Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Ágnes Kiss,Jian Liu,Thomas Schneider,N. Asokan,Benny Pinkas

DOI: https://doi.org/10.1515/popets-2017-0044

2017-01-01

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract Private set intersection (PSI) is a cryptographic technique that is applicable to many privacy-sensitive scenarios. For decades, researchers have been focusing on improving its efficiency in both communication and computation. However, most of the existing solutions are inefficient for an unequal number of inputs, which is common in conventional client-server settings. In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.

Cheng Huang,Rongxing Lu,Hui Zhu,Jun Shao,Abdulrahman Alamer,Xiaodong Lin

DOI: https://doi.org/10.1109/ICC.2016.7511194

2016-01-01

Abstract:With the ubiquity of mobile devices, location-based social networking applications have been widely used in people's daily life. However, due to the importance and sensitivity of location information, these applications may lead to serious security issues for user's location privacy. To handle these location privacy challenges, in this paper, we propose an efficient and privacy-preserving proximity testing scheme, called EPPD, for location-based services. With EPPD, a group of users can test whether they are within a given distance with minimal privacy disclosure. In specific, EPPD is comprised of two phases: first, users periodically upload their encrypted locations to service provider; and later, users can send requests to service provider for proximity testing and obtain the final testing results. Detailed security analysis shows that EPPD can achieve privacy-preserving proximity testing. In addition, performance evaluations via extensive simulations also demonstrate the efficiency and effectiveness of EPPD in term of low computational cost and communication overhead.

Min Li,Ruijin Wang,Zhiguang Qin,Cong Wang

DOI: https://doi.org/10.14257/ijhit.2014.7.4.12

2014-01-01

International Journal of Hybrid Information Technology

Abstract:Recently, with the dramatic popular of geo-social networks and location based services (LBS), more and more mobile users are willing to enjoy the proximity services, which is a friend-alarm when the buddies happen to be in proximity.However, the services provider (SP) and some compromised buddies could try to steal the user's exact location information.Hence, location privacy preserving is still a challenge question in proximity based services.Unfortunately, existing methods only consider Euclidean distance to calculate neighbors, which would bring great deviation for distance measurement in the actual terrain.To my knowledge, this article is the first time extending to the 3D surface and proposes a novel technique for the privacy-preserving proximity services.The technique utilizes simplicial triangulation decomposition on 3D surface, and the user's location is generalized with a triangular area space, then a more precise proximity distance measurement method based on the triangle fractal is proposed.Next, we design a privacy-preserving proximity query protocol, which provide complete privacy with respect to the SP and the buddies.Final, the experiments shows that our methods have practicality in the services quantity and privacy.

Gabriel Ghinita,Kien Nguyen,Mihai Maruseac,Cyrus Shahabi

DOI: https://doi.org/10.1007/s10707-020-00410-1

IF: 2.7729

GeoInformatica

Abstract:Monitoring location updates from mobile users has important applications in many areas, ranging from public health (e.g., COVID-19 contact tracing) and national security to social networks and advertising. However, sensitive information can be derived from movement patterns, thus protecting the privacy of mobile users is a major concern. Users may only be willing to disclose their locations when some condition is met, for instance in proximity of a disaster area or an event of interest. Currently, such functionality can be achieved using searchable encryption. Such cryptographic primitives provide provable guarantees for privacy, and allow decryption only when the location satisfies some predicate. Nevertheless, they rely on expensive pairing-based cryptography (PBC), of which direct application to the domain of location updates leads to impractical solutions. We propose secure and efficient techniques for private processing of location updates that complement the use of PBC and lead to significant gains in performance by reducing the amount of required pairing operations. We implement two optimizations that further improve performance: materialization of results to expensive mathematical operations, and parallelization. We also propose an heuristic that brings down the computational overhead through enlarging an alert zone by a small factor (given as system parameter), therefore trading off a small and controlled amount of privacy for significant performance gains. Extensive experimental results show that the proposed techniques significantly improve performance compared to the baseline, and reduce the searchable encryption overhead to a level that is practical in a computing environment with reasonable resources, such as the cloud.

Alex Berke,Michiel Bakker,Praneeth Vepakomma,Kent Larson,Alex 'Sandy' Pentland

DOI: https://doi.org/10.48550/arXiv.2003.14412

2020-04-09

Abstract:Governments and researchers around the world are implementing digital contact tracing solutions to stem the spread of infectious disease, namely COVID-19. Many of these solutions threaten individual rights and privacy. Our goal is to break past the false dichotomy of effective versus privacy-preserving contact tracing. We offer an alternative approach to assess and communicate users' risk of exposure to an infectious disease while preserving individual privacy. Our proposal uses recent GPS location histories, which are transformed and encrypted, and a private set intersection protocol to interface with a semi-trusted authority. There have been other recent proposals for privacy-preserving contact tracing, based on Bluetooth and decentralization, that could further eliminate the need for trust in authority. However, solutions with Bluetooth are currently limited to certain devices and contexts while decentralization adds complexity. The goal of this work is two-fold: we aim to propose a location-based system that is more privacy-preserving than what is currently being adopted by governments around the world, and that is also practical to implement with the immediacy needed to stem a viral outbreak.

Cryptography and Security,Computers and Society

Matthew Tsao,Kaidi Yang,Karthik Gopalakrishnan,Marco Pavone

DOI: https://doi.org/10.48550/arXiv.2202.13305

2022-03-15

Abstract:Data-driven methodologies offer many exciting upsides, but they also introduce new challenges, particularly in the realm of user privacy. Specifically, the way data is collected can pose privacy risks to end users. In many routing services, a single entity (e.g., the routing service provider) collects and manages user trajectory data. When it comes to user privacy, these systems have a central point of failure since users have to trust that this entity will not sell or use their data to infer sensitive private information. Unfortunately, in practice many advertising companies offer to buy such data for the sake of targeted advertisements. With this as motivation, we study the problem of using location data for routing services in a privacy-preserving way. Rather than having users report their location to a central operator, we present a protocol in which users participate in a decentralized and privacy-preserving computation to estimate travel times for the roads in the network in a way that no individuals' location is ever observed by any other party. The protocol uses the Laplace mechanism in conjunction with secure multi-party computation to ensure that it is cryptogrpahically secure and that its output is differentially private. A natural question is if privacy necessitates degradation in accuracy or system performance. We show that if a road has sufficiently high capacity, then the travel time estimated by our protocol is provably close to the ground truth travel time. We validate the protocol through numerical experiments which show that using the protocol as a routing service provides privacy guarantees with minimal overhead to user travel time.

Cryptography and Security,Systems and Control

Fengwei Wang,Hui Zhu,Rongxing Lu,Fen Liu,Cheng Huang,Hui Li

DOI: https://doi.org/10.1109/jiot.2017.2766701

2018-01-01

Abstract:With the pervasiveness of location-aware mobile terminals and the popularity of social applications, location-based social networking service (LBSNS) has brought great convenience to people's life. Meanwhile, proximity detection, which makes LBSNS more flexible, has aroused widespread concern. However, the prosperity of LBSNS still faces many severe challenges on account of users' location privacy and data security. In this paper, we propose two efficient and privacy-preserving proximity detection schemes, named arbitrary geometric range query for polygons (AGRQ-P) and arbitrary geometric range query for circles (AGRQ-C), for location-based social applications. With proposed schemes, a user can choose any area on the map, and query whether her/his friends are within the region without divulging the query information to both social application servers and other users, meanwhile, the accurate locations of her/his friends are also confidential for the servers and the query user. Specifically, with algorithms based on ciphertext of geometric range query, users' query and location information is blurred into ciphertext in client, thus no one but the user knows her/his own sensitive information. Detailed security analysis shows that various security threats can be defended. In addition, the proposed schemes are implemented in an IM APP with a real LBS dataset, and extensive simulation results over smart phones further demonstrate that AGRQ-P and AGRQ-C are highly efficient and can be implemented effectively.

Godwin Badu-Marfo,Bilal Farooq,Zachary Patterson

DOI: https://doi.org/10.1177/0361198119855999

2019-08-12

Abstract:Smartphone based travel data collection has become an important tool for the analysis of transportation systems. Interest in sharing travel survey data has gained popularity in recent years as "Open Data Initiatives" by governments seek to allow the public to use these data, and hopefully be able to contribute their findings and analysis to the public sphere. The public release of such precise information, particularly location data such as place of residence, opens the risk of privacy violation. At the same time, in order for such data to be useful, as much spatial resolution as possible is desirable for utility in transportation applications and travel demand modeling. This paper evaluates geographic random perturbation methods (i.e. Geo-indistinguishability and the Donut geomask) in protecting the privacy of respondents whose residential location may be published. We measure the performance of location privacy methods, preservation of utility and randomness in the distribution of perturbation distances with varying parameters. It is found that both methods produce distributions of spatial perturbations that conform closely to common probability distributions and as a result, that the original locations can be inferred with little information and a high degree of precision. It is also found that while Achieved K-estimate anonymity increases linearly with desired anonymity for the Donut geomask, Geo-Indistinguishability is highly dependent upon its privacy budget factor (epsilon) and is not very effective at assuring desired Achieved K-estimate anonymity.

Cryptography and Security

Iqra Nawaz,Munam Ali Shah,Abid Khan,Seunggil Jeon

DOI: https://doi.org/10.1007/s11276-024-03651-2

IF: 2.701

2024-03-09

Wireless Networks

Abstract:In recent years, service provided based on the location has brought a tremendous change in our lives. However, one of the biggest challenges is to preserve users' privacy which upon leakage could have disastrous consequences. Privacy preservation has gained remarkable consideration as a notable number of users have started being conscious about privacy protection. Most solutions that have been developed in such a distributed scenario need a third party for data anonymization. In a system of public data sharing, one of the most popular and useful anonymization techniques is local differential privacy (LDP). Without requiring a third party to perturb the data, LDP allows users to perturb their data locally and individually, resulting in stronger privacy guarantees. Based on this principle the proposed system provides anonymity and integrity during communication and independent key generation by using secure authentication mechanism i.e., Physical Unclonable Function (PUF) with elliptical curve cryptography and remove third party dependency for data anonymization by using LDP with Hadamard count mean sketch (HCMS) protocol. For scalability, and quantum secrecy IOTA ledger is used on top of LDP anonymization technique. Our experimental results show that using PUF with ECC for authentication can reduce the computational overhead and increase the secrecy of the communication, LDP with HCMS achieves high privacy while also showing the tradeoff between utility and privacy. Furthermore, the IOTA ledger provides more scalability than the existing technique. Hence, the privacy of an individual will be preserved without compromising accuracy while sharing information to the third party for using location-based services.

computer science, information systems,telecommunications,engineering, electrical & electronic

Di Chen,Peng Zhang,Chengchen Hu,Huanzhao Wang,Shun Wu,Ningzhe Xing

DOI: https://doi.org/10.1109/ICC.2015.7249500

2015-01-01

Abstract:Location Based Service (LBS) is gaining popularity on smart phones. One fundamental LBS is range search, which returns all Point of Interests (POIs) within a user-specified range. However, people also leave their location privacy at risks when using LBS like range search. How can a user invoke such service without revealing his location is an interesting, yet challenging problem to solve.Most existing approaches blur a user's location into a cloaked region, so that LBS cannot figure out the exact location of the requesting user. However, this would make the returning results inaccurate, containing some out-of-range POIs. To this end, we propose PAPERS, a new method to provide location privacy for users of range search. PAPERS leverage homomorphic encryption to let the user encrypt her location, and the LBS server can compute distances on ciphertext. In this way, the returning results by LBS are exactly the POIs within the specified range, while LBS learns nothing about user's real location. We implement a prototype of PAPERS, and evaluate it with real POI set of a large-scale production LBS. Experimental results show that PAPERS can achieve the goal of privacy protection, with reasonable overhead in response time and communication cost.

Sheng Gao,Jianfeng Ma,Weisong Shi,Guoxing Zhan

DOI: https://doi.org/10.1002/wcm.2324

2012-12-06

Wireless Communications and Mobile Computing

Abstract:The ubiquity of mobile devices has facilitated the prevalence of participatory sensing, whereby ordinary citizens use their private mobile devices to collect regional information and to share with participators. However, such applications may endanger the users' privacy by revealing their locations and trajectories information. Most of existing solutions, which hide a user's location information with a coarse region, are under k‐anonymity model. Yet, they may not be applicable in some participatory sensing applications that require precise location information. The goals are seemingly contradictory: to protect a user's location privacy while simultaneously providing precise location information for a high quality of service. In this paper, we propose a method to meet both goals. Through selecting a certain number of a user's partners, it can protect the user's location privacy while providing precise location information. The user's trajectory privacy can be protected by constructing several trajectories that are similar to the user's trajectory in an interval time T. Finally, we utilize a new metric, called slope ratio, to evaluate the partners' selection algorithm that we proposed. Then, we measure the privacy level that the location and trajectory privacy protection mechanism (LTPPM) can achieve. The analysis and simulation results show that LTPPM can protect the user's location and trajectory privacy effectively and also provide a high quality of service in participatory sensing. Copyright © 2012 John Wiley & Sons, Ltd. Location and trajectory privacy problems are the main obstacles to the success of participatory sensing. However, most of existing anonymous methods hide a user's location with a coarse region, which may reduce quality of services. Moreover, the disclosure of trajectory may also reveal the user's location. In this paper, subject to high quality of services, we propose to protect the user's location and trajectory privacy on the basis of equivalence classes formed by his or her partners and present a new metric, named slope ratio, to evaluate trajectory similarity.

computer science, information systems,telecommunications,engineering, electrical & electronic

Qian Chen,Zilong Wang,Wenjing Zhang,Xiaodong Lin

DOI: https://doi.org/10.1016/j.cose.2022.102966

2022-10-24

Abstract:The concept of Federated Learning (FL), which is vital to the development of machine learning, has emerged as a convergence of machine learning, information, and communication technology. However, general FL settings cannot meet requirements in decentralized environments, especially in peer-to-peer (P2P) networks, where a fully connected central server is unavailable due to limited communication ranges. In this paper, to satisfy the requirements of security, privacy preservation, and robustness in the context of FL in P2P networks, we propose a decentralized global model training protocol, named PPT. Particularly, PPT aggregates local model update parameters in a single-hop manner and uses the symmetric cryptosystem to ensure secure communications between network nodes where an enhanced Eschenauer-Gligor (E-G) scheme is proposed for secure key distribution. Further, PPT generates random noise for privacy preservation without reducing the model accuracy since the noise is eliminated ultimately. PPT also adopts game theory to resist collusion attacks. In addition, PPT has elaborate designs in terms of communication efficiency and dropout-robustness. Through extensive analysis, we demonstrate that PPT can resist various security threats and preserve user privacy. Ingenious experiments on Trec05, Trec06p, Trec07, and SMS Spam Collection v.1 confirm the 20 × and 12 × improvement of computation efficiency that PPT achieves compared to Google's Secure Aggregation and Local Differential Privacy (LDP)-based FL methods. More importantly, the global model trained by PPT is better than that trained by LDP-based FL methods in terms of prediction performance (about 14% and 1% improvement in convergence rate and accuracy).

computer science, information systems

Jing Long,Tong Chen,Guanhua Ye,Kai Zheng,Nguyen Quoc Viet Hung,Hongzhi Yin

2024-01-26

Abstract:As an indispensable personalized service within Location-Based Social Networks (LBSNs), the Point-of-Interest (POI) recommendation aims to assist individuals in discovering attractive and engaging places. However, the accurate recommendation capability relies on the powerful server collecting a vast amount of users' historical check-in data, posing significant risks of privacy breaches. Although several collaborative learning (CL) frameworks for POI recommendation enhance recommendation resilience and allow users to keep personal data on-device, they still share personal knowledge to improve recommendation performance, thus leaving vulnerabilities for potential attackers. Given this, we design a new Physical Trajectory Inference Attack (PTIA) to expose users' historical trajectories. Specifically, for each user, we identify the set of interacted POIs by analyzing the aggregated information from the target POIs and their correlated POIs. We evaluate the effectiveness of PTIA on two real-world datasets across two types of decentralized CL frameworks for POI recommendation. Empirical results demonstrate that PTIA poses a significant threat to users' historical trajectories. Furthermore, Local Differential Privacy (LDP), the traditional privacy-preserving method for CL frameworks, has also been proven ineffective against PTIA. In light of this, we propose a novel defense mechanism (AGD) against PTIA based on an adversarial game to eliminate sensitive POIs and their information in correlated POIs. After conducting intensive experiments, AGD has been proven precise and practical, with minimal impact on recommendation performance.

Information Retrieval

Cheng Huang,Dongxiao Liu,Anjia Yang,Rongxing Lu,Xuemin Shen

DOI: https://doi.org/10.1109/tmc.2024.3366340

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:In this paper, we propose a privacy-preserving range-based positioning scheme, named PPRP, which can preserve the location privacy of both user equipment (UE) and anchors (ACs) in mobile networks. Specifically, PPRP is established on a decentralized trust-based framework that divides trust between two location management function (LMF) servers. With such a framework, UE and ACs are allowed to securely upload their range/range-difference measurement data to LMF servers using lightweight additive secret sharing techniques (ASS) instead of cumbersome cryptographic operations. Then, PPRP takes secret-shared measurement data as inputs and decomposes UE's location estimation procedures into secure two-party matrix computation sub-protocols, which are elaborately crafted using somewhat homomorphic encryption and randomization techniques to ensure both efficiency and privacy preservation in positioning. Furthermore, to mitigate the negative effects arising from non-line-of-sight (NLoS) ACs, PPRP achieves privacy-preserving residual-based NLoS analysis. To this end, we additionally propose a series of secure two-party sub-protocols to support various non-linear functions, including comparison, division, square root computation, oblivious shuffle and sorting. These sub-protocols serve as fundamental modules that can be effectively combined to perform sophisticated operations of NLoS analysis in a privacy-preserving manner. A comprehensive simulation-based security analysis demonstrates that PPRP can achieve location privacy preservation. Finally, we develop a proof-of-concept prototype and conduct extensive experiments to show PPRP's high performance in terms of positioning accuracy, computational efficiency, and communication complexity.

Michael Guldner,Torsten Spieldenner,René Schubotz

DOI: https://doi.org/10.48550/arXiv.1804.09933

2018-04-26

Abstract:While becoming more and more present in our every day lives, services that operate on users' locations or location trajectories suffer from general fear of misappropriation of the transmitted location data. Several works have investigated of how to cope with this drawback. Respective systems claim location-privacy, i.e. keeping users' locations secret, by employing anonymisation techniques concerning a user's identity, or by obfuscating the transmitted location. These approaches lead to a degrade of quality-of-service and can be vulnerable to de-anonymisation attacks, or allow to learn at least the approximate location of a user. Focusing on the application domain of geo-fencing, we present as remedy a protocol that is based on homomorphic encryption of a user's location. The protocol provably provides full location-privacy by non-exposure of the users' location data, while producing exact geo-fencing results. We provide a detailed definition of the protocol, show its applicability in an actual geo-fencing application, and show that the resulting system fulfills all security properties we see for a location-privacy preserving system.

Cryptography and Security

Cong Ma,Yuhan Liu,Zheng Yang,Juan Ma

DOI: https://doi.org/10.3390/electronics13081443

IF: 2.9

2024-04-12

Electronics

Abstract:In recent years, there has been significant growth in location-based services (LBSs) and applications. These services empower users to transmit their location data to location service providers, thereby facilitating the provisioning of pertinent resources and services. However, in order to prevent malicious users from sending fake location data, users must attest to their location for service providers, namely, through a proof of location (PoL). Such a proof should additionally prevent attackers from being able to obtain users' identity and location information through it. In this paper, we propose an efficient privacy-preserving proof of location (PPPoL) scheme. The scheme is based on the standard cryptographic primitives, including Group Time-based One-Time Password (GTOTP) and public key encryption, which achieves entity privacy, location privacy, and traceability. Unlike the previous GTOTP-based PPPoL scheme, our scheme enables instant location verification with additional hash operations. To encourage the active participation of witnesses in location proofs, we propose an incentive mechanism based on smart contracts. Additionally, we implement a proof of concept of our PPPoL scheme on an Android device. Our experimental results show that proof generation and verification time are on the order of milliseconds. Meanwhile, the total overhead for the incentive mechanism amounts to 0.0011 ETH. This result is practical for mobile device-based LBSs.

engineering, electrical & electronic,computer science, information systems,physics, applied

Yili Jiang,Kuan Zhang,Yi Qian,Liang Zhou

DOI: https://doi.org/10.1109/tmc.2021.3112394

IF: 6.075

2021-01-01

IEEE Transactions on Mobile Computing

Abstract:With the widespread prevalence of smart devices, mobile crowdsensing (MCS) becomes a new trend to encourage mobile nodes to participate in cooperative data collection in various Internet of Things (IoT) applications. In location-dependent MCS, location information of mobile nodes are collected and analyzed by service provider to assist in task allocation. If the service provider is not fully trusted, mobile node's privacy is leaked and accessed by unauthorized parties. How to preserve privacy while maintaining task allocation accuracy and efficiency becomes challenging. To this end, we propose a learning-based mechanism that involves two parts: 1) privacy-preserving task release and task allocation; 2) accurate and efficient task allocation. In the first part, we design a location-based symmetric key generator, which enables two parties to self-generate a symmetric key without depending on fully trusted authorities. By utilizing this key generator and Proxy Re-encryption, we propose a privacy preserving protocol to protect location information in task release and task allocation. In the second part, we design a reinforcement learning based task allocation algorithm to optimize the winners selection, which obtains high accuracy and efficiency. The performance analysis reveals that our proposed mechanism achieves accurate and efficient task allocation while preserving privacy in location-dependent MCS.

computer science, information systems,telecommunications

Guanghui Wang,Jianping Pan,Jianping He,Subin Shen

DOI: https://doi.org/10.1109/icccn.2017.8038376

2017-01-01

Abstract:Protecting location privacy of mobile systems is important for various location-based services in pervasive computing scenarios. How to quickly compute the target user's location without knowing each anchor user's location has drawn much attention. Under the classical nonadjacent subtraction based localization model, existing solutions based on homomophic encryption introduce much computation and communication overheads to achieve privacy-preserving localization. In this paper, an adjacent subtraction based localization model is proposed, which is suitable to efficiently protect users' privacy. Then, under such a model, an efficient privacy-preserving localization algorithm is developed without using homomophic encryption. A closed-form expression of the relationship between the localization error and the measurement noise is derived. Furthermore, a comprehensive analysis, including correctness analysis, privacy analysis, and efficiency analysis, is presented. Some simulations are conducted to show that the proposed model has equivalent accuracy and efficiency with the classical model. Some numerical results are presented to show the efficiency of the proposed privacy-preserving localization algorithm.

Xiaoyan Zhu,Jie Liu,Shunrong Jiang,Zengbao Chen,Hui Li

DOI: https://doi.org/10.1109/ICC.2014.6883965

2014-01-01

Abstract:Proximity-based mobile social networks (PMSNs) are becoming increasingly popular in recent years with the explosive growth of mobile devices, where a user can find a best matching friend in vicinity through profile matching. However, the matching process calls for the publication of users' personal information, which conflicts with users' growing privacy concerns about revealing their profiles to strangers. To achieve privacy-preserving friend discovery, many schemes are proposed based on traditional cryptographic methods, such as homomorphic and commutative encryption, which inevitably introduce tremendous overhead to the system and are not practical for the resource-limited mobile devices. In this paper, we propose an Efficient Weight-based Private Matching (EWPM) protocol, which provides a realistic matching approach considering both the number of common interests and the corresponding weights on them. In EWPM, we utilize the Confusion Matrix Transformation (CMT) algorithm to achieve a secure and efficient matching. Security analysis and detailed simulations show that our proposed scheme can realize privacy-preserving friend discovery with higher efficiency.