Abstract
Currently several projects aim at designing and implementing protocols for privacy preserving automated contact tracing to help fight the current pandemic. Those proposal are quite similar, and in their most basic form basically propose an app for mobile phones which broadcasts frequently changing pseudorandom identifiers via (low energy) Bluetooth, and at the same time, the app stores IDs broadcast by phones in its proximity. Only if a user is tested positive, they upload either the beacons they did broadcast (which is the case in decentralized proposals as DP-3T, east and west coast PACT or Covid watch) or received (as in Popp-PT or ROBERT) during the last two weeks or so.
Vaudenay [eprint 2020/399] observes that this basic scheme (he considers the DP-3T proposal) succumbs to relay and even replay attacks, and proposes more complex interactive schemes which prevent those attacks without giving up too many privacy aspects. Unfortunately interaction is problematic for this application for efficiency and security reasons. The countermeasures that have been suggested so far are either not practical or give up on key privacy aspects. We propose a simple non-interactive variant of the basic protocol that
-
(security) Provably prevents replay and (if location data is available) relay attacks.
-
(privacy) The data of all parties (even jointly) reveals no information on the location or time where encounters happened.
-
(efficiency) The broadcasted message can fit into 128 bits and uses only basic crypto (commitments and secret key authentication).
Towards this end we introduce the concept of “delayed authentication”, which basically is a message authentication code where verification can be done in two steps, where the first doesn’t require the key, and the second doesn’t require the message.
This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Consider an app by which malicious covidiots can collect Bluetooth beacons, share them amongst each other, and then re-broadcast the beacons they jointly collected in the last 10 min, leading to many false positives. This attack arguably even works with fairly short (say 1 s) time windows as used in this paper. To really prevent such attacks it seems one either needs location data (as shown in this work using coarse GPS locations), interaction as in Vaudenay’s protocol [Vau20a] or public-key crypto [ABIV20, LAY+20, WL20, CKL+20].
References
Avitabile, G., Botta, V., Iovino, V., Visconti, I.: Towards defeating mass surveillance and SARS-CoV-2: The pronto-C2 fully decentralized automatic contact tracing system. Cryptology ePrint Archive, Report 2020/493 (2020). https://eprint.iacr.org/2020/493
Avitabile, G., Friolo, D., Visconti, I.: TEnK-U: terrorist attacks for fake exposure notifications in contact tracing systems. Cryptology ePrint Archive, Report 2020/1150 (2020). https://eprint.iacr.org/2020/1150
Auerbach, B., et al.: Inverse-sybil attacks in automated contact tracing. Cryptology ePrint Archive, Report 2020/670 (2020). https://eprint.iacr.org/2020/670
Privacy-preserving contact tracing (2020). https://www.apple.com/covid19/contacttracing
Baumgärtner, L., et al.: Mind the gap: security and privacy risks of contact tracing apps (2020)
Chan, J., et al.: PACT: privacy sensitive protocols and mechanisms for mobile contact tracing. CoRR, abs/2004.03544 (2020)
Canetti, R., et al.: Privacy-preserving automated exposure notification. Cryptology ePrint Archive, Report 2020/863 (2020). https://eprint.iacr.org/2020/863
COVID watch (2020). https://www.covid-watch.org/
Danz, N., Derwisch, O., Lehmann, A., Puenter, W., Stolle, M., Ziemann, J.: Security and privacy of decentralized cryptographic contact tracing. Cryptology ePrint Archive, Report 2020/1309 (2020). https://eprint.iacr.org/2020/1309
Mobile applications to support contact tracing in the EU’s fight against COVID-19 (2020). https://ec.europa.eu/health/sites/health/files/ehealth/docs/covid-19_apps_en.pdf. Version 1.0, 15 Apr 2020
Gennaro, R., Krellenstein, A., Krellenstein, J.: Exposure notification system may allow for large-scale voter suppression
Gvili, Y.: Security analysis of the COVID-19 contact tracing specifications by Apple inc. and Google inc. Cryptology ePrint Archive, Report 2020/428 (2020). https://eprint.iacr.org/2020/428
Kuhn, C., Beck, M., Strufe, T.: COVID notions: towards formal definitions - and documented understanding - of privacy goals and claimed protection in proximity-tracing services. CoRR, abs/2004.07723 (2020)
Liu, J.K., et al.: Privacy-preserving COVID-19 contact tracing app: a zero-knowledge proof approach. Cryptology ePrint Archive, Report 2020/528 (2020). https://eprint.iacr.org/2020/528
PEPP-PT: Pan-European privacy-preserving proximity tracing (2020). https://www.pepp-pt.org/
ROBERT: ROBust and privacy-presERving proximity Tracing (2020). https://github.com/ROBERT-proximity-tracing
Troncoso, C., et al.: DP3T: decentralized privacy-preserving proximity tracing (2020). https://github.com/DP-3T
Vaudenay, S.: Analysis of DP3T. Cryptology ePrint Archive, Report 2020/399 (2020). https://eprint.iacr.org/2020/399
Vaudenay, S.: Centralized or decentralized? The contact tracing dilemma. Cryptology ePrint Archive, Report 2020/531 (2020). https://eprint.iacr.org/2020/531
Wan, Z., Liu, X.: ContactChaser: a simple yet effective contact tracing scheme with strong privacy. Cryptology ePrint Archive, Report 2020/630 (2020). https://eprint.iacr.org/2020/630
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Pietrzak, K. (2020). Delayed Authentication: Preventing Replay and Relay Attacks in Private Contact Tracing. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds) Progress in Cryptology – INDOCRYPT 2020. INDOCRYPT 2020. Lecture Notes in Computer Science(), vol 12578. Springer, Cham. https://doi.org/10.1007/978-3-030-65277-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-65277-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65276-0
Online ISBN: 978-3-030-65277-7
eBook Packages: Computer ScienceComputer Science (R0)