A multitude of privacy breaches, both accidental and malicious, have prompted
users to distrust centralized providers of online social networks (OSNs) and
investigate decentralized solutions. We examine the design of a fully
decentralized (peer-to-peer) OSN, with a special focus on privacy and security.
In particular, we wish to protect the confidentiality, integrity, and
availability of user content and the privacy of user relationships. We propose
DECENT, an architecture for OSNs that uses a distributed hash table to store
user data, and features cryptographic protections for confidentiality and
integrity, as well as support for flexible attribute policies and fast
revocation. DECENT ensures that neither data nor social relationships are
visible to unauthorized users and provides availability through replication and
authentication of updates. We evaluate DECENT through simulation and
experiments on the PlanetLab network and show that DECENT is able to replicate
the main functionality of current centralized OSNs with manageable overhead.