Change search
ReferencesLink to record
Permanent link

Direct link
Enabling Secure Secret Sharing in Distributed Online Social Networks
Deutsche Telekom Laboratories, TU Berlin, Germany.ORCID iD: 0000-0001-5742-5462
NTU Singapore.
2009 (English)In: 25TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, 2009, 419-428 p.Conference paper (Refereed)
Abstract [en]

We study a new application of threshold-based secret sharing in a distributed online social network (DOSN), where users need a means to back up and recover their private keys in a network of untrusted servers. Using a simple threshold-based secret sharing in such an environment is insufficiently secured since delegates keeping the secret shares may collude to steal the user's private keys. To mitigate this problem, we propose using different techniques to improve the system security: by selecting only the most reliable delegates for keeping these shares and further by encrypting the shares with passwords. We develop a mechanism to select the most reliable delegates based on an effective trust measure. Specifically, relationships among the secret owner, delegate candidates and their related friends are used to estimate the trustworthiness of a delegate. This trust measure minimizes the likelihood of the secret being stolen by an adversary and is shown to be effective against various collusive attacks. Extensive simulations show that the proposed trust-based delegate selection performs very well in highly vulnerable environments where the adversary controls many nodes with different distributions and even with spreading of infections in the network. In fact, the number of keys lost is very low under extremely pessimistic assumptions of the adversary model

Place, publisher, year, edition, pages
2009. 419-428 p.
Keyword [en]
social networks, secret sharing, security, distributed systems
National Category
Computer and Information Science
Research subject
URN: urn:nbn:se:kth:diva-55912ISI: 000291011300040ISBN: 978-0-7695-3919-5OAI: diva2:472137
25th Annual Computer Security Applications Conference. Honolulu, HI. DEC 07-11, 2009

QC 20120104

Available from: 2012-01-03 Created: 2012-01-03 Last updated: 2016-04-20Bibliographically approved

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Buchegger, Sonja
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 53 hits
ReferencesLink to record
Permanent link

Direct link