social networking with frientegrity
play

Social Networking with Frientegrity: Privacy and Integrity with an - PowerPoint PPT Presentation

May 03, 2023 •380 likes •661 views

Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider Ariel J. Feldman Princeton UPenn Joint work with: Aaron Blankstein, Michael J. Freedman, and Edward W. Felten Social Networking with

  1. Social Networking with Frientegrity: 
 Privacy and Integrity with an Untrusted Provider � Ariel J. Feldman � Princeton � UPenn � Joint work with: � Aaron Blankstein, Michael J. Freedman, and Edward W. Felten � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 1 �

  2. Online social networks are centralized � Pro: Availability, reliability, global accessibility, convenience � Con: 3 rd party involved in every social interaction � Must trust provider for confidentiality & integrity � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 2 �

  3. Threats to confidentiality � • Theft by attackers � Ars Technica. Mar. 11, 2011 � • Accidental leaks � EFF. Apr. 28, 2010 � PC World. Dec. 6, 2011 � • Privacy policy changes � WSJ. Feb. 22, 2012 � Google Transparency Report Jan. – Jun. 2011 � • Government pressure � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 3 �

  4. Threats to integrity � Server � Simple: Corrupting messages � 1 � 2 � 3 � 1 � 3 � 2 � Complex: Server equivocation � Alice � Bob � Equivocation in the wild: � (e.g to disguise censorship) � http://songshinan.blog.caixin.com/archives/22322 (translated by Google) � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 4 �

  5. Limits of prior work � 1. Cryptographic � Don’t protect integrity � 2. Decentralized � Trust a Run your OR � provider � own server � (who you may not know either) ¡ (sacrifice availability, convenience, etc.) ¡ Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 5 �

  6. Frientegrity’s approach � Provider � Benefit from a centralized provider � Support common features � Server � Server � Server � Server � (e.g. walls, feeds, friends, FoFs, followers) � Assume untrusted provider � Client � Client � Client � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 6 �

  7. Enforce confidentiality � Provider � Provider only observes Server � Server � encrypted data � Encrypted � State � state � (Need dynamic access control and key distribution) � Client � Client � Client � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 7 �

  8. Verify integrity � Provider � Clients verify that the provider: � Server � Server � • Hasn’t corrupted individual updates � • Hasn’t equivocated � • Enforced access control on writes � Client � Client � Client � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 8 �

  9. Scalability challenges � Long histories; only want tail � … Don’t verify whole history each time � Many objects (walls, comment threads, photos, etc.) � Support sharding � Many friends and FoFs � O(log n) “(un)friending” � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 9 �

  10. Frientegrity overview � Server 2 � Server 1 � Alice’s profile � Server n � Checked for Alice’s photo album � equivocation � Alice’s ACL � Comment thread � Alice’s wall � Optionally Bob’s profile � entangled � Read Alice’s wall � 1. Latest updates � 2. Proof of no equivocation � Bob � 3. Proof of ACL enforcement � Verify & 4. Decryption keys � decrypt � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 10 �

  11. Detecting equivocation � Enforce fork* consistency [LM07] � Server � • Honest server: linearizability � • Malicious server: Alice and Bob 1 � 2 � 3 � 1 � 3 � 2 � detect equivocation after exchanging 2 messages � Alice � Bob � • Compare histories � Provider can still fork the clients, but can’t unfork � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 11 �

  12. Comparing histories � Previously: use a hash chain � op 0 � op 1 � op 2 � op 3 � op 4 � op 5 � op 6 � op 7 � h n = H(h n-1 || op n ) � Hash chains are O(n) � (and must download the whole history) � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 12 �

  13. Objects in Frientegrity � Let C 15 be a server- h root commits to signed commitment to entire history � h root up to op 15 � h i = H(h leftChild(i) || h rightChild(i) ) � op 6 � op 0 � op 1 � op 2 � op 3 � op 4 � op 5 � op 7 � op 8 � op 10 � op 11 � op 12 � op 13 � op 14 � op 15 � op 9 � History tree [CW09] � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 13 �

  14. Objects (cont.) � Is C 8 consistent C 15 � with C 15 ? � op 0 � op 1 � op 8 � op 14 � op 15 � op 9 � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 14 �

  15. Verifying an object � Alice’s ops � Bob’s ops � Charlie’s ops � Clients collaborate to verify the history � op 6 � op 0 � op 1 � op 2 � op 3 � op 4 � op 5 � op 7 � op 8 � op 10 � op 11 � op 12 � op 13 � op 14 � op 15 � op 9 � C 0 � C 4 � C 8 � C 11 � Is C 11 consistent with C 15 ? � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 15 �

