Privacy-Preserving Applications on Smartphones

Yan Huang, Peter Chapman, and David Evans
6th USENIX Workshop on Hot Topics in Security (HotSec 2011)
San Francisco, CA
9 August 2011

Abstract

Smartphones are increasingly becoming the most trusted computing device typical people own. They are often used to store highly sensitive information including email, financial accounts, and medical records. These properties make smartphones an ideal platform for privacy-preserving applications. To date, this area remains largely unexplored mainly because theoretical solutions to privacy-preserving computation were thought to be too heavyweight, even for standard PCs. We propose using smartphones to perform secure two (or more)-party computation. The limitations of smartphones provide a number of challenges for building such applications, but the novel trust model they provide, in particular the interactions between the phones and carriers, provides unique opportunities for useful secure computations against realistic adversaries. In this paper, we introduce the issues that make smartphones a unique platform for secure computation, identify some interesting potential applications, and describe our initial experiences creating privacy-preserving applications on Android devices.

Paper

Full paper: [PDF, 6 pages]

Project Website

http://www.MightBeEvil.com/mobile

David Evans
University of Virginia
Department of Computer Science
 evans@virginia.edu