Skip to main content

Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider

Author(s): Feldman, Ariel J; Blankstein, Aaron; Freedman, Michael J; Felten, Edward W

Download
To refer to this page use: http://arks.princeton.edu/ark:/88435/pr1dv77
Full metadata record
DC FieldValueLanguage
dc.contributor.authorFeldman, Ariel J-
dc.contributor.authorBlankstein, Aaron-
dc.contributor.authorFreedman, Michael J-
dc.contributor.authorFelten, Edward W-
dc.date.accessioned2021-10-08T19:50:03Z-
dc.date.available2021-10-08T19:50:03Z-
dc.date.issued2012en_US
dc.identifier.citationFeldman, Ariel J., Aaron Blankstein, Michael J. Freedman, and Edward W. Felten. "Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider." In 21st USENIX Security Symposium (2012): pp. 647-662.en_US
dc.identifier.urihttps://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final67.pdf-
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/pr1dv77-
dc.description.abstractToday’s social networking services require users to trust the service provider with the confidentiality and integrity of their data. But with their history of data leaks and privacy controversies, these services are not always deserving of this trust. Indeed, a malicious provider could not only violate users’ privacy, it could equivocate and show different users divergent views of the system’s state. Such misbehavior can lead to numerous harms including surreptitious censorship. In light of these threats, this paper presents Frientegrity, a framework for social networking applications that can be realized with an untrusted service provider. In Frientegrity, a provider observes only encrypted data and cannot deviate from correct execution without being detected. Prior secure social networking systems have either been decentralized, sacrificing the availability and convenience of a centralized provider, or have focused almost entirely on users’ privacy while ignoring the threat of equivocation. On the other hand, existing systems that are robust to equivocation do not scale to the needs social networking applications in which users may have hundreds of friends, and in which users are mainly interested the latest updates, not in the thousands that may have come before. To address these challenges, we present a novel method for detecting provider equivocation in which clients collaborate to verify correctness. In addition, we introduce an access control mechanism that offers efficient revocation and scales logarithmically with the number of friends. We present a prototype implementation demonstrating that Frientegrity provides latency and throughput that meet the needs of a realistic workload.en_US
dc.format.extent647 - 662en_US
dc.language.isoen_USen_US
dc.relation.ispartof21st USENIX Security Symposiumen_US
dc.rightsFinal published version. This is an open access article.en_US
dc.titleSocial Networking with Frientegrity: Privacy and Integrity with an Untrusted Provideren_US
dc.typeConference Articleen_US
pu.type.symplectichttp://www.symplectic.co.uk/publications/atom-terms/1.0/conference-proceedingen_US

Files in This Item:
File Description SizeFormat 
SocialNetworking.pdf542.48 kBAdobe PDFView/Download


Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.