Igor Bilogrevic
Jean-Pierre Hubaux
ABSTRACT
Progress in mobile wireless technology has resulted in the increased use of mobile devices to store and manage users' personal schedules. Users also access popular context-based services, typically provided by third-party providers, by using these devices for social networking, dating and activity-partner searching applications. Very often, these applications need to determine common availabilities among a set of user schedules. The privacy of the scheduling operation is paramount to the success of such applications, as often users do not want to share their personal schedules with other users or third-parties. Previous research has resulted in solutions that provide privacy guarantees, but they are either too complex or do not fit well in the popular user-provider operational model. In this paper, we propose practical and privacy-preserving solutions to the server-based scheduling problem. Our novel algorithms take advantage of the homomorphic properties of well-known cryptosystems in order to privately compute common user availabilities. We also formally outline the privacy requirements in such scheduling applications and we implement our solutions on real mobile devices. The experimental measurements and analytical results show that the proposed solutions not only satisfy the privacy properties but also fare better, in regard to computation and communication efficiency, compared to other well-known solutions.
- Apple iCal. http://apple.com/ical.Google Scholar
- Chilabs PDA (Personal Digital Assistants) use study. http://personal.bgsu.edu/ nberg/chilabs/pda.htm.Google Scholar
- Doodle: easy scheduling. http://www.doodle.com/.Google Scholar
- Google smart rescheduler. http://gmailblog.blogspot.com/2010/03/smart-rescheduler-in-google-calendar.html.Google Scholar
- Microsoft Outlook. http://office.microsoft.com/outlook.Google Scholar
- Nokia Ovi. http://ovi.nokia.com.Google Scholar
- dailywireless.org. http://www.dailywireless.org/2009/03/24/smartphone-users-100m-by-2013, 2009.Google Scholar
- I. Bilogrevic, M. Jadliwala, J.-P. Hubaux, I. Aad, and V. Niemi. Privacy-preserving activity scheduling on mobile devices. EPFL Technical Report 161569, https://infoscience.epfl.ch/record/161569, 2010.Google Scholar
- C. Cachin and R. Strobl. Asynchronous group key exchange with failures. In PODC '04: Proceedings of the twenty-third annual ACM symposium on Principles of distributed computing, pages 357--366, New York, NY, USA, 2004. ACM. Google ScholarDigital Library
- C.-H. O. Chen, C.-W. Chen, C. Kuo, Y.-H. Lai, J. M. McCune, A. Studer, A. Perrig, B.-Y. Yang, and T.-C. Wu. Gangs: Gather, authenticate 'n group securely. In MobiCom '08: Proceedings of the 14th ACM international conference on Mobile computing and networking, pages 92--103, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- E. De Cristofaro and G. Tsudik. Practical private set intersection protocols with linear complexity. Financial Cryptography and Data Security FC'10, 2010. Google ScholarDigital Library
- W. Du and M. Atallah. Secure multi-party computation problems and their applications: a review and open problems. In Proceedings of the 2001 workshop on New security paradigms, pages 13--22. ACM New York, NY, USA, 2001. Google ScholarDigital Library
- T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE transactions on information theory, 31(4):469--472, 1985.Google Scholar
- E. Ephrati, G. Zlotkin, and J. S. Rosenschein. Meet your destiny: A non-manipulable meeting scheduler. In CSCW '94: Proceedings of the 1994 ACM conference on Computer supported cooperative work, pages 359--371, New York, NY, USA, 1994. ACM. Google ScholarDigital Library
- M. Franzin, E. Freuder, F. Rossi, and R. Wallace. Multi-agent meeting scheduling with preferences: Efficiency, privacy loss, and solution quality. Computational Intelligence, 20(2), 2004.Google Scholar
- O. Goldreich. Foundations of Cryptography, volume 1. Cambridge University Press, 2001. Google ScholarDigital Library
- S. Goldwasser and S. Micali. Probabilistic encryption. JCSS, 28(2):270--299, 1984.Google ScholarCross Ref
- T. Herlea, J. Claessens, B. Preneel, G. Neven, F. Piessens, and B. De Decker. On securely scheduling a meeting. In Trusted information: the new decade challenge: IFIP TC11 16th International Conference on Information Security (IFIP/Sec'01), June 11-13, 2001, Paris, France, pages 183--198. Kluwer Academic Pub, 2001. Google Scholar
- B. Kellermann and R. Böhme. Privacy-Enhanced Event Scheduling. In IEEE International Conference on Computational Science and Engineering, volume 3, pages 52--59, 2009. Google ScholarDigital Library
- L. Kissner and D. Song. Privacy-preserving set operations. Advances in Cryptology - CRYPTO 2005, 3621:241--257, 2005. Google ScholarDigital Library
- Y.-H. Lin, A. Studer, H.-C. Hsiao, J. M. McCune, K.-H. Wang, M. Krohn, P.-L. Lin, A. Perrig, H.-M. Sun, and B.-Y. Yang. Spate: Small-group PKI-less authenticated trust establishment. In MobiSys '09: Proceedings of the 7th international conference on Mobile systems, applications, and services, pages 1--14, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. Advances in Cryptology - EUROCRYPT '99, 1592:223--238, 1999. Google ScholarDigital Library
- R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):126, 1978. Google ScholarDigital Library
- M. Silaghi and D. Mitra. Distributed constraint satisfaction and optimization with privacy enforcement. 3rd IC on Intelligent Agent Technology, pages 531--535, 2004. Google ScholarDigital Library
- M. C. Silaghi. Meeting scheduling guaranteeing n/2-privacy and resistant to statistical analysis (applicable to any discsp). In WI '04: Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence, pages 711--715, Washington, DC, USA, 2004. IEEE Computer Society. Google Scholar
- M. Stadler. Publicly verifiable secret sharing. In Advances in Cryptology - EUROCRYPT '96, pages 190--199, 1996. Google ScholarCross Ref
- R. Wallace and E. Freuder. Constraint-based reasoning and privacy/efficiency tradeoffs in multi-agent problem solving. Artificial Intelligence, 161(1--2):209--227, 2005. Google ScholarDigital Library
- M. Yokoo, K. Suzuki, and K. Hirayama. Secure distributed constraint satisfaction: Reaching agreement without revealing private information. Artificial Intelligence, 161(1--2):229--245, 2005. Distributed Constraint Satisfaction. Google ScholarDigital Library
- A. Zunino and M. Campo. Chronos: A multi-agent system for distributed automatic meeting scheduling. Expert Systems with Applications, 36(3, Part 2):7011--7018, 2009. Google ScholarDigital Library
Index Terms
- Privacy-preserving activity scheduling on mobile devices
Recommendations
Meetings through the cloud: Privacy-preserving scheduling on mobile devices
Abstract: Mobile devices are increasingly being used to store and manage users' personal information, as well as to access popular third-party context-based services. Very often, these applications need to determine common availabilities among a set of ...
An efficient privacy preserving data aggregation approach for mobile sensing
The advances in sensing capabilities of smartphones give rise to a variety of mobile participatory sensing applications that collect users' personal data. Because of the existence of both sensitive, private personal data, and untrusted aggregator, ...
Reconciling user privacy and implicit authentication for mobile devices
In an implicit authentication system, a user profile is used as an additional factor to strengthen the authentication of mobile users. The profile consists of features that are constructed using the history of user actions on her mobile device over ...
Comments