skip to main content
research-article

Privado: Privacy-preserving Group-based Advertising Using Multiple Independent Social Network Providers

Published:06 June 2020Publication History
Skip Abstract Section

Abstract

Online Social Networks (OSNs) offer free storage and social networking services through which users can communicate personal information with one another. The personal information of the users collected by the OSN provider comes with privacy problems when being monetized for advertising purposes. To protect user privacy, existing studies propose utilizing data encryption that immediately prevents OSNs from monetizing users data and hence leaves secure OSNs with no convincing commercial model. To address this problem, we propose Privado as a privacy-preserving group-based advertising mechanism to be integrated into secure OSNs to re-empower monetizing ability. Privado is run by N servers, each provided by an independent provider. User privacy is protected against an active malicious adversary controlling N − 1 providers, all the advertisers, and a large fraction of the users. We base our design on the group-based advertising notion to protect user privacy, which is not possible in the personalized variant. Our design also delivers advertising transparency; the procedure of identifying target customers is operated solely by the OSN servers without getting users and advertisers involved. We carry out experiments to examine the advertising running time under various number of servers and group sizes. We also argue about the optimum number of servers with respect to user privacy and advertising running time.

References

  1. Prabhanjan Ananth, Nishanth Chandran, Vipul Goyal, Bhavana Kanukurthi, and Rafail Ostrovsky. 2014. Achieving privacy in verifiable computation with multiple servers--without FHE and without pre-processing. In Proceedings of the International Workshop on Public Key Cryptography. Springer, 149--166.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Randy Baden, Adam Bender, Neil Spring, Bobby Bhattacharjee, and Daniel Starin. 2009. Persona: An online social network with user-defined privacy. In Proceedings of the Annual Conference of the ACM Special Interest Group on Data Communication (SIGCOMM’09).Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Alessandro Barenghi, Michele Beretta, Alessandro Di Federico, and Gerardo Pelosi. 2014. Snake: An end-to-end encrypted online social network. In Proceedings of the IEEE International Conference on Embedded Software and Systems (ICESS’14). IEEE.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Debmalya Biswas, Stephan Haller, and Florian Kerschbaum. 2010. Privacy-preserving outsourced profiling. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC’10). IEEE.Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Marina Blanton and Fattaneh Bayatbabolghani. 2016. Efficient server-aided secure two-party function evaluation with applications to genomic computation. Proc. Privacy Enhanc. Technol. 2016, 4 (2016), 144--164.Google ScholarGoogle ScholarCross RefCross Ref
  6. Burton H. Bloom. 1970. Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13, 7 (1970), 422--426.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. 2004. Public key encryption with keyword search. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 506--522.Google ScholarGoogle ScholarCross RefCross Ref
  8. Sanaz Taheri Boshrooyeh, Alptekin Küpçü, and Öznur Özkasap. 2018. PPAD: Privacy preserving group-based ADvertising in online social networks. In Proceedings of the International Federation for Information Processing (IFIP’18). IEEE, Zurich, Switzerland, 541--549.Google ScholarGoogle Scholar
  9. Bruce Schneier. 2015. Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition. https://www.wiley.com/en-gb/Applied+Cryptography%3A+Protocols%2C+Algorithms+and+Source+Code+in+C%2C+20th+Anniversary+Edition-p-9781119096726. 784 Pages.Google ScholarGoogle Scholar
  10. Sonja Buchegger, Doris Schiöberg, Le-Hung Vu, and Anwitaman Datta. 2009. PeerSoN: P2P social networking: Early experiences and insights. In Proceedings of the 2nd ACM EuroSys Workshop on Social Network Systems. ACM, 46--52.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. 2015. Outsourcing secure two-party computation as a black box. In Proceedings of the Conference on Cryptology and Network Security.Google ScholarGoogle ScholarCross RefCross Ref
  12. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. 2016. Secure outsourced garbled circuit evaluation for mobile devices. J. Comput. Secur. 24, 2 (2016), 137--180.Google ScholarGoogle ScholarCross RefCross Ref
  13. Miguel Castro and Barbara Liskov. 2002. Practical Byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst. 20, 4 (2002), 398--461.Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Ronald Cramer, Ivan Damgård, and Jesper B. Nielsen. 2001. Multiparty computation from threshold homomorphic encryption. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 280--300.Google ScholarGoogle Scholar
  15. Ivan Damgård and Jesper Buus Nielsen. 2003. Universally composable efficient multiparty computation from threshold homomorphic encryption. In Proceedings of the Annual International Cryptology Conference. Springer, 247--264.Google ScholarGoogle ScholarCross RefCross Ref
