Authors:
Ágnes Kiss
;
Oliver Schick
and
Thomas Schneider
Affiliation:
TU Darmstadt, Darmstadt and Germany
Keyword(s):
Event Scheduling, Secure Two-party Computation, Web Application, Efficient Implementation.
Related
Ontology
Subjects/Areas/Topics:
Data and Application Security and Privacy
;
Information and Systems Security
;
Privacy
;
Privacy Enhancing Technologies
;
Security and Privacy in Web Services
Abstract:
Event scheduling applications such as Doodle allow for very limited privacy protection. Even if the participants are anonymous, their inputs are revealed to the poll administrator and the application server. There exist privacy-enhanced scheduling services (e.g., Kellermann and Böhme, CSE’09), but they require heavy computation and communication on the client’s side, leak information to the participants or poll administrator, and allow only for a restricted scheduling functionality. In this work, we present a privacy-preserving scheduling system based on secure two-party computation, that allows to schedule meetings between a large number of participants efficiently, without requiring any participant to reveal its availability pattern or other sensitive information to any other participant, server, or even the poll administrator. The protocol allows for various functional extensions and requires the client to perform very little work when securely submitting its inputs. Our protocol
is secure against semi-honest non-colluding servers and malicious participants.
(More)