Paper 2020/528

Privacy-Preserving COVID-19 Contact Tracing App: A Zero-Knowledge Proof Approach

Joseph K. Liu, Man Ho Au, Tsz Hon Yuen, Cong Zuo, Jiawei Wang, Amin Sakzad, Xiapu Luo, Li Li, and Kim-Kwang Raymond Choo

Abstract

In this paper, we propose a privacy-preserving contact tracing protocol for smart phones, and more specifically Android and iOS phones. The protocol allows users to be notified, if they have been a close contact of a confirmed patient. The protocol is designed to strike a balance between privacy, security, and scalability. Specifically, the app allows all users to hide their past location(s) and contact history from the Government, without affecting their ability to determine whether they have close contact with a confirmed patient whose identity will not be revealed. A zero-knowledge protocol is used to achieve such a user privacy functionality. In terms of security, no user can send fake messages to the system to launch a false positive attack. We present a security model and formally prove the security of the protocol. To demonstrate scalability, we evaluate an Android and an iOS implementation of our protocol. A comparative summary shows that our protocol is the most comprehensive and balanced privacy-preserving contact tracing solution to-date.

Note: This is the full version of the ISPEC 2021 paper.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. MINOR revision.ISPEC 2021
Keywords
COVID-19Zero-knowledge proof
Contact author(s)
joseph liu @ monash edu
History
2021-10-17: last of 4 revisions
2020-05-06: received
See all versions
Short URL
https://ia.cr/2020/528
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/528,
      author = {Joseph K.  Liu and Man Ho Au and Tsz Hon Yuen and Cong Zuo and Jiawei Wang and Amin Sakzad and Xiapu Luo and Li Li and Kim-Kwang Raymond Choo},
      title = {Privacy-Preserving COVID-19 Contact Tracing App: A Zero-Knowledge Proof Approach},
      howpublished = {Cryptology ePrint Archive, Paper 2020/528},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/528}},
      url = {https://eprint.iacr.org/2020/528}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.