DIMY: Enabling privacy-preserving contact tracing

The infection rate of COVID-19 and lack of an approved vaccine has forced governments and health authorities to adopt lockdowns, increased testing, and contact tracing to reduce the spread of the virus. Digital contact tracing has become a supplement to the traditional manual contact tracing process. However, although there have been a number of digital contact tracing apps proposed and deployed, these have not been widely adopted owing to apprehensions surrounding privacy and security. In this paper, we propose a blockchain-based privacy-preserving contact tracing protocol, ”Did I Meet You” (DIMY), that provides full-lifecycle data privacy protection on the devices themselves as well as on the back-end servers, to address most of the privacy concerns associated with existing protocols. We have employed Bloom filters to provide efficient privacy-preserving storage, and have used the Diffie-Hellman key exchange for secret sharing among the participants. We show that DIMY provides resilience against many well known attacks while introducing negligible overheads. DIMY’s footprint on the storage space of clients’ devices and back-end servers is also significantly lower than other similar state of the art apps.

[1]  Stephen Lee,et al.  FastFabric: Scaling Hyperledger Fabric to 20,000 Transactions per Second , 2019, 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[2]  Eli Upfal,et al.  Probability and Computing: Randomized Algorithms and Probabilistic Analysis , 2005 .

[3]  Jason Bay,et al.  BlueTrace: A privacy-preserving protocol for community-driven contact tracing across borders , 2020 .

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  Sheng Wu,et al.  Decentralized Blockchain for Privacy-Preserving Large-Scale Contact Tracing , 2020, ArXiv.

[6]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[7]  Cédric Lauradoux,et al.  DESIRE: A Third Way for a European Exposure Notification System Leveraging the best of centralized and decentralized systems , 2020, ArXiv.

[8]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[9]  Jörn Müller-Quade,et al.  ConTra Corona: Contact Tracing against the Coronavirus by Bridging the Centralized - Decentralized Divide for Stronger Privacy , 2020, IACR Cryptol. ePrint Arch..

[10]  Wolfgang Nejdl,et al.  Cardinality estimation and dynamic length adaptation for Bloom filters , 2010, Distributed and Parallel Databases.

[11]  Vincenzo Iovino,et al.  Towards Defeating Mass Surveillance and SARS-CoV-2: The Pronto-C2 Fully Decentralized Automatic Contact Tracing System , 2020, IACR Cryptol. ePrint Arch..

[12]  Serge Vaudenay,et al.  Analysis of DP3T - Between Scylla and Charybdis , 2020 .

[13]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[14]  Helge Janicke,et al.  A Survey of COVID-19 Contact Tracing Apps , 2020, IEEE Access.

[15]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[16]  Serge Vaudenay,et al.  Centralized or Decentralized? The Contact Tracing Dilemma , 2020, IACR Cryptol. ePrint Arch..

[17]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[18]  BeepTrace: Blockchain-enabled Privacy-preserving Contact Tracing for COVID-19 Pandemic and Beyond , 2020, ArXiv.

[19]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[20]  Salil S. Kanhere,et al.  Blockchain Technologies for IoT , 2019, Studies in Big Data.