  16. Tolerating malicious users � Alice’s ops � Bob’s ops � Bob’s ops � Charlie’s ops � Tolerate up to f malicious users � op 0 � op 1 � op 8 � op 10 � op 11 � op 12 � op 13 � op 14 � op 15 � op 9 � op 15 � C 9 � C 11 � C 11 � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 16 �

  17. Access control � Server � Alice’s photo album � Prove ACL enforcement � Alice’s ACL � Comment thread � Alice’s wall � Efficient key distribution � O(log n) “(un)friending” � Bob � Verify & decrypt � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 17 �

  18. Proving ACL enforcement � Server � h i = H(h leftChild(i) || h rightChild(i) ) � h root signed by Alice � Alice’s photo album � Alice’s ACL � David ¡ Comment thread � Alice’s wall � Bob ¡ Sean ¡ Alice ¡ Charlie ¡ Emma ¡ Persistent authenticated Bob � dictionary � Verify & decrypt � [AGT01] � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 18 �

  19. Efficient key distribution � Server � E k3 (k 1 ) || E k4 (k 1 ) � k 0 = k alice_friend � Alice’s photo album � Alice’s ACL � David, k 0 ¡ David ¡ Comment thread � Alice’s wall � Bob ¡ Sean, k 2 ¡ Sean ¡ Bob, k 1 ¡ Emma, k 5 ¡ Alice, k 3 ¡ Alice ¡ Charlie, k 4 ¡ Charlie ¡ Emma ¡ E charlie_pk (k 4 ) � Bob � Key graph � Verify & [WGL98] � decrypt � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 19 �

  20. Adding a friend � E k5 (k 2 ) || E k6 (k 2 ) � Server � Alice’s photo album � Alice’s ACL � David, k 0 ¡ Comment thread � Alice’s wall � Sean, k 2 ¡ Bob, k 1 ¡ Emma, k 5 ¡ Zack, k 6 ¡ Alice, k 3 ¡ Charlie, k 4 ¡ E zack_pk (k 6 ) � Bob � Verify & decrypt � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 20 �

  21. Removing a friend � k 0 ’ = k alice_friend ’ � Server � Alice’s photo album � Alice’s ACL � David, k 0 ¡ David, k 0 ’ ¡ Comment thread � Alice’s wall � Sean, k 2 ¡ Bob, k 1 ’ ¡ Bob, k 1 ¡ Emma, k 5 ¡ Alice, k 3 ¡ Charlie, k 4 ¡ Zack, k 6 ¡ Bob � Verify & decrypt � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 21 �

  22. Efficient enough in practice? � Setup � • Java client & server � • Simulate basic Facebook features (each user has wall & ACL) � • 2048-bit RSA sign & verify batched via spliced signatures [CW10] � • Experiments on LAN (8-core 2.4 GHz Intel Xeon E5620s, Gigabit network) � Measurements � • Latency of reads & writes to objects � • Latency of ACL changes � • Throughput (in paper) � • Effect of tolerating malicious users � Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 22 �

  23. Object read & write latency � 14 Write Constant cost Response Latency (ms) 12 Read of signatures 10 Frientegrity � dominates � 8 6 (collaborative 4 verification) � 2 0 0 5K 10K 15K 20K 25K Object History Size 1000 Read Response Latency (ms) 800 Write 600 Hash chain � 400 200 0 0 500 1000 1500 Object History Size Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 23 �

  24. Latency of ACL changes � 35 30 Response Latency (ms) 25 20 15 10 5 Add User Revoke User 0 0 200 400 600 800 1000 ACL Size Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 24 �

  25. Tolerating malicious users � • 50 writers � • 5000 operations � Power Response Latency (ms) Uniform 1000 100 10 0 10 20 30 40 50 f + 1 Social Networking with Frientegrity — Ariel J. Feldman — Usenix Security 8/10/12 � 25 �

Recommend

Kids and Social Networking Introduction Kids and Social Networking Social Networking sites play

Kids and Social Networking Introduction Kids and Social Networking Social Networking sites play

Learwood Middle School Parent Handbook Kids and Social Networking Introduction Kids and Social Networking Social Networking sites play an important role in connecting the lives of people. Research has shown that social media is the preferred

542 views • 9 slides
Social Networking and Mobile Learning Outcome : To identify the benefits of incorporating social

Social Networking and Mobile Learning Outcome : To identify the benefits of incorporating social

Social Networking and Mobile Learning Outcome : To identify the benefits of incorporating social networking tools in mobile learning. 1 Social Media Penetration Feb 2013 Source: wearesocial.sg; Social, digital, and mobile worldwide. February

