Back to Search
Start Over
What's a Little Leakage Between Friends?
- Source :
- WPES@CCS
- Publication Year :
- 2018
- Publisher :
- ACM, 2018.
-
Abstract
- This paper introduces a new attack on recent messaging systems that protect communication metadata. The main observation is that if an adversary manages to compromise a user's friend, it can use this compromised friend to learn information about the user's other ongoing conversations. Specifically, the adversary learns whether a user is sending other messages or not, which opens the door to existing intersection and disclosure attacks. To formalize this compromised friend attack, we present an abstract scenario called the exclusive call center problem that captures the attack's root cause, and demonstrates that it is independent of the particular design or implementation of existing metadata-private messaging systems. We then introduce a new primitive called a private answering machine that can prevent the attack. Unfortunately, building a secure and efficient instance of this primitive under only computational hardness assumptions does not appear possible. Instead, we give a construction under the assumption that users can place a bound on their maximum number of friends and are okay leaking this information.<br />Appears in WPES 2018. This update contains a minor clarification in Section 4 (last paragraph) and Section 4.1 (first paragraph) over the published version
- Subjects :
- FOS: Computer and information sciences
060201 languages & linguistics
Computer Science - Cryptography and Security
Computer science
Compromise
media_common.quotation_subject
Answering Machine
06 humanities and the arts
02 engineering and technology
Adversary
Root cause
Computer security
computer.software_genre
Metadata
Intersection
0602 languages and literature
0202 electrical engineering, electronic engineering, information engineering
020201 artificial intelligence & image processing
Center (algebra and category theory)
Leakage (economics)
Cryptography and Security (cs.CR)
computer
media_common
Subjects
Details
- Database :
- OpenAIRE
- Journal :
- Proceedings of the 2018 Workshop on Privacy in the Electronic Society
- Accession number :
- edsair.doi.dedup.....b69f227955bc4a37626843f227ae365f