Repository logo

Infoscience

  • English
  • French
Log In
Logo EPFL, École polytechnique fédérale de Lausanne

Infoscience

  • English
  • French
Log In
  1. Home
  2. Academic and Research Output
  3. Conferences, Workshops, Symposiums, and Seminars
  4. Enabling Secure Secret Sharing in Distributed Online Social Networks
 
conference paper

Enabling Secure Secret Sharing in Distributed Online Social Networks

Vu, Le-Hung
•
Buchegger, Sonja
•
Datta, Anwitaman  
Show more
2009
25Th Annual Computer Security Applications Conference
25th Annual Computer Security Applications Conference, 2009 (ACSAC 2009)

We study a new application of threshold-based secret sharing in a distributed online social network (DOSN), where users need a means to back up and recover their private keys in a network of untrusted servers. Using a simple threshold-based secret sharing in such an environment is insufficiently secured since delegates keeping the secret shares may collude to steal the user's private keys. Adversary can then take control of users' machines, infect them with malicious software, and use them for further attacks. This can lead to an epidemic that makes the whole system eventually collapse. To mitigate this problem, we propose using different techniques to improve the system security: by selecting only the most reliable delegates for keeping these shares and further by encrypting the shares with passwords. We develop a mechanism to select the most reliable delegates based on an effective trust measure. Specifically, relationships among the secret owner, delegate candidates and their related friends are used to estimate the trustworthiness of a delegate. This trust measure minimizes the likelihood of the secret being stolen by an adversary and is shown to be effective against various collusive attacks. Extensive simulations show that the proposed trust-based delegate selection performs very well in highly vulnerable environments where the adversary controls many nodes with different distributions and even with spreading of infections in the network. In fact, the number of keys lost is very low under extremely pessimistic assumptions of the adversary model.

  • Files
  • Details
  • Metrics
Loading...
Thumbnail Image
Name

acsac09.pdf

Access type

openaccess

Size

345.97 KB

Format

Adobe PDF

Checksum (MD5)

56a0584b18c854753efb3014f865113f

Logo EPFL, École polytechnique fédérale de Lausanne
  • Contact
  • infoscience@epfl.ch

  • Follow us on Facebook
  • Follow us on Instagram
  • Follow us on LinkedIn
  • Follow us on X
  • Follow us on Youtube
AccessibilityLegal noticePrivacy policyCookie settingsEnd User AgreementGet helpFeedback

Infoscience is a service managed and provided by the Library and IT Services of EPFL. © EPFL, tous droits réservés