distributed computing group veneta: serverless friend-of-friend detection in mobile social...

DistributedComputing

Group

VENETA: Serverless Friend-of-Friend Detection inMobile Social Networking

Marco von ArbMatthias BaderMichael KuhnRoger Wattenhofer

WiMob 2008Avignon, France

2 Michael Kuhn, ETH Zurich @ WiMob 2008

Success of Social Networking Services

Wikipedia: List of Social Networking Services

number of services listed growth of services


Biggest Virtual Social Network?

Orkut(67M)

Facebook(124M)

LinkedIn(27M)

Classmates(50M)Windows Live

Spaces (120M)

MySpace(246M)

E-Mail(1.5B Internet users)

(Jun. 2008)

Mobile Phone Contact Book(3.3B mobile subscribers)

(Nov. 2007)


Mobile Social Networking?

• Perfect combination– Excellent penetration

– Permanent reachability

– Location awareness

• Success?– No comparison to MySpace,

Facebook, etc.

– Twitter: 2.5M Unique users (08/2008)

micro-blogging service


Lovegety

• Introduced in 1998, Japan• Male (blue) and female (pink) device• Beeps if another lovegety of

opposite sex is nearby• As of 2004, 600K devices were sold• Was presumably the most

successful mobile social networking service for a long time

“In the two and a half months since the product entered markets, we've already shipped 350,000 Lovegetys. Right now we can't

produce enough of them to meet demand”Takeya Takafuji, CEO

“I just had it on one day when it started to beep all of sudden. I started looking around while getting ready to run, if the boy was

strange. He wasn't, so I said hello, and we went and ate Takoyaki”

Kaori Mikuriya, 16

Quotes from: Iwatani, Wired News, 1998


(Possible) Reasons for Success and Failure

simple

Lovegety: 3 modes (talk, karaoke, get2)

Twitter: Short messages(<140 characters)

cheap

adapted to mobile interface

low user interaction

clones of webapps

high user interaction

high data volumes

expensive

overloaded


Why Clones?

Friend Browsing


Friends-of-Friends

• Clustering Coefficient– Probability that two friends are friends themselves

• High Clustering Coefficients in Social Networks– Approx. 0.25– Feature is highly used– Better indicator for friendship than profile match


Friends-of-Friends on Mobile Devices

browsing is inefficient on small displays

requires access to server=> expensive

not appropriate for mobile devices

true?


Mobile Friend-of-Friend Detection

compare address books!

peer-to-peer (e.g. Bluetooth)

device rather than user searches


Privacy?

• Not everybody should know my contacts!• Compare hash values? => lookup tables• Possible to protect privacy? Yes!

Privacy?

multiparty-computation


Multi-Party Computation

• n participants want to evaluate a function f(x1, x2, ..., xn)

• Everybody knows the result, but nothing about the others‘ inputs

What‘s our average age?

Result: 41.7 years

33

69

3755

46

41

11Participants do NOT learn individual ages


Multi-party Computation

• Adversaries– Passive (honest but curious): Follow the protocol– Active (malicious): Can do whatever they like to compromise

somebody‘s privacy

• „Protocols for Secure Computations“– Andrew Yao, FOCS, 1982– Any 0-1 valued function can be evaluated in the passive

adversary model

high computational complexity

real world adversaries are malicious


Multiparty-Computation for Contacts?

• Alice and Bob both own a set of items from a given universe V– Alice: X = {x1, x2, ..., xN} (subset of V)

– Bob: Y = {y1, y2, ..., yM} (subset of V)

• Goal: Find intersection without knowing the other party‘s elements

• This is exactly our friend-of-friend finding problem!– X: phone numbers in Alice‘s contact book

– Y: phone numbers in Bob‘s contact book

– V: universe of all (107) phone numbers

two-party set intersection

X

Y


Two-Party Set Intersection

• Yao‘s generic approach computationally infeasible

homomorphic encryption & roots of polynomials(Freedman et al., EUROCRYPT, 2004)

relatively complex fixes required against malicious adversaries

commutative encryption(Hubermann et al., ACM EC, 1999)

homomorphic encryption & roots of polynomials(Freedman et al., EUROCRYPT, 2004)


