ConTra Corona : Contact Tracing against the Coronavirus by Bridging the Centralized–Decentralized Divide for Stronger Privacy
Beskorovajnov, Wasilij; Dörre, Felix
; Hartung, Gunnar; Koch, Alexander; Müller-Quade, Jörn; Strufe, Thorsten
; Hartung, Gunnar; Koch, Alexander; Müller-Quade, Jörn; Strufe, Thorsten
Abstract:
Contact tracing is among the most important interventions
to mitigate the spread of any pandemic, usually in the form of manual
contact tracing. Smartphone-facilitated digital contact tracing may help to
increase tracing capabilities and extend the coverage to those contacts one
does not know in person. Most implemented protocols use local Bluetooth
Low Energy (BLE) communication to detect contagion-relevant proximity,
together with cryptographic protections, as necessary to improve the
privacy of the users of such a system. However, current decentralized
protocols, including DP3T, do not sufficiently protect infected
users from having their status revealed to their contacts, which raises
fear of stigmatization.
We alleviate this by proposing a new and practical solution with stronger
privacy guarantees against active adversaries. It is based on the upload-
what-you-observed paradigm, includes a separation of duties on the
server side, and a mechanism to ensure that users cannot deduce which
encounter caused a warning with high time resolution. Finally, we present
a simulation-based security notion of digital contact tracing in the real-
... mehr
to mitigate the spread of any pandemic, usually in the form of manual
contact tracing. Smartphone-facilitated digital contact tracing may help to
increase tracing capabilities and extend the coverage to those contacts one
does not know in person. Most implemented protocols use local Bluetooth
Low Energy (BLE) communication to detect contagion-relevant proximity,
together with cryptographic protections, as necessary to improve the
privacy of the users of such a system. However, current decentralized
protocols, including DP3T, do not sufficiently protect infected
users from having their status revealed to their contacts, which raises
fear of stigmatization.
We alleviate this by proposing a new and practical solution with stronger
privacy guarantees against active adversaries. It is based on the upload-
what-you-observed paradigm, includes a separation of duties on the
server side, and a mechanism to ensure that users cannot deduce which
encounter caused a warning with high time resolution. Finally, we present
a simulation-based security notion of digital contact tracing in the real-
... mehr
| Zugehörige Institution(en) am KIT | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) |
| Publikationstyp | Forschungsbericht/Preprint |
| Publikationsdatum | 04.11.2021 |
| Sprache | Englisch |
| Identifikator | KITopen-ID: 1000139714 |
| HGF-Programm | 46.23.01 (POF IV, LK 01) Methods for Engineering Secure Systems |
| Verlag | Karlsruher Institut für Technologie (KIT) |
| Externe Relationen | Siehe auch |
| Schlagwörter | Digital Contact Tracing, Privacy, Transmissible Diseases, Active Security, Anonymity, Security Modeling, Ideal Functionality |
| Relationen in KITopen |