A Private Social Network for Cell Phones

Users can share information, but the network only sees encrypted data.

Researchers at Microsoft have developed mobile social networking software that lets users share personal information with friends but not the network itself.

Picture sharing: This photo will be tagged and sent to the users’ friends—but it will be encrypted so that the company that handles the network won't be able to see it. Credit: Microsoft

"When you share a photo or other information with a friend on [a site like] Flickr, their servers are also able to read that information," explains Iqbal Mohomed, a researcher at Microsoft Research Silicon Valley, who developed the new network, called Contrail, with several colleagues. "With Contrail, the central location doesn't ever know my information, or what particular users care about--it just sees encrypted stuff to pass on."

When a Contrail user updates his information on the network, by adding a new photo, for example, the image file is sent to a server operating within the networks' cloud, just as with a conventional social network. But it is encrypted and appended with a list that specifies which other users are allowed to see the file. When those users' devices check in with the social network, they download the data and decrypt it to reveal the photo.

Contrail requires users to opt-in if they want to receive information from friends. When a person wants to receive a particular kind of update from a contact, a "filter" is sent to that friend's device. If, for example, a mother wants to see all the photos tagged with the word "family" by her son, she creates the filter on her phone. The filter is encrypted and sent via the cloud to her son's device.

Story continues below

Once decrypted, the filter ensures that every time he shares a photo tagged "family," an encrypted version is sent to the cloud with a header directing it to the cell phone belonging to his mother (as well as anyone else who has installed a similar filter on his device). Encryption hides the mother's preferences from the cloud, as well as the photos themselves. Each user has a cryptographic key on his or her device for every friend that is used to encrypt and decrypt shared information.

Contrail runs on Microsoft's cloud computing service, Windows Azure, and the team has developed three compatible applications running on HTC Windows Mobile cell phones. "This is an [application programming interface] on top of which you can build all kinds of social applications," explains Mohomed. "We just developed these applications to demonstrate what it can do."