Two-Party Set Intersection

• Commutative Encryption: Eα(Eβ(x)) = Eβ(Eα(x))

1) A → B: Eα(x1), ..., Eα(xN)

2) B → A: Eβ(y1), ..., Eβ(yM)

3) A → B: Eα(Eβ(y1)), ..., Eα(Eβ(yM))

4) B → A: Eβ(Eα(x1)), ..., Eβ(Eα(xN))

Commutativity: xi = yj => Eβ(Eα(xi)) = Eα(Eβ(yj))

reveals input set sizes


Analysis

• Agraval et al., SIGMOD, 2003– Passive adversaries

• Protocol is secure if:– Decisional Diffie-Hellmann (DDH) assumption holds

– Eκ(m) = mκ mod p

– p is strong prime (i.e. p = 2*q+1 with p, q large prime)– Dom E: quadratic residues modulo q– κ {1, 2, ..., q – 1}– Ideal hash function h: V → Dom E exists to map each v element

V to d Dom E

Eκ(m) = mκ mod p [m = h(x)]


For Phone Numbers

Barbara Smith

Christa Doe

Brian Lewis

Vanessa Platt

Walter Boyd

...

Arthur V.

Brad K.

Brian L.

Vincent M.

William M.

...

6503800721

+18312380902

...

+18317280422

8314568721

+442088709929

6521257

+16503807210

9826735

+442086294528

...

Alice Bob

BrianAlice Bob

Barbara

Christa

Vanessa

Walter

Arthur

Brad

Vincent

William

+41791324328

Bob is a friend-of-a-friend of Alice


+417913243286503807210

+18312380902...

6521257+442088709929

+16503807210...

h(6521257)β

h(8709929)β

h(3807210)β

...h(1324328)αβ

h(3807210)αβ

h(2380902)αβ

...

h(6521257)βα h(8709929)βα

h(3807210)βα

...

For Phone Numbers

h(1324328)αβ

h(3807210)αβ

h(2380902)αβ

...

h(6521257)βα h(8709929)βα

h(3807210)βα

...

equal due to commutativity

h(1324328)α

h(3807210)α

h(2380902)α

...

(mod p)


Active Adversaries

• Zhang and Zhao, VLDB, 2005• Li et al., Computer Security, 2005

• Changing input set (e.g. adding a number)– If somebody can add a number (and knows

whose number it is), it could have been in the contact book, anyways

– Limited to 300 entries (no brute-force attacks)

• Asymmetry (Alice could skip last step)– Simulaneously exchange values

– Zhan and Zhao

– Expensive

– Interesting only for delicate contacts– Bob would not have made such a contact available


Prototype Application: veNETa

• Let‘s use our protocol– Only makes sense if other people use it

as well...– Why should people use it, if there is

litteraly no chance of meeting another user?

– Bootstrapping problem

• Integration into a more comprehensive application– veNETa– Decentralized as well as serverbound

features– J2ME


veNETa

• Decentralized– Free of charge– Friend-of-friend detection

(as explained)– Profile matching (age,

gender)– Simple, recall Lovegety

– Multihop messaging over Bluetooth (max. 3 hops, epidemic routing)

• Server bound– Text-Messaging (encrypted,

public-key infrastructure provided by server)

– Location tracking:– veNETa can (optionally) alert

users if people of interest (friends or profile matches) are nearby

– Requires JSR-179 (Java Location-API)

friend-finding(new friends)

messaging(stay in contact)

location-awareness(re-discover)


Conclusions

• Mobile social software as huge potential– Market penetration of mobile devices– Success of social networking applications

• Major target group: Young people– Low budget

• Serverless core features– Free of charge– Cover the extremely popular friend-of-friend detection– Based on real friends

• Future– Improve usability– Extend to e-mail addresses, ICQ numbers, etc.– Other matching mechanisms (e.g. music taste?)– Micro-blogging?


Thanks for your Attention

• Questions?

distributed computing group veneta: serverless friend-of-friend detection in mobile social...

Documents

eth zurich

mobile friend

serverless friend

social networksapprox

mobile devicesbrowsing

virtual social network

b mobile subscribersnov

mobile phone contact