Privacy-Preserving Social Network for an Untrusted Server

In recent years, online social networks have become a popular avenue for users to interact and engage in social activities. The volume of data handled by social networks is staggering: there are about 3, 000 picture uploads to Flickr each minute, 190 million tweets posted from all over the world each day, 70 billion pieces of contents shared on Facebook, and so on. Current terms of service of most online social networks require users to grant full ownership of their data to the service providers, such as Facebook, Drop box, Tweeters, etc., should users choose to use them. There is strong concern of privacy violation among users. Our research aims to help users to overcome these privacy issues by designing a crypto-based framework for building online social networking services. The design allows users to digitally sign and encrypt their posted content at the client side before transferring it to the server so that it guarantees confidentiality as well as integrity of users´ data. With this design, users are now able to protect the privacy and integrity of their data from an untrusted, potentially malicious service provider, while benefitting from the availability, reliability, and usability of online social networks.