1

EnCore: Private, Context-based Communication for Mobile Social Apps

Paarijaat Aditya1, Viktor Erdelyi1, Matthew Lentz2, Elaine Shi2, Bobby Bhattacharjee2, Peter Druschel1

Max Planck Institute for Software Systems (MPI-SWS) 1 University of Maryland2

MobiSys 2014, 17th June 2014, Bretton Woods, NH, USA

2

Mobile social apps

Provide services based on users’ location, activity, nearby users

Social discovery

Discover relevant nearby users

Social sharing

Share content with nearby people

Social taggingSearch and organize

content by social context

3

Sitting in a cafe

YouJulia

Unknown

Steve JohnAndy

4

“Hey, I came across this article ...”

YouJulia

Steve JohnAndy

5

“I forgot my book in the cafe...”Steve John

Andy

Julia

6

Discover friends and strangers

Form socially relevant groups

Steve JohnAndy

Julia

Goal: enable rich functionality while protecting user privacy

7

Via short range radio

Discover presence

Exchange a key

Implementing mobile social appsVia app provider

Info uploadedLocationActivityContent

Social profile

Sensitive info shared with app provider Tracking via Bluetooth

encrypted content shared

via cloud

8

Requirements

EnCore

Social Discovery

Social sharing

Secure encounters

Events:groups of socially

relevant encounters

Secure communication between event members

Search & organize content by events

Social tagging

Our previous work: SDDR[To appear: Usenix Security ‘14]

This talk

In the paper

Background

9

SDDR - secure encounters

Cryptographic handshake over Bluetooth

Produces a shared-key for each encounter

orEncrypted with

shared-key

Secure discovery Selectively reveal identifiable info

Power efficiency

Untrusted channel

Prevents tracking via Bluetooth Identify ‘friends’ while remaining

anonymous to all others

10

Requirements

EnCore

Social discovery

Social sharing

Secure encounters

Events:groups of socially

relevant encounters

Secure communication between event members

Search & organize content by events

Social tagging

11

Identify relevant encounters usingcontextual information

Context App

Encounters

Location & Activity

Calendar

Events

Time and Date

DurationKnown contacts

UnknownIn close proximity

Further away

JuliaYou

Unknown

Events: groups of socially relevant encounters

Event 1 - discussion Event 2: stay at the cafe

Contextual info helps in identifying

relevant encounters

12

discussion

stay at cafe

Discussion

stay at the cafe

?

Julia You

Reading group

Unknown

Others at the Cafe

13

Requirements

EnCore

Social discovery

Social sharing

Secure Encounters

Events:groups of socially

relevant encounters

Secure communication between event members

Search & organize content by events

Social tagging

14

Secure communication within ‘Events’

1. Create a group key and a folder

folderurl +

folderurl +

Julia

Unknown

shared key with “unknown”

shared key with “Julia”

2. Encrypt with the group keyand upload to the folder

You

During event creationWhile sharing documents

folderurl

+

15

Requirements

EnCore

Social discovery

Social sharing

Secure Encounters

Events:groups of socially

relevant encounters

Secure communication between event members

Search & organize content by events

Social tagging

In the paper

16

Evaluation – live deployments4 deployments over 1 year

‘rooted’ devices running the Context app

35 researchers, up to 2 weeks @ MPI-SWS

and as the storage backend

Integrated in the ‘share’ menu

MPI-SWS, Saarbrucken

Context app

17

Usage128 events, 400 posts• Mostly photos and text

Types of events created

Karaoke Lunch Bus ride

Lecture Meetings “Free food!”

Taking a break

“Coffee anyone?”

KVM bug – help!Reading group

18

Usage

Users automatically resolved conflicts(multiple events for a single gathering)

Conversations within events continued even after the actual gathering ended

19

User feedback

“Can I install it on my phone?”

“Please integrate this with WhatsApp and

Gmail!”

“Can you make it automatically create

events?”

“I would rather share pics via this app, than

to write an email!”

20

ConclusionMobile social apps introduce significant privacy challenges

EnCore:platform that enables rich mobile social apps while putting user in control of their privacy

Users found it useful and found creative uses that we didn’t anticipate!

mobilesystems.mpi-sws.org/encore

21

Backup slides

22

Sharing over individual encountersPast Encounter

(EncounterID & shared-secret)

Hi, I met you in the Cafe today. Here is the

link to the video I mentioned.

Message Encrypted with shared-secret

Email to EncounterID@mailinator.com

Query messages forEncounterID@mailinator.com

A commercial disposable email service

23

SDDR is optimized for power efficiencyHandshake protocol is non-interactive• Handshake info. encoded on Bluetooth low energy (BLE)

advertisements

Device in sleep modeCPU asleepBroadcasting BLE adv.

Device awakeCPU awake

Discovering BLE adv.Forming encounters

Advertising rate: few secondsDiscovery rate: ~15 sec

Diffie-Hellman forshared- secret

Bloom filter forselective linkability SDDR’s BLE advertisement

Adv Adv