Social relationships are a natural basis on which humans make trust
decisions. Online Social Networks (OSNs) are increasingly often used to let
users base trust decisions on the existence and the strength of social
relationships. While most OSNs allow users to discover the length of the social
path to other users, they do so in a centralized way, thus requiring them to
rely on the service provider and reveal their interest in each other. This
paper presents Social PaL, a system supporting the privacy-preserving discovery
of arbitrary-length social paths between any two social network users. We
overcome the bootstrapping problem encountered in all related prior work,
demonstrating that Social PaL allows its users to find all paths of length two
and to discover a significant fraction of longer paths, even when only a small
fraction of OSN users is in the Social PaL system - e.g., discovering 70% of
all paths with only 40% of the users. We implement Social PaL using a scalable
server-side architecture and a modular Android client library, allowing
developers to seamlessly integrate it into their apps.Comment: A preliminary version of this paper appears in ACM WiSec 2015. This
is the full versio
