Paper 2020/1393

On the Effectiveness of Time Travel to Inject COVID-19 Alerts

Vincenzo Iovino, Serge Vaudenay, and Martin Vuagnoux

Abstract

Digital contact tracing apps allow to alert people who have been in contact with people who may be contagious. The Google/Apple Exposure Notification (GAEN) system is based on Bluetooth proximity estimation. It has been adopted by many countries around the world. However, many possible attacks are known. The goal of some of them is to inject a false alert on someone else's phone. This way, an adversary can eliminate a competitor in a sport event or a business in general. Political parties can also prevent people from voting. In this report, we review several methods to inject false alerts. One of them requires to corrupt the clock of the smartphone of the victim. For that, we build a time-traveling machine to be able to remotely set up the clock on a smartphone and experiment our attack. We show how easy this can be done. We successfully tested several smartphones with either the Swiss or the Italian app (SwissCovid or Immuni). We confirms is also works on other GAEN-based apps: NHS COVID-19 (in England and Wales), Corona-Warn-App (in Germany), and Coronalert (Belgium). The time-machine can also be used in active attack to identify smartphones. We can recognize smartphones that we have passively seen in the past. We can passively recognize in the future smartphones that we can see in present. We can also make smartphones identify themselves with a unique number. Finally, we report a simpler attack which needs no time machine but relies on the existence of still-valid keys reported on the server. We observed the case in several countries. The attack is made trivial in Austria, Denmark, Spain, Italy, the Netherlands, Alabama, Delaware, Wyoming, Canada, and England & Whales. Other regions are affected by interoperability too.

Note: Videos: https://vimeo.com/477605525 (teaser) and https://vimeo.com/476901083

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. CT-RSA 2021
DOI
10.1007/978-3-030-75539-3_18
Keywords
digital contact tracingattackstime corruption
Contact author(s)
viovino @ unisa it
serge vaudenay @ epfl ch
martin @ vuagnoux com
History
2021-05-14: last of 5 revisions
2020-11-10: received
See all versions
Short URL
https://ia.cr/2020/1393
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1393,
      author = {Vincenzo Iovino and Serge Vaudenay and Martin Vuagnoux},
      title = {On the Effectiveness of Time Travel to Inject {COVID}-19 Alerts},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/1393},
      year = {2020},
      doi = {10.1007/978-3-030-75539-3_18},
      url = {https://eprint.iacr.org/2020/1393}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.