Robust ambiguity for contact tracing
A known drawback of `decentralised' contact tracing architectures is that users who have been in contact with an infected person are able to precisely identify the relevant contact, and thereby perhaps identify the infected person. In their proposal, the PACT team discuss a simple DH-based protocol to mitigate this problem, but dismiss it because it is vulnerable to a malicious user who may deviate from the specified behaviour. This note presents a modified protocol which achieves robustness against a fully malicious user, and establishes some simple security properties.
READ FULL TEXT