Real World Crypto 2021 - Session 8: Contact TracingRWC2021 · Real World Crypto
In the USA contact-tracing apps left to individual states due to fed govt lack of interest. All who launched use the GAEN (Google & Apple) framework but only 17 states have apps! Adoption very low (<10%) compared with Europe (>20-30%)
Comparisons made with Prep4All (advocates for PrEP therapy for HIV avoidance).
Integrity attacks against GAEN:
- doesn’t protect against replay attacks
- RPI codes could be captured and replayed in a different location
- folk can set up relaying BT beacons
- RPIs can be associated to infected people if you go to a testing site and gather data
Because of timing of US Election in the thick of COVID-19 there was concern that voter suppression could be effected by faking notification of exposure using attacks above. (It’s known that rainy days affect election outcomes as republicans are more likely to turn out)
The authors requested Google & Apple should suspend exposure notifications in the week prior to election day… this was refused. G & A thought the attacks were not rational, requiring too many resouces & investments compared to say a faked SMS campaign.
If an attacker is willing to get infected they could sell their auth codes to a black market…
He reckons that voter suppression didn’t occur not because of the difficulty of the attacks described but just because take-up of the tracing apps is so low.
An aside, and OMG! On the Effectiveness of Time Travel to Inject COVID-19 Alerts - actually a serious paper about things you can do if your phone clock is set wrong.
Israel’s manual contact tracing - all reports of being in public places end up with locations and times being published in newspapers and websites!
Israeli security service did automatic tracing using data from cell networks
- this was highly inaccurate
- so israel built decentralized BLE tracing app
Privacy / explainability tradeoff:
- private: ‘you were exposed last Thurs’
- explainable: ‘you were in contact with Joe Bloggs at the mall last Thurs 19:32’
Location tracking / coverage tradeoff:
- not everyone has a smartphone, some have dumbphones
- some folk don’t carry smartphone for religious reasons
Approach using GPS and location logging that never left phone was used for some local-only alerts (ie. no server integration)
- GPS wasn’t too accurate tho (buildings, etc.) and Google/Apple wouldn’t allow GPS data to be used in conjunction with GAEN
Hashomer used BLE but without GAEN. It worked well in general but was scuppered by public perception of contact-trace apps as surveillance tools, especially after earlier involvement of security services.
The speaker presents an approach that doesn’t require smart-phones or contact-tracing. It is good for dumb phones as well as smart. That’s because it’s based on studies of human mobility patterns from mobile phone data. This has been previously used to study spread of malaria /dengue / cholera.
Starts with aggregate data from all of a network operator’s subscribers. Historically this approach has worked only if there are lots of cases or mass-gatherings.
Improvements made by joining information about individuals who are infected. That info needs to be protected, so they use homomorphic encryption and zero-knowledge proofs and differential Privacy.
- encrypt subscribers phone numbers with homomorphic encryption;
- these are sent to mobile operators;
- it forms one dimension of a large matrix.
- The other dimension is the set of mobile subscribers who are moving;
- The matrix cell is set to 1 if subscriber is infected, 0 otherwise.
- something something … end up with a heat map.
Seems computationally expensive but isn’t: for a large city like NYC, the computation took <2hr and cost only $10 on AWS.