The nearbyPeople app lets you discover and chat with people around you. In addition, it also provides the functionality of privacy-preserving social relationship discovery.

The application is based on technology developed in a collaborative project among Aalto UniversityTechnishe Universität Darmstadt and University College London. More technical details can be found in the following papers:

  • Marcin Nagy, Emiliano De Cristofaro, Alexandra Dmitrienko, N. Asokan, Amhad-Reza Sadeghi. Do I Know You? – Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications. 29th Annual Computer Security Applications Conference (ACSAC 2013) [Full Version]
  • Marcin Nagy, Thanh Bui, Emiliano De Cristofaro, N. Asokan, Jörg Ott, Ahmad-Reza Sadeghi. How Far Removed Are You? Scalable Privacy-Preserving Estimation of Social Path Length with Social PaL. WiSec’15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks. [Full version]

The underlying network communication is provided by the SCAMPI router, which is DTN-based and runs the Epidemic routing protocol to distribute data in the local network. The whole communication system does not depend on any infrastructure, and mobile devices act as network routers.

Features related to the social relationship discovery are divided into two parts: friend finding and social path length discovery.

The functionality of friend finding is based on a novel Friend Finder protocol which allows two users to find common friends in a privacy-preserving manner. The Friend Finder protocol is a private set intersection protocol that takes a list of “bearer capabilities” (time-limited random nonces), from each party as inputs, and outputs the list of common friends to both parties. Bearer capabilities serve as proofs of friendship in a social network (currently only Facebook and LinkedIn are supported). They are distributed and managed using a social network application based on PeerShare.

Since version 1.4, the application provides also the functionality of social path length discovery (SoPaL) between any two users that are up to 4 hops from one another in the social network graph. SoPaL is based on the usage of higher order “bearer capabilities” (generated via a hash chain) as inputs to the Social Path Discovery protocol (extension to the original Friend Finder protocol). The protocol outputs number of hops in the social network graph between two users.

Download

How to use it?

0. If you are running the app for the very first time, make sure that you have Internet connectivity

Remark 1: in the first run, the app must be authorized by Facebook or LinkedIn
Remark 2: in the first run, the app must upload user’s bearer capability to the server, so that others can fetch it, and the Friend Finder/Social Path Discovery protocol may succeed.

1. Start the app

2. Authorize the app to access user Facebook/LinkedIn data

After starting the app, you should see the following screen:

3a. If you want to share your profile information with others, select “My profile”

 

3b. If you want to see who is around you, select “People nearby”

This window lets you also find out if you are a direct friend, or have any common friends with the person near you. To enable Friend Finding/Social Path Discovery service, press “Search for friends” button.
 

3c. If you want to chat with people around you

What data are collected?

The application collects results of each run of the Friend Finder/Social Path Discovery protocol. User identifiers involved are pseudonymized. Each protocol run result contains information about: parties involved in the protocol, discovered common friends, notification if parties are direct friends, protocol computation time, protocol communication time, and message transfer size.
Collected data will be used only for research purposes.

FAQ

  1. Why does nearbyPeople tell me that I have “unknown relationship” with someone with whom I am in fact a friend or have common friends?
    nearbyPeople uses PSI on bearer capabilities that certify the friendship relation. If you or your peer had just started using the app, or if you had just created a friend relationship, it will take some time (approximately 10 minutes) before your app can download the updated bearer capabilities. Try again after 10-15 minutes.
  2. What is SCAMPI?
    SCAMPI is the FP7-FIRE project that envisions that the Future Internet will be characterized by an increasing diffusion of devices with heterogeneous capabilities and resources. The main goal of SCAMPI is to empower end users through a combination of pervasive and opportunistic networking capabilities for a more effective access to a variety of services in a secure manner.
  3. How does the SCAMPI router work?
    SCAMPI router is the pure Java application capable of: discovering nearby devices, advertising services, providing sparse location information for devices without embedded positioning functionality, reliably transmitting data in challenging conditions with intermittent connectivity, and persistently storing data received from other devices that cannot be immediately forwarded to destination devices.The SCAMPI router provides various mechanisms of advertising itself and discovering other devices. In the nearbyPeople app configuration, the router uses multicast address, and scans available IP address space to advertise its presence.Based on discovered devices, the SCAMPI router opens connections to some subset of discovered devices. Bundle Protocol (fully compliant with RFC 5050) is used on opened connections to forward messages between devices in the network. Message forwarding is based on DTN-aware Epidemic routing protocol.

Known issues

  1. There are people around that run the app, but I don’t see them
    Some network administrators do not allow for forwarding traffic inside the local network. If this is the case, two devices connected to the same hot spot are not able to discover each other. Large hot spots may offer different radio channels under the same SSID. If this is the case, two devices will not discover each other, as each channel works in different IP address pool range.

Report problems to: Secures at Aalto

Release notes

  • 8th October 2014: version 1.4 (bug fixes)
  • 30th August 2014: version 1.3 (bug fixes)
  • 27th May 2014: version 1.2 with LinkedIn support available
  • 6th May 2014: version 1.0 available