2PPS -- Publish/Subscribe with Provable Privacy
This addresses privacy concerns for users of social media and communication platforms, offering a scalable solution with robust guarantees.
The paper tackles the problem of privacy risks in publish/subscribe systems like Twitter and Reddit by introducing 2PPS, a protocol that provides strong provable privacy for both publishers and subscribers, with a prototype handling 100,000 concurrent clients at 5 seconds latency and lower bandwidth.
Publish/Subscribe systems like Twitter and Reddit let users communicate with many recipients without requiring prior personal connections. The content that participants of these systems publish and subscribe to is typically public, but they may nevertheless wish to remain anonymous. While many existing systems allow users to omit explicit identifiers, they do not address the obvious privacy risks of being associated with content that may contain a wide range of sensitive information. We present 2PPS (Twice-Private Publish-Subscribe), the first pub/sub protocol to deliver strong provable privacy protection for both publishers and subscribers, leveraging Distributed Point Function-based secret sharing for publishing and Private Information Retrieval for subscribing. 2PPS does not require trust in other clients and its privacy guarantees hold as long as even a single honest server participant remains. Furthermore, it is scalable and delivers latency suitable for microblogging applications. A prototype implementation of 2PPS can handle 100,000 concurrent active clients with 5 seconds end-to-end latency and significantly lower bandwidth requirements than comparable systems.