343 views • 13 slides
Social Networking Trends and Social Networking Trends and Social Networking Trends and Social

Social Networking Trends and Social Networking Trends and Social Networking Trends and Social

Social Networking Trends and Social Networking Trends and Social Networking Trends and Social Networking Trends and Dynamics Detection Dynamics Detection via a Cloud via a Cloud- -based Framework Design based Framework Design Athena A h

734 views • 25 slides
What is LinkedIn? Which one is not like the others? Title: Social Networking vs. Social Media

What is LinkedIn? Which one is not like the others? Title: Social Networking vs. Social Media

What is LinkedIn? Which one is not like the others? Title: Social Networking vs. Social Media Business Trusted Closed LinkedIn vs. Facebook Consumer Open What is LinkedIn? 145m 2009 - 2011 110m 65m Complete Profile 1. A Current

561 views • 32 slides
Social Networking (A Summary) Presented by Gerald Bauer JB Systems, LLC Networking In The

Social Networking (A Summary) Presented by Gerald Bauer JB Systems, LLC Networking In The

Social Networking (A Summary) Presented by Gerald Bauer JB Systems, LLC Networking In The Digital Age Welcome Overview: History of Networking 7 Minutes of Facebook 7 Minutes of Linked In 7 Minutes of Blogging 7 Minutes of Q&A

310 views • 30 slides
Social Networking Sites In The Work Environment Developing criteria for successful application

Social Networking Sites In The Work Environment Developing criteria for successful application

Social Networking Sites In The Work Environment Developing criteria for successful application Andr Calero Valdez Anne Kathrin Schaar Martina Ziefle Agenda Demographic change and changes in employment biographies Social Networking

288 views • 28 slides
A Telecom Italia view on the Future mobile Social Networking W3C Workshop on the Future of W3C

A Telecom Italia view on the Future mobile Social Networking W3C Workshop on the Future of W3C

A Telecom Italia view on the Future mobile Social Networking W3C Workshop on the Future of W3C Workshop on the Future of Social Networking Social Networking an an introducti introduction on to to Distribut Distributed ed

543 views • 11 slides
Social Network Discovery and Customer Network Value Assessment from Social Networking Websites 1

Social Network Discovery and Customer Network Value Assessment from Social Networking Websites 1

Social Network Discovery and Customer Network Value Assessment from Social Networking Websites 1 Hong Guo, Praveen Pathak, Hsing Kenneth Cheng Department of Information Systems and Operations Management Warrington College of Business

348 views • 3 slides
Social Networking and personality Paul Deakin and Rob Bailey OPP Ltd 20 th July 2011 Agenda

Social Networking and personality Paul Deakin and Rob Bailey OPP Ltd 20 th July 2011 Agenda

Social Networking and personality Paul Deakin and Rob Bailey OPP Ltd 20 th July 2011 Agenda A quick overview of the range of our findings Social Networking patterns and implications Rob Paul Getting to know you What was the

867 views • 47 slides
4 SOCIAL NETWORKING and discuss how they work. See if the class can agree Objectives on what

4 SOCIAL NETWORKING and discuss how they work. See if the class can agree Objectives on what

4 SOCIAL NETWORKING and discuss how they work. See if the class can agree Objectives on what the best social network is. FUNCTIONS giving advice GRAMMAR indefinite pronouns ( everyone , no one , someone , Optional extension etc.); all /

321 views • 8 slides
Towards Trustworthy Mobile Social Networking Services for

Towards Trustworthy Mobile Social Networking Services for

Towards Trustworthy Mobile Social Networking Services for Disaster Response Sander Wozniak, Michael Rossberg, Guenter Schaefer Ilmenau University of

711 views • 24 slides
xBook: Redesigning Privacy Control in Social xBook: Redesigning Privacy Control in Social

xBook: Redesigning Privacy Control in Social xBook: Redesigning Privacy Control in Social

xBook: Redesigning Privacy Control in Social xBook: Redesigning Privacy Control in Social Networking Platforms Networking Platforms Kapil Singh, Sumeer Bhola and Wenke Lee Social networking is growing 2 Privacy concerns are growing

779 views • 54 slides
Presentation on Context in Social Networking Based on the Position Paper from Julian Pye,

Presentation on Context in Social Networking Based on the Position Paper from Julian Pye,

Presentation on Context in Social Networking Based on the Position Paper from Julian Pye, Wolfgang Schuster, Patrick Waters from Vodafone Group R&D Presented on 16 January 2009 at the W3C workshop in Barcelona on the Future of Social