  16. Ivan Damgård, Valerio Pastro, Nigel Smart, and Sarah Zakarias. 2012. Multiparty computation from somewhat homomorphic encryption. In Proceedings of the Annual Cryptology Conference. Springer, 643--662.Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Emiliano De Cristofaro, Claudio Soriente, Gene Tsudik, and Albert Williams. 2012. Hummingbird: Privacy at the time of Twitter. In Proceedings of the Conference on Security and Privacy (SP’12). IEEE.Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Ariel J. Feldman, Aaron Blankstein, Michael J. Freedman, and Edward W. Felten. 2012. Social networking with frientegrity: Privacy and integrity with an untrusted provider. In Proceedings of the USENIX Security Symposium.Google ScholarGoogle Scholar
  19. Amos Fiat and Adi Shamir. 1986. How to prove yourself: Practical solutions to identification and signature problems. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’86). Springer, 186--194.Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Saikat Guha, Bin Cheng, and Paul Francis. 2011. Privad: Practical privacy in online advertising. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI’11).Google ScholarGoogle Scholar
  21. Yahya Hassanzadeh-Nazarabadi, Alptekin Küpçü, and Öznur Özkasap. 2019. LightChain: A DHT-based blockchain for resource constrained environments. arXiv preprint arXiv:1904.00375. https://arxiv.org/abs/1904.00375.Google ScholarGoogle Scholar
  22. Carmit Hazay and Yehuda Lindell. 2010. Efficient Secure Two-party Protocols: Techniques and Constructions. Springer Science 8 Business Media.Google ScholarGoogle Scholar
  23. Carmit Hazay, Gert Læssøe Mikkelsen, Tal Rabin, and Tomas Toft. 2011. Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting. Retrieved from https://eprint.iacr.org/2011/494.pdf.Google ScholarGoogle Scholar
  24. Carmit Hazay, Gert Læssøe Mikkelsen, Tal Rabin, and Tomas Toft. 2012. Efficient RSA key generation and threshold paillier in the two-party setting. In Proceedings of the Cryptographers’ Track at the RSA Conference. Springer, 313--331.Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Debiao He, Mimi Ma, Sherali Zeadally, Neeraj Kumar, and Kaitai Liang. 2018. Certificateless public key authenticated encryption with keyword search for industrial internet of things. IEEE Trans. Industr. Inform. 14, 8 (2018), 3618--3627.Google ScholarGoogle ScholarCross RefCross Ref
  26. Amir Herzberg and Haya Shulman. 2013. Oblivious and fair server-aided two-party computation. Info. Secur. Tech. Rep. 17, 2 (2013), 210--226.Google ScholarGoogle ScholarCross RefCross Ref
  27. Qiong Huang and Hongbo Li. 2017. An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Info. Sci. 403 (2017), 1--14.Google ScholarGoogle Scholar
  28. Thomas P. Jakobsen, Jesper Buus Nielsen, and Claudio Orlandi. 2014. A framework for outsourcing of secure computation. In Proceedings of the 6th ACM Workshop on Cloud Computing Security. ACM, 81--92.Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Ari Juels. 2001. Targeted advertising...and privacy too. In Proceedings of the Cryptographers Track of the RSA Conference (CT-RSA’01). Springer.Google ScholarGoogle ScholarCross RefCross Ref
  30. Seny Kamara, Payman Mohassel, and Mariana Raykova. 2011. Outsourcing multi-party computation. IACR Cryptol. ePrint Archive: Report 2011/272. https://eprint.iacr.org/2011/272.Google ScholarGoogle Scholar
  31. Seny Kamara, Payman Mohassel, Mariana Raykova, and Saeed Sadeghian. 2014. Scaling private set intersection to billion-element sets. In Proceedings of the International Conference on Frontier Computing (FC). Springer.Google ScholarGoogle ScholarCross RefCross Ref
  32. Seny Kamara, Payman Mohassel, and Ben Riva. 2012. Salus: A system for server-aided secure function evaluation. In Proceedings of the ACM Computer and Communications Security Conference (CCS’12). ACM.Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Jonathan Katz and Yehuda Lindell. 2014. Introduction to Modern Cryptography. CRC Press.Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Florian Kerschbaum. 2009. Adapting privacy-preserving computation to the service provider model. In Proceedings of the SIAM Conference on Computational Science and Engineering (CSE’09). IEEE.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Florian Kerschbaum. 2012. Collusion-resistant outsourcing of private set intersection. In Applied Computing. ACM.Google ScholarGoogle Scholar
  36. Florian Kerschbaum. 2012. Outsourced private set intersection using homomorphic encryption. In Proceedings of the ACM Computer and Communications Security Conference (CCS’12). ACM.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Handan Kılınç and Alptekin Küpçü. 2015. Optimally efficient multi-party fair exchange and fair secure multi-party computation. In Proceedings of the Cryptographers’ Track at the RSA Conference. Springer, 330--349.Google ScholarGoogle Scholar
  38. Balachander Krishnamurthy and Craig E. Wills. 2008. Characterizing privacy in online social networks. In Proceedings of the Workshop on Online Social Networks (WOSN’08). ACM.Google ScholarGoogle Scholar
