research-article

Long Live Randomization: On Privacy-preserving Contact Tracing in Pandemic

Authors:

Thien Duc Nguyen,

Markus Miettinen,

Ahmad-Reza SadeghiAuthors Info & Claims

MTD'20: Proceedings of the 7th ACM Workshop on Moving Target Defense

Pages 1 - 9

https://doi.org/10.1145/3411496.3421229

Published: 09 November 2020 Publication History

Abstract

Caused by coronavirus SARS-CoV-2, the COVID-19 disease spreads particularly through direct contact between people. Health authorities face the challenge of identifying and isolating infection chains to prevent the pandemic from spreading further. To improve the efficiency and effectiveness of manual contact tracing, many countries have recently introduced digital contact tracing apps running on smartphones of users for helping to identify contacts between individual users. These apps are usually based on beaconing pseudonymous identifiers over a proximity communication protocol like Bluetooth LE. The identification of potentially critical contacts is then performed by comparing the identifiers emitted by persons reported as infected and the identifiers observed by other users of the system and issuing appropriate warnings to them in case a matching identifier is found. However, by beaconing identifiers into their proximity, individual users potentially become traceable by entities that systematically collect observations in various places. To preserve privacy of users and be compliant to various privacy regulations many proposed systems use ephemeral, pseudo-random identifiers that are more difficult to link together.

In this paper, we briefly analyze and discuss privacy properties of a selected number of proposed contact tracing solutions and the impact of the applied randomization approaches. We also discuss the pros and cons of these tracing schemes.

References

[1]

2018. General Data Protection Regulation. (2018). https://eur-lex.europa.eu/eli/ reg/2016/679/oj.

[2]

Apple and Google. 2020. Exposure Notification: Cryptography Specification, v1.2. (April 2020). https://www.apple.com/covid19/contacttracing.

[3]

Department of Health Australian Government. 2020. CovidSafe Contact Tracing App. (2020). https://www.health.gov.au/resources/apps-and-tools/covidsafe-app.

[4]

Lars Baumgärtner, Alexandra Dmitrienko, Bernd Freisleben, Alexander Gruler, Jonas Höchst, Joshua Kühlberg, Mira Mezini, Markus Miettinen, Anel Muhamedagic, Thien Duc Nguyen, et almbox. 2020. Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. arXiv preprint arXiv:2006.05914 (2020).

[5]

Jason Bay, Joel Kek, Alvin Tan, Chai Sheng Hau, Lai Yongquan, Janice Tan, and Tang Anh Quy. 2020. BlueTrace: A privacy-preserving protocol for community-driven contact tracing across borders. (9 April 2020). https://bluetrace.io/static/bluetrace_whitepaper-938063656596c104632def383eb33b3c.pdf

[6]

Justin Chan, Shyam Gollakota, Eric Horvitz, Joseph Jaeger, Sham Kakade, Tadayoshi Kohno, John Langford, Jonathan Larson, Sudheesh Singanamalla, Jacob Sunshine, et almbox. 2020. PACT: Privacy-Sensitive Protocols And Mechanisms for Mobile Contact Tracing. arXiv preprint arXiv:2004.03544 (7 April 2020).

[7]

Mauro Conti, Stephen Crane, Tommaso Frassetto, Andrei Homescu, Georg Koppen, Per Larsen, Christopher Liebchen, Mike Perry, and Ahmad-Reza Sadeghi. 2016. Selfrando: Securing the tor browser against de-anonymization exploits. Proceedings on Privacy Enhancing Technologies, Vol. 2016, 4 (2016), 454--469.

[8]

Stephen J Crane, Stijn Volckaert, Felix Schuster, Christopher Liebchen, Per Larsen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Bjorn De Sutter, and Michael Franz. 2015. It's a TRaP: Table randomization and protection against function-reuse attacks. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 243--255.

Digital Library

[9]

Lucas Davi, David Gens, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2017. PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables. In NDSS.

[10]

Jonathan Ganz and Sean Peisert. 2017. ASLR: How Robust is the Randomness? IEEE.

[11]

Ministry of Health Government of Singapore. 2020. TraceTogether Contact Tracing App. (2020). https://www.tracetogether.gov.sg/.

[12]

Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, and Stefan Mangard. 2017. Kaslr is dead: long live kaslr. In International Symposium on Engineering Secure Software and Systems. Springer, 161--176.

[13]

Stephan Heuser, Bradley Reaves, Praveen Kumar Pendyala, Henry Carter, Alexandra Dmitrienko, Negar Kiyavash, William Enck, Ahmad-Reza Sadeghi, and Patrick Traynor. 2017. Phonion: Practical Protection of Metadata in Telephony Networks. In Proceedings on Privacy Enhancing Technologies (PoPETs). http://tubiblio.ulb.tu-darmstadt.de/104094/

[14]

Ministry of Health Israel govement. 2020. Hamagen. (2020). https://govextra.gov.il/ministry-of-health/hamagen-app/download-en/.

[15]

Hugo Krawczyk and Pasi Eronen. 2010. Hmac-based extract-and-expand key derivation function (hkdf). Technical Report. RFC 5869, May.

[16]

Markus Miettinen, Stephan Heuser, Wiebke Kronz, Ahmad-Reza Sadeghi, and N. Asokan. 2014. ConXsense -- Context Profiling and Classification for Context-Aware Access Control. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014). ACM. https://doi.org/10.1145/2590296.2590337 Best paper award.

