Cryptology ePrint Archive: Report 2020/505

ConTra Corona: Contact Tracing against the Coronavirus by Bridging the Centralized–Decentralized Divide for Stronger Privacy

Wasilij Beskorovajnov and Felix Dörre and Gunnar Hartung and Alexander Koch and Jörn Müller-Quade and Thorsten Strufe

Abstract: Contact tracing is one of the most important interventions to mitigate the spread of COVID-19/SARS-CoV-2. Smartphone-facilitated digital contact tracing may help to increase tracing capabilities as well as extend the coverage to those contacts one does not know in person. The emerging consensus is that a decentralized approach with local Bluetooth Low Energy (BLE) communication to detect contagion-relevant proximity, together with cryptographic protections, is necessary to guarantee the privacy of the users of such a system. However, current decentralized protocols, including DP3T and the protocol by Canetti, Trachtenberg and Varia, do not sufficiently protect infected users from having their status revealed to their contacts, which may raise fear of stigmatization. By taking a dual approach, we propose a new and practical solution with stronger privacy guarantees even against active adversaries. In particular, we solve the aforementioned problem with additional pseudorandom warning identities that are associated to the broadcasted public identity, but this association is only known to a non-colluding dedicated server, which does not learn to whom the public identity belongs. Then, only these anonymous warning identities are published. Moreover, our solution allows warned contacts to prove that they have been in contact with infected users, an important feature in times of restricted testing capacities. Among other additional security measures, we detail how the use of secret sharing can prevent the unnecessary and potentially panic-inducing warning of contacts that have only been around the infected person for a very brief time period.

Category / Keywords: applications / Digital Contact Tracing, Privacy, SARS-CoV-2, COVID-19, Active Security, Anonymity

Date: received 29 Apr 2020, last revised 6 May 2020

Contact author: beskorovajnov at fzi de,felix doerre@kit edu,gunnar hartung@kit edu,alexander koch@kit edu,joern mueller-quade@kit edu,thorsten strufe@kit edu

Available format(s): PDF | BibTeX Citation

Version: 20200506:094213 (All versions of this report)

Short URL: ia.cr/2020/505


[ Cryptology ePrint archive ]