Centre
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 42 hits
ReferencesLink to record
Permanent link

Direct link