1
Fine-grained Private Matching for
Proximity-based Mobile Social
Networking
Rui Zhang, Yanchao Zhang
Arizona State University
Jinyuan (Stella) Sun
University of Tennessee
Guanhua Yan
Los Alamos National Laboratory
INFOCOM 2012
Proximity-based Mobile Social Networking
(PMSN)
2

Social interaction
 Among
physically proximate users
 Using mobile devices, e.g., smartphone or tablet
 Directly through the Bluetooth/WiFi interfaces

Valuable complement to web-based online social
networking
Chat, file sharing, …
Private (Profile) Matching
3


The process of two users comparing their profiles
without disclosing any information beyond the
comparison result
An indispensible part of PMSN because
 People
prefer to socialize with others having similar
interests or background
 Privacy concern
Existing Private Matching Schemes
4

User profile comprises a list of attributes chosen
from an underlying attribute set
 Ex:
interests [Li et al.’11], friends [Arb et al.’08],
disease symptoms [Lu et al.’10]
Existing Private Matching Schemes
5

Map private matching into the problem of
 Private
set intersection (PSI), e.g., [Kissner&Song’05],
[Ye et al.’08]
 Private set intersection cardinality (PSI-CA), e.g.,
[Freedman et al.’04], [Cristofaro& Tsudik’10]
or
Limitations
6

Cannot differentiate users with the same attribute
 Ex:
suppose that Alice, Bob, and Mario all like movie
?
Watch movie
twice a week
Twice a week
Twice a
month
Fine-grained Personal Profile
7
Movie
5
Movie
5
Sports
3
Sports
3
Cooking
0
Cooking
0
Movie
3
Sports
3
Cooking
0
Fine-grained Private Matching
8

Two users evaluate the similarity/distance
between their personal profiles in a privacypreserving fashion
 Finer
differentiation
 Personalized profile matching

Cannot be solved by PSI or PSI-CA
Outline
9


System model, problem formulation and
cryptographic tool
Fine-grained private matching protocols
 Protocol
1
 Protocol 2
 Protocol 3
 Protocol 4


Performance evaluation
Conclusion
System Model
10


Each user carries a mobile device, e.g.,
smartphone, with the same PMSN application
installed
Fine-grained profile
 Consists
of attributes, e.g., interests
 User assigns an integer in
to each
attribute, e.g., to indicate the level of interest
 Each personal profile can be represented as a dimensional vector
System Model (cont’)
11


Take Alice and Bob as two exemplary users
A PMSN session consists of three phases
Alice
Neighbor discovery
Profile matching
Social interaction
Bob
Problem Formulation
12

A set of candidate matching metrics


Each
is a function over two vectors measuring
the distance between two personal profiles
Alice chooses
and runs a private matching
protocol with Bob to compute
Privacy Levels
13

Privacy-level 1 (PL-1)
 When

protocols ends, Alice learns
Privacy-level 2 (PL-2)
 When
protocols ends, Alice learns
nothing

; Bob learns
; Bob learns
Privacy-level 3 (PL-3)
 When
protocols ends, Alice learns if
for
some threshold of her choice; Bob learns nothing
Cryptographic Tools: Paillier Cryptosystem
[Paillier’99]
14

Encryption

Homomorphic property

Self-blinding property
Private Matching Protocol 1 (PL-1)
15

A non-trivial adaption of [Rane et al. 2010]

Matching metric: distance
Protocol Intuition
16

For
where
We have
Ex:
, define a function
Protocol Intuition (cont’)
17

Define
We have
Protocol Intuition (cont’)
18

We further have
Known by Alice Dot
product
Known by Bob
Detailed Protocol
19
Can be precomputed
Private Matching Protocol 2 (PL-2)
20

Matching metric
 Any
additively separable functions that can be written
as
, for some functions
 Ex:
( distance)
(Dot product)
(Weighted
distance)
Protocol Intuition
21


Convert any additive separable function into dot
product computation
For
and , define functions and
The th element is
The th bit is1
Protocol Intuition (cont’)
22

Let
We have
Detailed Protocol
23
Can be precomputed
Private Matching Protocol 3 (PL-3)
24

Matching metric
 Any

additive separable function
When protocol ends, Alice learns if
learns nothing
, Bob
Protocol Intuition
25
Let
be three arbitrary positive integers, such
that
We have
 Assume that
and are both integers
 The following inequalities are equivalent

Detailed Protocol
26
Can be precomputed
Detailed Protocol (cont’)
27
Private Matching Protocol 4 (PL-3)
28

Matching metric
 Protocols

1~3 cannot be directly applied
Basic idea
 Transform
into an additive function
Protocol Intuition: Similarity Matching
29
Protocol Intuition (cont’)
30

Three properties of similarity score
 Additive
separable
 Directly affected by the value of
 Related to
according to the following theorem
Protocol 4 can be realized as a special case of Protocol 3
by choosing the similarity score as matching metric
Performance Evaluation
31

Compare Protocols 1~3 with RSV [Rane et al. 2010]
Offline Comp.
Online Comp.
Comm. (bit)
RSV
Protocol 1
Protocol 2
Protocol 3
1024-bit exponentiation
1024-bit multiplication
2048-bit exponentiation
2048-bit multiplication
Simulation Results
32
Simulation Results
33
Conclusion
34


We motivated the problem of fine-grained private
matching for PMSN
We presented a set of novel private matching
protocols supporting different matching metrics
and privacy levels
35
Thank you
Q&A