Socio Path: Protecting Privacy by Self-Sufficient Data Distribution in User-Centric Networks

Communication between users poses a privacy problem as soon as it relies on a third party. The problem ranges from personalized advertising to mass surveillance and applies primarily to centralized application service providers. However, also nodes in decentralized approaches are often under control by a third party. We argue that application data and metadata between a set of users can stay private only by self-sufficiency, i.e. exclusive end-to-end communication between devices under these users' control. State synchronization is a main challenge here, since especially mobile devices are prone to churn and varying connectivity. We present SocioPath, a decentralized protocol for self-sufficient user-to-user communication. It handles device heterogeneity by decoupling data objects from notifications and keeping recurrent state exchanges small. Additionally, it offers a user-centric application interface which abstracts from devices towards the user. Evaluation results show that even under heavy churn, it is possible to achieve a high delivery ratio and large scalability.