Hiding from Facebook: An Encryption Protocol resistant to Correlation Attacks

Chen-Da Liu,Simone Santini
2024-04-29
Abstract:In many social networks, one publishes information that one wants to reveal (e.g., the photograph of some friends) together with information that may lead to privacy breaches (e.g., the name of these people). One might want to hide this sensitive information by encrypting it and sharing the decryption key only with trusted people, but this might not be enough. If the cipher associated to a face is always the same, correlation between the output of a face recognition system and the cipher can give useful clues and help train recognizers to identify untagged instances of the face. We refer to these as "correlation attacks".
Cryptography and Security,Social and Information Networks
What problem does this paper attempt to address?
The problem that this paper attempts to solve is: **How to protect user privacy in social networks and prevent the leakage of sensitive information through correlation attacks**. Specifically, the author is concerned that when users post photos on social networks, they usually attach some tags (such as friends' names). Although these tags facilitate information sharing, they also bring the risk of privacy leakage. For example, if the same face always corresponds to the same encrypted tag, then the face recognition system can infer the identities of people in unlabeled photos through correlation analysis, thus undermining privacy. To solve this problem, the paper proposes a new encryption protocol, aiming to **reduce the correlation between different instances**, so that even when the same person appears multiple times, their encrypted tags are different, making it difficult to infer the original information through correlation analysis. In addition, the protocol also designs a key distribution mechanism to ensure that only the owner of the image can encrypt the tags, and only a group of trusted friends can decrypt these tags. ### Summary of the core problems in the paper: 1. **Risk of privacy leakage**: In social networks, publicly posting photos with tags may cause sensitive information (such as names) to be exploited by correlation attacks, thereby revealing more privacy. 2. **Threat of correlation attacks**: Traditional encryption methods are not sufficient to prevent correlation attacks because the same tags will lead to consistent encryption results and are easily cracked. 3. **Solution**: Propose a new encryption protocol. By randomizing the encryption process, ensure that the encryption results of each tag are different, reduce the correlation, and design a secure key distribution mechanism. ### Key technical points: - **Randomized encryption**: Introduce a random number during each encryption to ensure that different instances of the same tag have different encryption results and reduce the correlation. - **Symmetric encryption and key distribution**: Use the symmetric encryption method and design a secure key distribution scheme based on the Diffie - Hellman protocol to ensure that only authorized users can decrypt. Through these methods, the paper aims to improve users' privacy protection ability in social networks and prevent sensitive information from being obtained by unauthorized third parties.