HangOutPlus: A privacy preserving social networking service providing real-time and more secure protocol based on HangOut system

Abstract

HangOut is a privacy preserving location based social networking service  proposed by Annavaram, Jacobson and Shen in. This  system  helps  protect  users’  private  information against malicious users and even administrators, based on two key ideas as: anonymous update and density request. It uses location and time distortions, AES and RSA in encrypting the shared key and protecting the data on the communications. Hence the protocol in this system has four issues: the first issue is the limit in realtime attribute, since they used RSA for clients (mobile devices) to encrypt data transmitted to server. RSAis an assymmetric cryptosystem based on big prime  numbers  on  which  calculative  operations  perform  slowly  and need more hardware resources. The second one is that HangOut protocolcannot be against active attackers to find out links between client and its location records in database because of the way it updates and replies density requests. The third one is its unsecure key management and protocol, the shared key is kept on clients and they share key between peer-to-peer, there is no authenticating clients, so clients can be made fake. The four one is that the ability of the database server decrypt and can read the message which can be intervened by active attackers. In this paper, we proposed methods  to  improve  HangOut  System, and to help it improve its realtime and security in preserving the privacy, the proposed method is named HangOutPlus.