SpreadMeNot: A Provably Secure and Privacy-Preserving Contact Tracing Protocol

11/14/2020
by   Pietro Tedeschi, et al.
0

Contact tracing via mobile applications is gaining significant traction in the battle against Covid-19. A plethora of contact tracing apps have been developed and deployed in several countries around the world. However, people are rightfully concerned about the security and privacy risks of such applications. To this end, the contribution of this work is twofold. First, we present an in-depth analysis of the security and privacy characteristics of the most prominent contact tracing protocols, under both passive and active adversaries. The results of our study indicate that all protocols are vulnerable to a variety of attacks, mainly due to the deterministic nature of the underlying cryptographic protocols. Our second contribution is the design of SpreadMeNot, a novel contact tracing protocol that can defend against most passive and active attacks, thus providing strong (provable) security and privacy guarantees that are necessary for such a sensitive application. Moreover, we experimentally demonstrate that SpreadMeNot—while being built on asymmetric crypto primitives—sports little overhead. Our detailed analysis, both formal and experimental, shows that SpreadMeNot satisfies security, privacy, and performance requirements, hence being an ideal candidate for building a contact tracing solution that can be adopted by the majority of the general public, as well as to serve as an open source reference for further developments in the field.

READ FULL TEXT

page 1

page 13

research
03/10/2021

DIMY: Enabling Privacy-preserving Contact Tracing

The infection rate of COVID-19 and lack of an approved vaccine has force...
research
06/10/2020

Mind the GAP: Security Privacy Risks of Contact Tracing Apps

Contact tracing apps running on mobile devices promise to reduce the man...
research
11/18/2020

Asymmetric Private Set Intersection with Applications to Contact Tracing and Private Vertical Federated Machine Learning

We present a multi-language, cross-platform, open-source library for asy...
research
12/17/2020

PURE: A Framework for Analyzing Proximity-based Contact Tracing Protocols

Many proximity-based tracing (PCT) protocols have been proposed and depl...
research
12/06/2020

On the Privacy and Integrity Risks of Contact-Tracing Applications

Smartphone-based contact-tracing applications are at the epicenter of th...
research
05/09/2020

PriLok: Citizen-protecting distributed epidemic tracing

Contact tracing is an important instrument for national health services ...
research
09/11/2020

Probabilistic and mean-field model of COVID-19 epidemics with user mobility and contact tracing

We propose a detailed discrete-time model of COVID-19 epidemics coming i...

Please sign up or login with your details

Forgot password? Click here to reset