Paper 2020/863

Privacy-Preserving Automated Exposure Notification

Ran Canetti, Yael Tauman Kalai, Anna Lysyanskaya, Ronald L. Rivest, Adi Shamir, Emily Shen, Ari Trachtenberg, Mayank Varia, and Daniel J. Weitzner

Abstract

Contact tracing is an essential component of public health efforts to slow the spread of COVID-19 and other infectious diseases. Automating parts of the contact tracing process has the potential to significantly increase its scalability and efficacy, but also raises an array of privacy concerns, including the risk of unwanted identification of infected individuals and clandestine collection of privacy-invasive data about the population at large. In this paper, we focus on automating the exposure notification part of contact tracing, which notifies people who have been in close proximity to infected people of their potential exposure to the virus. This work is among the first to focus on the privacy aspects of automated exposure notification. We introduce two privacy-preserving exposure notification schemes based on proximity detection. Both systems are decentralized -- no central entity has access to sensitive data. The first scheme is simple and highly efficient, and provides strong privacy for non-diagnosed individuals and some privacy for diagnosed individuals. The second scheme provides enhanced privacy guarantees for diagnosed individuals, at some cost to efficiency. We provide formal definitions for automated exposure notification and its security, and we prove the security of our constructions with respect to these definitions.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
automated exposure notificationcontact tracingCOVID-19privacy
Contact author(s)
canetti @ bu edu
yaelism @ gmail com
anna_lysyanskaya @ brown edu
rivest @ mit edu
adi shamir @ weizmann ac il
emily shen @ ll mit edu
trachten @ bu edu
varia @ bu edu
weitzner @ mit edu
History
2020-07-12: received
Short URL
https://ia.cr/2020/863
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/863,
      author = {Ran Canetti and Yael Tauman Kalai and Anna Lysyanskaya and Ronald L.  Rivest and Adi Shamir and Emily Shen and Ari Trachtenberg and Mayank Varia and Daniel J.  Weitzner},
      title = {Privacy-Preserving Automated Exposure Notification},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/863},
      year = {2020},
      url = {https://eprint.iacr.org/2020/863}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.