Imagine that you are abroad and don’t want to spend excessive amount of money paying for cellular data connectivity roaming. The only feasible alternative is to either connect to an open hot spot, or to tether. For tethering, there must be a person that turns his/her own mobile phone into the hotspot, and either leaves it open, or gives you credentials to access it. This approach is very cumbersome for the person providing the connectivity, as well as for the connecting person that usually has to type in the password manually.

SpotShare facilitates this process by allowing you to turn your mobile phone into the wireless hot spot and offer others network connectivity, while relying on cellular data connectivity, or to automatically connect to secured hot spots created by others. SpotShare does this in a privacy-preserving manner by using a private set intersection protocol.

The hot spot is protected by password and access to it is granted upon having any common social network friends between the connecting user and the hot spot owner. The common friends computation is done using a privacy-preserving “Common Friend Finder” protocol developed by us. The common friend finder protocol is based on Private Set Intersection (PSI) run between the devices of the two users over Bluetooth. The PSI protocol used in this particular case is based on Bloom filter and is very efficient compared to general-purpose PSI protocols. For more technical information about the friend finder protocol, see our ACSAC 2013 paper.

 

News items

  • 12th August 2014: a short note on possible bootstrapping issues (see below FAQs)
  • 10th August 2014: version 1.3 of the application is ready for use
  • 7th August 2014: Application named changed from TetheringApp to SpotShare
  • 27th May 2014: version 1.1 of the application is ready for use

Download

How to use it?

0. If you are running the app for the very first time, make sure that you have Internet connectivity

Remark 1: in the first run, the app must be authorized by either by Facebook, or by LinkedIn
Remark 2: in the first run, the app must upload user’s bearer capability to the server, so that others can fetch it, and the “Common Friend Finder” protocol may succeed.

1. Start the app

2. Choose social network you wish to get connections from:

Remark 3: You must choose at least 1 social network

3. Authorize the app to access your basic Facebook, or LinkedIn data

 

4. Allow your device to be discoverable by Bluetooth


After starting the app, you should see the following screen:

5a. If you want to share your Internet access

  • Press “Start sharing” button and wait until the hot spot is started.
  • You can temporarily suspend your hot spot by pressing “Suspend sharing” button.
  • Suspended hotspot can be resumed by pressing “Resume sharing”. In such case, the hot spot uses the same SSID and password, as before suspension.
  • You can permanently stop your hot spot by pressing “Stop sharing”. This forces the app to generate a new SSID and password for the next sharing session.

 

5b. If you are looking for tethered Internet access

  • Press “Search Provider” button. It starts Bluetooth device discovery, followed by “Common Friend Finder” protocol. You are notified, on successful provider finding.
  • At any time during the provider search phase, you can stop it, by pressing “Cancel” button.
  • When you are connected to the hot spot, you can disconnect by pressing “Disconnect” button.
  • After successful connection, you may also see if you’re a direct friend, or who are the common friends you have with the connectivity provider, by clicking “Details” link in the events history screen.

  

6. Customizations

You may customize your Internet connecting/sharing policies in the Settings window

What data are collected?

The application collects results of each run of the Friend Finder protocol. User identifiers involved are pseudonymized. Each protocol run result contains information about: parties involved in the protocol, discovered common friends, notification if parties are direct friends, protocol computation time, protocol communication time, and message transfer size. In addition, more general data like amount of time spent in the hot spot mode, or connected to the hot spot are also collected.
Collected data will be used only for research purposes, and nobody will make an attempt to deanonymize it.
If you wish to opt out from the data collection, you can do it selecting “Disable data collection” options in the Settings window.

FAQ

  1. Can I share the connection with myself? (e.g., between my phone and my tablet) 
    Of course. Please always make sure that on both devices you have the identical set of your own tokens. Click Update tokens from Advanced menu.
  2. On the first run I don’t get admitted by the person with whom I’m friend, or have common friends
    The FriendFinder protocol calculates your direct and common friends based on the input set of tokens returned from the server. If you just joined the app, it is very probable that the token that you have just uploaded have not yet been received by your friend, and thus the protocol does not return correct result. Every application queries the server every 10 minutes to find out about any token changes, so after that time your friend should download it. You can shorten this process by explicitly asking your friend to download the tokens by clicking Update tokens from Advanced menu.
  3. I just befriended/unfriended a new person, and I don’t admit him/let him connect
    The FriendFinder protocol calculates your direct and common friends based on the input set of tokens returned from the server. Realtime changes to the social graph are not yet available. To instantly notify the application about the social graph changes, please click Renew token in Advanced menu.
  4. I see name of the person I try to share connection/conntect to on my list of common friends 
    The FriendFinder protocol needs only tokens of your friends to calculate the set of common friends. However, only with token of your friends, finding out if you’re a direct friend of the person you’re sharing connection/connecting to is impossible. To do this, another run of the FriendFinder protocol is needed with only your own token included. Such a solution takes much more time to complete, and unneccessarily uses device battery. Thus, the application includes the token of the person that runs the application into the input set, and is able to find out if the running parties are common friends, but it is not able to detect which of discovered common friends is the direct friend. So the direct friend is also visible in the list of common friends.

Developers

We would also like to thank Michał Kobyliński for graphic design of the user interface.

Release notes

  • 10th August 2014: version 1.3 available (name changed to SpotShare)
  • 27th May 2014: version 1.1 with LinkedIn support available
  • 6th May 2014: version 1.0 available

Known issues

Report problems to: Secures at Aalto