CrowdShare: Secure Mobile Resource Sharing

Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Reshetova, Elena; Sadeghi, Ahmad‐Reza; Schneider, Thomas; Stelle, Stanislaus

doi:10.1007/978-3-642-38980-1_27

Cited by 14 publications

(22 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Implementations of PSI protocols on smartphones such as [4,10,33] can be found in the literature, but they either do not achieve linear complexity or do not consider the offline/online setting, and hence are not suited for our scenario.…”

Section: Related Work On Psimentioning

confidence: 99%

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Kiss

Liu

Schneider

et al. 2017

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

Private set intersection (PSI) is a cryptographic technique that is applicable to many privacysensitive scenarios. For decades, researchers have been focusing on improving its efficiency in both communication and computation. However, most of the existing solutions are inefficient for an unequal number of inputs, which is common in conventional client-server settings.In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.

show abstract

Section: Related Work On Psimentioning

confidence: 99%

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Kiss

Liu

Schneider

et al. 2017

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

show abstract

“…We now present the implementation of Common Friends on Android, and its integration with an existing tethering application from our prior work [5].…”

Section: Methodsmentioning

confidence: 99%

“…Our proposed framework provides a clear and usable interface for application developers, enabling them to support access control decisions based on users' social proximity, independently of underlying cryptographic techniques. Finally, we integrate the Common Friends service into an existing application for sharing Internet connection [5], whereby users decide whether or not to share based on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.…”

Section: Introductionmentioning

confidence: 99%

Do I know you?

Nagy

Cristofaro

Dmitrienko

et al. 2013

Proceedings of the 29th Annual Computer Security Applications Conference

Self Cite

View full text Add to dashboard Cite

The increasing penetration of Online Social Networks (OSNs) prompts the need for effectively accessing and utilizing social networking information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a framework for finding common friends which protects privacy of nonmutual friends and guarantees authenticity of friendships. First, we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to enforce access control based on users' social proximity in a privacypreserving manner. Finally, we showcase our techniques in the context of an existing application for sharing (tethered) Internet access, whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.

show abstract

“…Asokan et al [1] proposed a framework to safely share sensitive data among mobile devices, with the focus on the data privacy and user privacy. Huang et al [10] exploited the attribute-based encryption (ABE) to protect user's privacy in mobile systems.…”

Section: Related Workmentioning

confidence: 99%

“…It chooses a hash function H : {0, 1} * → G that will be modeled as a random oracle in the security proof. By calling the generation algorithm Gen F C on inputs N and L, this algorithm also generates a set of codewords Γ = {ω (1) , ..., ω (N ) }, where N denotes the maximum number of cloud users in this system and L denotes the length of each codeword. The public parameter and master secret key are set as…”

Section: The Lact Schemementioning

confidence: 99%

Who Is Touching My Cloud

Deng

Qin

et al. 2014

Computer Security - ESORICS 2014

View full text Add to dashboard Cite

Abstract. Advanced access controls have been proposed to secure sensitive data maintained by a third party. A subtle issue in such systems is that some access credentials may be leaked due to various reasons, which could severely damage data security. In this paper, we investigate leakage tracing enabled access control over outsourced data, so that one can revoke the suspected leaked credentials or prepare judicial evidences for legal procedure if necessary. Specifically, we propose a leaked access credential tracing (LACT) framework to secure data outsourced to clouds and formalize its security model. Following the framework, we construct a concrete LACT scheme that is provably secure. The proposed scheme offers fine-grained access control over outsourced data, by which the data owner can specify an access policy to ensure that the data is only accessible to the users meeting the policy. In case of suspectable illegal access to outsourced data with leaked credentials, a tracing procedure can be invoked to tracing in a black-box manner at least one of the users who leaked their access credentials. The tracing procedure can run without the cloud service provider being disturbed. Analysis shows that the introduction of tracing access credential leakage incurs little additional cost to either data outsourcing or access procedure.

show abstract

CrowdShare: Secure Mobile Resource Sharing

Cited by 14 publications

References 5 publications

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Do I know you?

Who Is Touching My Cloud

Contact Info

Product

Resources

About