A secure, privacy-preserving contact tracing method
Apple and Google recently rolled a joint contract tracking-tracing application which will allow apps developed by states and countries to track COVID-19 cases via a user’s cellphones. Those who choose to adopt the alert system will be notified when they were in proximity to someone who tested positive for the disease. A few states have rolled out apps, but security concerns persist, and adoption of the technology by citizens remains low.
Venkat Venkatakrishnan, associate dean for research and graduate studies and professor of computer science at UIC and interim director of research at Discovery Partners Institute, along with Parthasarathy Madhusudan and Ling Ren of University of Illinois Urbana-Champaign, released a white paper in May, Privacy-Preserving Secure Contact Tracing, ConTraIL Project, offering a more secure architecture for contact tracing.
The researchers’ privacy goals are extremely high. Their system keeps interactions HIPAA compliant and also protects users’ privacy from the app and the server that computes contacts, healthcare providers reporting illness, the government tracking cases, and external attackers. Their framework will rely heavily on cryptography to ensure privacy, similar to the type used in secure internet communications for bank transactions and financial trading.
“In this architecture, all users keep their personal information on their phone, and any information sent to others is encrypted in a fashion that no one else can decrypt. Consequently, all computations and communication happen only on encrypted undecryptable data,” Venkatakrishnan said.
A user would set up an account, and a unique, secret key would randomly be generated — information not shared with anyone or even with the server. Ephemeral IDs (EID) would be generated by this key and beamed to other nearby users. The protocols proposed by Venkatakrishnan and his colleagues dovetail with Apple-Google’s mechanism of using Bluetooth on phones to record the location and time of any given user. But through a mechanism called Context Signature Verification (CSV), a cryptographic hash or code would be added to the beamed EIDs, adding a time and location stamp to the interaction. This way, if a system user were to be notified of a potential exposure, their phone would first verify that the CSVs of the COVID-19 positive individual matched — that they were indeed at the same place at the same time.
This mechanism solves the problem of long-range relay attacks, where a Bluetooth device that was collecting EIDs, say, in a supermarket in Chicago, could be hacked and relayed to Los Angeles, sending false alerts to users who were not in contact with that infected person and undermining the entire tracing system.
The group is currently speaking with industry through the Discovery Partner Institute, working to get their recommendations adopted at large.
Scientists around the world are racing to contribute to the understanding of the novel SARS-CoV-2 coronavirus, and the COVID-19 disease it causes. Here at UIC, researchers in the Computer Science Department are engaged in studies related to the disease outbreak. Updates to the research will be published as they are made available.