by Gianpiero Costantino, Fabio Martinelli and Paolo Santi
We present an implementation of the FairPlay framework for secure two-party function computation on Android smartphones, which we call MobileFairPlay. Our application was developed to preserve the users’ privacy within opportunistic networks considering the interest-casting model. Our tests show that the running times of the protocol on several Android phones, are very reasonable (up to five seconds in the worst case).
Crowded places present an opportunity for people to share personal information. In addition to sharing information through traditional, web-based platforms and applications such as Facebook and Twitter, the availability of short range radio interfaces in smartphones, tablet PCs, etc. allows individuals to share information with one another through direct, opportunistic communication (typically using the Bluetooth or WiFi interface).
This model of store-carry and forwarding data to others is known as opportunistic networking (OppNets). A common feature of these approaches is that, before making a decision about whether to share information with an individual, users have to exchange some sensitive information, such as history of past encounters [1], interest profiles, etc. Given that the person encountered is generally a stranger, this exchange of sensitive information (which occurs in plain text in the approaches mentioned) is likely to be deemed unacceptable by the user in real-world scenarios, owing to privacy concerns.
To address this issue, we present a feasible implementation of a cryptographic framework for secure multi-party computation (the FairPlay framework proposed in [2]) targeted to the interest-cast model and running on the Android mobile platform. Our application, “Mobile-FairPlay” [3], has been developed with the aims of: 1) finding people in the user’s (Alice) neighbourhood through a Bluetooth scan operation, 2) connecting to another user (Bob) and determining whether Bob and Alice have similar interest profiles without disclosing sensitive information, and 3) sharing messages between Alice’s and Bob’s devices in the event that their profiles are similar.
When Alice and Bob have established a new connection, Bob, who received the connection, randomly selects different topics to verify their similarity with respect to these interests. Then, they start matching interests using the secure framework implemented in the App. During this execution, both Bob and Alice use their own value for the selected topic, extracted from the interest profile. However, these values are not sent to the other participants in plain, but are encoded in the garbled Boolean circuits exchanged through MobileFairPlay. At the end of the hand-shaking phase, Alice and Bob only know the result of the jointly computed matching, without knowing the specific interest values of the other party. In the case of a positive comparison, the user who received the incoming connection can start sending their own information using real files.
The execution time of the interest matching performed with our application ranges between 2 to 2.5 seconds for a single topic comparison and between 3.5 to 4.5 seconds for four topic comparisons. The running time is dominated by the cryptographic part run during the matching, and depends mainly on the smartphone’s hardware. Times reported here are obtained using Samsung Galaxy S2 and Samsung Galaxy S and other slower devices. However, by running more recent smartphones the computation time can be even lower.
We are currently developing a different version of this application that uses past users’ locations to determine whether they have spent time in common places. This matching is also performed whilst preserving the users’ privacy. Common past locations are used to understand similarity in users’ behaviour, and taking advantage of this can help users to increase their social contacts.
The application was released late spring 2012, and is available at the link below.
Acknowledgment
It took over six months to develop this application, and our thanks go to Dario Amoruso, who prepared his master degree thesis on this topic.
Link:
http://www.iit.cnr.it/staff/gianpiero.costantino/
References:
[1] E. Daly and M. Haahr: “Social network analysis for routing in disconnected delay-tolerant manets”, in ACM Mo- biHoc
[2] D. Malkhi et al: “Fairplay: a secure two-party computation system”, in proc. of the 13th conf. on USENIX Sec. Symp.
[3] G. Costantino et al: “An implementation of secure two-party computation for smartphones with application to privacy-preserving interest-cast”, PST 2012.
Please contact:
Gianpiero Costantino,
Fabio Martinelli and Paolo Santi
IIT-CNR, Pisa, Italy
E-mail:
