Skip content, jump to navigation.

Jump to : Download | Abstract | Contact | BibTex reference | EndNote reference |

VABD-ESSSDOSN-09

Le Hung Vu, Karl Aberer, Sonja Buchegger, Amwitaman Datta. Enabling Secure Secret Sharing in Distributed Online Social Networks. In Procedings of Annual Computer Security Applications Conference (ACSAC 2009), (Location: Honolulu, Hawaii, USA), December 2009. (To appear)

Download [help]

Download paper: Adobe portable document (pdf)

Download paper: (link)

Copyright notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Abstract

We study a new application of threshold-based secret sharing schemes in a distributed online social network (OSN), where users need a means to back up and recover their private keys in a network of untrusted servers. Using a simple threshold-based secret sharing in such an environment is completely unsecured since delegates keeping the secret shares may collude to steal the user's private keys and possibly take control of their machines, infect them with malicious software and use them for further attacks. This leads to an epidemic that makes the whole system rapidly collapses.

To mitigate this problem, we propose using different techniques to improve the system security: by selecting only the most reliable delegates for keeping these shares and further encrypting the shares with passwords. We develop a mechanism to select most reliable delegates based on an effective trust measure: relationships among the secret owner, delegate candidates, and their related friends are used as a means to estimate the trustworthiness of each delegate. This trust measure minimizes the likelihood of the secret being stolen by an adversary and is shown to be effective against various collusive attacks. Our extensive simulation results show that the proposed trust-based delegate selection performs very well in highly vulnerable environments where the adversary controls many nodes with different distributions and even with spreading of infection in the network. In fact, the number of keys lost is very low under extremely pessimistic assumptions of the adversary model

BibTex Reference

@InProceedings{VABD-ESSSDOSN-09,
   Author = {Hung Vu, Le and Aberer, Karl and Buchegger, Sonja and Datta, Amwitaman},
   Title = {Enabling Secure Secret Sharing in Distributed Online Social Networks},
   BookTitle = {Procedings of Annual Computer Security Applications Conference (ACSAC 2009)},
   Location = {Honolulu, Hawaii, USA},
   Month = {December},
   Year = {2009}
}

EndNote Reference [help]

Get EndNote Reference (.ref)

It has been automatically generated using the bib2html program.

Send me mail to my E-Mail address:
jg4ndm5mdu@tntler.de
jg4ndm5mdu@abc.thomas-graf.de
jg4ndm5mdu@abc.ohohlfeld.com

necar.daeumig@namesp.ohohlfeld.com
max.mustermann@namensp.ohohlfeld.com

Send me mail to my E-Mail address:
diymzkwnta@tntler.de
diymzkwnta@abc.ohohlfeld.com
diymzkwnta@abc.thomas-graf.de

Send me mail to my E-Mail address:
ja5nzqzota [at] tntler [dot] de
ja5nzqzota [at] abc.ohohlfeld [dot] com
ja5nzqzota [at] abc.thomas-graf [dot] de

Send me mail to my E-Mail address:
EMail EMail EMail

Name: e-mail: Subject: Message:

Leave a comment

My Super Secret Homepage