251 views • 10 slides
Social networking platforms Social media refers to the means of interactions among people in which

Social networking platforms Social media refers to the means of interactions among people in which

4/30/2013 * a)I dont really know what Social Media means b) None (but I know what Social Media means) # c) 1 Social Media Network d) 2 Social Media Networks @Seth Bokser, MD, MPH Associate Clinical Professor, UCSF Medical School e) 3 or

578 views • 8 slides
If you build it, they will come: The challenge of developing a social networking site in a

If you build it, they will come: The challenge of developing a social networking site in a

If you build it, they will come: The challenge of developing a social networking site in a university context Judy Skene and Lisa Cluett Student Services, UWA First Year Challenges Settling in Finding their way Feeling

260 views • 5 slides
Anatomy of an Early Social Networking Site Alan Dix,

Anatomy of an Early Social Networking Site Alan Dix,

9/22/11 Anatomy of an Early Social Networking Site Alan Dix, Russell Beale, Nadeem Shabir, JusDn Leavesley Talis, Lancaster Uni., Birmingham Uni.

759 views • 7 slides
The Future Welcome of Social Networking W3C Workshop January 15-16, 2009 Barcelona, Spain 1

The Future Welcome of Social Networking W3C Workshop January 15-16, 2009 Barcelona, Spain 1

The Future Welcome of Social Networking W3C Workshop January 15-16, 2009 Barcelona, Spain 1 PEREY Research & Consulting Thank you! All of us 2 PEREY Research & Consulting Agenda Lay of the social networking land today

574 views • 38 slides
Sentient Computing meets Social Networking Simon Hay, Andrew Rice and Joseph Newman W3C Workshop

Sentient Computing meets Social Networking Simon Hay, Andrew Rice and Joseph Newman W3C Workshop

Sentient Computing meets Social Networking Simon Hay, Andrew Rice and Joseph Newman W3C Workshop on the Future of Social Networking, 15-16 January 2009 Sentient Computing Sentient computing is the proposition that applications can be made

394 views • 18 slides
2009 FARM to FORK SUMMIT: Working Issue Teams Youth and Social Networking WIT: Youth and Social

2009 FARM to FORK SUMMIT: Working Issue Teams Youth and Social Networking WIT: Youth and Social

2009 FARM to FORK SUMMIT: Working Issue Teams Youth and Social Networking WIT: Youth and Social Marketing Putting youth at the forefront of community outreach & education of statewide, local and sustainable food efforts through education ,

256 views • 12 slides
Using Your Network 10-07-16 Networking & You What is networking? Benefits of

Using Your Network 10-07-16 Networking & You What is networking? Benefits of

Jordan Borrell Networking & Bioengineering Program Using Your Network 10-07-16 Networking & You What is networking? Benefits of networking. Who do I network with? Family/Friends/Neighbors School Connections

395 views • 14 slides
What is Social Media? noun: social media ; plural noun: social medias websites and

What is Social Media? noun: social media ; plural noun: social medias websites and

What is Social Media? noun: social media ; plural noun: social medias websites and applications that enable users to create and share content or to participate in social networking. According to Google by the year 2025 all food

498 views • 21 slides
Using social networking and ar1ficial intelligence to collect FHx Brandon M Welch, MS, PhD

Using social networking and ar1ficial intelligence to collect FHx Brandon M Welch, MS, PhD

Using social networking and ar1ficial intelligence to collect FHx Brandon M Welch, MS, PhD Assistant Professor Medical University of South Carolina Family history is important Cancer runs in families Life6me risk for breast cancer 70% 60%

714 views • 47 slides
Social Networking Service in the Crisis and Immediate Post-Catastrophe Response Processes

Social Networking Service in the Crisis and Immediate Post-Catastrophe Response Processes

Social Networking Service in the Crisis and Immediate Post-Catastrophe Response Processes Masahiko Shoji, International University of Japan Tomoaki Watanabe, International University of Japan Counterpart PI: Eiko Ikegami, New School for Social

281 views • 26 slides
SOCIAL NETWORKING AND IMPRESSION MANAGEMENT: SELF-PRESENTATION IN THE DIGITAL AGE Download Free

SOCIAL NETWORKING AND IMPRESSION MANAGEMENT: SELF-PRESENTATION IN THE DIGITAL AGE Download Free

SOCIAL NETWORKING AND IMPRESSION MANAGEMENT: SELF-PRESENTATION IN THE DIGITAL AGE Download Free Author: Carolyn Michelle Cunningham Number of Pages: 336 pages Published Date: 27 May 2014 Publisher: Lexington Books Publication Country: Lanham,

288 views • 4 slides

More recommend