[17]

F. M. Naini, O. Dousse, P. Thiran, and M. Vetterli. 2011. Population size estimation using a few individuals as agents. In 2011 IEEE International Symposium on Information Theory Proceedings. 2499--2503.

[18]

NHSX. 2020. NHS COVID-19: The New Contact Tracing App from the NHS. (2020). https://www.ncsc.gov.uk/information/nhs-covid-19-app-explainer.

[19]

Government of France. 2020 a. StopCovid FAQs: What about the initiative launched by Apple and Google. (2020). https://www.economie.gouv.fr/stopcovid-faq.

[20]

Government of France. 2020 b. StopCovid France. (2020). https://www.economie.gouv.fr/stopcovid.

[21]

H. Okhravi, T. Hobson, D. Bigelow, and W. Streilein. 2014. Finding Focus in the Blur of Moving-Target Techniques. IEEE Security Privacy, Vol. 12, 2 (2014), 16--26.

[22]

Patrick Howell O'Neill, Tate Ryan-Mosley, and Bobbie Johnson. 2020. Covid Tracing Tracker. (28 Aug. 2020). https://www.technologyreview.com/2020/05/07/1000961/launching-mittr-covid-tracing-tracker/

[23]

PEPP-PT. 2020. pepp-pt. (2020). https://www.pepp-pt.org/content

[24]

Benny Pinkas and Eyal Roneny. 2020. Hashomer: A Proposal for a Privacy-Preserving Bluetooth Based Contact Tracing Scheme for Hamagen. (2020). https://github.com/eyalr0/HashomerCryptoRef.

[25]

DP-3T project. 2020. Decentralized Privacy-Preserving Proximity Tracing. (2020). https://github.com/DP-3T/documents.

[26]

Hovav Shacham. 2007. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the 14th ACM conference on Computer and communications security. 552--561.

Digital Library

[27]

Bluetooth SIG. 2020. Bluetooth core specifications. (2020). https://www.bluetooth.com/specifications/bluetooth-core-specification/

[28]

Kevin Z Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2013. Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In 2013 IEEE Symposium on Security and Privacy. IEEE, 574--588.

Digital Library

[29]

TraceCORONA. 2020. TraceCORONA: Anonymous decentralized contact tracing for pandemic response. (May 2020). tracecorona.net.

[30]

Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, and Zhiping Shi. 2019. Safehidden: an efficient and secure information hiding technique using re-randomization. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1239--1256.

Cited By

Sousa SKalju T(2022)Modeling Trust in COVID-19 Contact-Tracing Apps Using the Human-Computer Trust Scale: Online Survey StudyJMIR Human Factors10.2196/339519:2(e33951)Online publication date: 13-Jun-2022
https://doi.org/10.2196/33951
Seberger JObi ILoukil MLiao WWild DPatil S(2022)Speculative VulnerabilityProceedings of the ACM on Human-Computer Interaction10.1145/35555866:CSCW2(1-27)Online publication date: 11-Nov-2022
https://dl.acm.org/doi/10.1145/3555586

Index Terms

Long Live Randomization: On Privacy-preserving Contact Tracing in Pandemic
1. Security and privacy

Recommendations

BU-Trace: A Permissionless Mobile System for Privacy-Preserving Intelligent Contact Tracing
Database Systems for Advanced Applications. DASFAA 2021 International Workshops
Abstract
The coronavirus disease 2019 (COVID-19) pandemic has caused an unprecedented health crisis for the global. Digital contact tracing, as a transmission intervention measure, has shown its effectiveness on pandemic control. Despite intensive research ...
P²B-Trace: Privacy-Preserving Blockchain-based Contact Tracing to Combat Pandemics
SIGMOD '21: Proceedings of the 2021 International Conference on Management of Data

The eruption of a pandemic, such as COVID-19, can cause an unprecedented global crisis. Contact tracing, as a pillar of communicable disease control in public health for decades, has shown its effectiveness on pandemic control. Despite intensive ...
Does Mode of Digital Contact Tracing Affect User Willingness to Share Information? A Quantitative Study
CHI '22: Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems

Digital contact tracing can limit the spread of infectious diseases. Nevertheless, barriers remain to attain sufficient adoption. In this study, we investigate how willingness to participate in contact tracing is affected by two critical factors: the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MTD'20: Proceedings of the 7th ACM Workshop on Moving Target Defense

November 2020

96 pages

ISBN:9781450380850

DOI:10.1145/3411496

Program Chairs:
Hamed Okhravi
MIT Lincoln Laboratory
,
Cliff Wang
US Army Research Office

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 November 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Deutsche Forschungsgemeinschaft (DFG)

Conference

CCS '20

Sponsor:

SIGSAC

CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security

November 9, 2020

Virtual Event, USA

Acceptance Rates

Overall Acceptance Rate 40 of 92 submissions, 43%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
204
Total Downloads

Downloads (Last 12 months)16
Downloads (Last 6 weeks)1

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sousa SKalju T(2022)Modeling Trust in COVID-19 Contact-Tracing Apps Using the Human-Computer Trust Scale: Online Survey StudyJMIR Human Factors10.2196/339519:2(e33951)Online publication date: 13-Jun-2022
https://doi.org/10.2196/33951
Seberger JObi ILoukil MLiao WWild DPatil S(2022)Speculative VulnerabilityProceedings of the ACM on Human-Computer Interaction10.1145/35555866:CSCW2(1-27)Online publication date: 11-Nov-2022
https://dl.acm.org/doi/10.1145/3555586

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents