Concealed Communication in Online Social Networks

TL;DR

This paper analyzes privacy vulnerabilities in secure online social networks and proposes protocols using metadata obfuscation, end-to-end encryption, and mix networks to enhance user privacy against sophisticated attacks.

Contribution

It introduces new protocols for secure centralized OSNs that effectively obscure metadata and conceal communication channels to prevent privacy breaches.

Findings

Metadata can be exploited to infer user information in secure OSNs

Proposed protocols successfully obscure metadata and communication patterns

Enhanced privacy protection against metadata analysis and traffic analysis

Abstract

Online social networks are used frequently by many people: Staying in contact with friends and sharing experiences with them is very important. However, users are increasingly concerned that their data will end up in the hands of strangers or that personal data may even be misused. Secure OSNs can help. These often use different types of encryption to keep the communication between the participants incomprehensible to outsiders. However, participants in such social networks cannot be sure that their data is secure. Various approaches show that even harmless-looking metadata, such as the number of contacts of users, can be evaluated to draw conclusions about the users and their communication. These attack methods are analyzed, and existing secure OSNs are examined, whether these attack methods can be utilized to violate the user's privacy. To prevent these privacy attacks, protocols for a secure centralized OSN are developed. Metadata is obscured in the presented OSM and end-to-end encryption is used for secure communication between clients. Additionally, communication channels are concealed using mix networks such that adversaries cannot determine which user is accessing which data or which user is communicating with whom even with access to the server.