  39. Jiguo Li, Xiaonan Lin, Yichen Zhang, and Jinguang Han. 2017. KSF-OABE: Outsourced attribute-based encryption with keyword search function for cloud storage. IEEE Trans. Services Comput. 10, 5 (2017), 715--725.Google ScholarGoogle ScholarCross RefCross Ref
  40. Yehuda Lindell. 2007. Foundations of Cryptography, Vol. 1. https://www.cambridge.org/tr/academic/subjects/computer-science/cryptography-cryptology-and-coding/foundations-cryptography-volume-1?format=PB8isbn=9780521035361.Google ScholarGoogle Scholar
  41. Payman Mohassel, Ostap Orobets, and Ben Riva. 2016. Efficient server-aided 2pc for mobile phones. Proc. Privacy Enhanc. Technol. 2016, 2 (2016), 82--99.Google ScholarGoogle ScholarCross RefCross Ref
  42. Tal Moran and Moni Naor. 2010. Split-ballot voting: Everlasting privacy with distributed trust. ACM Trans. Info. Syst. Secur. 13, 2 (2010), 16.Google ScholarGoogle Scholar
  43. Arvind Narayanan and Vitaly Shmatikov. 2009. De-anonymizing social networks. In Security and Privacy. IEEE.Google ScholarGoogle Scholar
  44. Ozgur Oksuz, Iraklis Leontiadis, Sixia Chen, Alexander Russell, Qiang Tang, and Bing Wang. 2017. SEVDSI: Secure, Efficient and Verifiable Data Set Intersection. Technical Report. Cryptology ePrint Archive Report 2017/215. Retrieved from http://ia. cr/2017/215.Google ScholarGoogle Scholar
  45. Constantinos Patsakis, Athanasios Zigomitros, and Agusti Solanas. 2015. Privacy-aware genome mining: Server-assisted protocols for private set intersection and pattern matching. In Proceedings of the International Symposium on Computer-based Medical Systems (CBMS’15). IEEE.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Kun Peng and Feng Bao. 2010. A shuffling scheme with strict and strong security. In Proceedings of the 4th International Conference on Emerging Security Information Systems and Technologies (SECURWARE’10). IEEE, 201--206.Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Nina Pettersen. 2016. Applications of Paillier s Cryptosystem.Master’s thesis. NTNU.Google ScholarGoogle Scholar
  48. Benny Pinkas, Thomas Schneider, and Michael Zohner. 2018. Scalable private set intersection based on ot extension. ACM Trans. Privacy Secur. 21, 2 (2018), 7.Google ScholarGoogle Scholar
  49. Krishna Sampigethaya and Radha Poovendran. 2006. A survey on mix networks and their secure applications. Proc. IEEE 94, 12 (2006), 2142--2181.Google ScholarGoogle ScholarCross RefCross Ref
  50. Berry Schoenmakers and Meilof Veeningen. 2015. Universally verifiable multiparty computation from threshold homomorphic cryptosystems. In Proceedings of the International Conference on Applied Cryptography and Network Security. Springer, 3--22.Google ScholarGoogle ScholarCross RefCross Ref
  51. Jinyuan Sun, Xiaoyan Zhu, and Yuguang Fang. 2010. A privacy-preserving scheme for online social networks with efficient revocation. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’10). IEEE.Google ScholarGoogle ScholarCross RefCross Ref
  52. Amin Tootoonchian, Stefan Saroiu, Yashar Ganjali, and Alec Wolman. 2009. Lockr: Better privacy for social networks. In Proceedings of the International Conference on Emerging Networking Experiments and Technologies (CoNEXT’09). ACM.Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Vincent Toubiana, Arvind Narayanan, Dan Boneh, Helen Nissenbaum, and Solon Barocas. 2010. Adnostic: Privacy preserving targeted advertising. In Proceedings of the Network and Distributed System Security Symposium (NDSS’10).Google ScholarGoogle Scholar
  54. Nikolaj Volgushev, Malte Schwarzkopf, Ben Getchell, Mayank Varia, Andrei Lapets, and Azer Bestavros. 2019. Conclave: Secure multi-party computation on big data. In Proceedings of the European Conference on Computer Systems.Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Yuan Zhang, Qingjun Chen, and Sheng Zhong. 2016. Privacy-preserving data aggregation in mobile phone sensing. IEEE Trans. Info. Forensics Secur. 11, 5 (2016), 980--992.Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Qingji Zheng and Shouhuai Xu. 2015. Verifiable delegated set intersection operations on outsourced encrypted data. In Proceedings of the IEEE International Conference on Cloud Engineering (IC2E’15). IEEE.Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. Binrui Zhu, Jiameng Sun, Jing Qin, and Jixin Ma. 2017. The public verifiability of public key encryption with keyword search. In Proceedings of the International Conference on Mobile Networks and Management. Springer, 299--312.Google ScholarGoogle Scholar
  58. Xukai Zou, Huian Li, Yan Sui, Wei Peng, and Feng Li. 2014. Assurable, transparent, and mutual restraining e-voting involving multiple conflicting parties. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’14). IEEE, 136--144.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Privado: Privacy-preserving Group-based Advertising Using Multiple Independent Social Network Providers

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader

              HTML Format

              View this article in HTML Format .

              View HTML Format
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!