Recovering Private User Storages in Online Social Networks

Abstract

Private user storages are used in Online Social Networks (OSN) to securely save private settings and keys on a server. This allows users to access these settings and keys from all their devices. Therefore, private user storages can synchronize these devices. When end-to-end encryption is applied in an OSN to ensure the privacy of users and the communication private user storages can be used to safely store all private and symmetric keys. A user can retrieve the encrypted storage from the server and decrypt it with its password. However, when the password is lost access to the private user storage is lost as well, as the symmetric key cannot be retrieved from the server in contrast to the recovery functions of some OSNs, where a new password can be created. We present a scheme that splits private user storages into different parts and applies two different secret sharing schemes to be able to recover the keys with the help of the other participants of the OSN. The scheme is more robust to missing shares than other secret sharing schemes. Therefore, even when a large fraction of the distributed shares are not accessible because shareholders are inactive or malicious high rates of successful reconstructions can be achieved. Keyword send-to-end encryption, online chat; online social networ, applied secret sharing, private storage, instant messaging service