PriLok: Citizen-protecting distributed epidemic tracing

Contact tracing is an important instrument for national health services to fight epidemics. As part of the COVID-19 situation, many proposals have been made for scaling up contract tracing capacities with the help of smartphone applications, an important but highly critical endeavor due to the privacy risks involved in such solutions. Extending our previously expressed concern, we clearly articulate in this article, the functional and non-functional requirements that any solution has to meet, when striving to serve, not mere collections of individuals, but the whole of a nation, as required in face of such potentially dangerous epidemics. We present a critical information infrastructure, PriLock, a fully-open preliminary architecture proposal and design draft for privacy preserving contact tracing, which we believe can be constructed in a way to fulfill the former requirements. Our architecture leverages the existing regulated mobile communication infrastructure and builds upon the concept of "checks and balances", requiring a majority of independent players to agree to effect any operation on it, thus preventing abuse of the highly sensitive information that must be collected and processed for efficient contact tracing. This is enforced with a largely decentralised layout and highly resilient state-of-the-art technology, which we explain in the paper, finishing by giving a security, dependability and resilience analysis, showing how it meets the defined requirements, even while the infrastructure is under attack.

[1]  Xuemin Shen,et al.  Deploying cognitive cellular networks under dynamic resource management , 2013, IEEE Wireless Communications.

[2]  Miguel Correia,et al.  SCFS: A Shared Cloud-backed File System , 2014, USENIX Annual Technical Conference.

[3]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[4]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[5]  Y. de Montjoye,et al.  Unique in the shopping mall: On the reidentifiability of credit card metadata , 2015, Science.

[6]  Alysson Bessani,et al.  SieveQ: A Layered BFT Protection System for Critical Services , 2016, IEEE Transactions on Dependable and Secure Computing.

[7]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.

[8]  Snowflake to Avalanche : A Novel Metastable Consensus Protocol Family for Cryptocurrencies Team Rocket , 2018 .

[9]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[10]  Eran Halperin,et al.  Identifying Personal Genomes by Surname Inference , 2013, Science.

[11]  Johannes Behl,et al.  CheapBFT: resource-efficient byzantine fault tolerance , 2012, EuroSys '12.

[12]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[13]  Miguel Correia,et al.  Efficient Byzantine Fault-Tolerance , 2013, IEEE Transactions on Computers.

[14]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[15]  Moni Naor,et al.  Pan-Private Streaming Algorithms , 2010, ICS.

[16]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[17]  Silvio Micali,et al.  Algorand: Scaling Byzantine Agreements for Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[18]  Vincenzo Iovino,et al.  Towards Defeating Mass Surveillance and SARS-CoV-2: The Pronto-C2 Fully Decentralized Automatic Contact Tracing System , 2020, IACR Cryptol. ePrint Arch..

[19]  R. Levine,et al.  Notes from the Field: Development of a Contact Tracing System for Ebola Virus Disease - Kambia District, Sierra Leone, January-February 2015. , 2016, MMWR. Morbidity and mortality weekly report.

[20]  Benny Pinkas,et al.  SBFT: A Scalable and Decentralized Trust Infrastructure , 2018, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[21]  Agustí Verde Parera,et al.  General data protection regulation , 2018 .

[22]  Richard W. Hamming,et al.  Error detecting and error correcting codes , 1950 .

[23]  Jim E van Steenbergen,et al.  Timeliness of contact tracing among flight passengers for influenza A/H1N1 2009 , 2011, BMC infectious diseases.

[24]  César A. Hidalgo,et al.  Unique in the Crowd: The privacy bounds of human mobility , 2013, Scientific Reports.

[25]  Alysson Neves Bessani,et al.  State Machine Replication for the Masses with BFT-SMART , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[26]  Ran Canetti,et al.  Anonymous Collocation Discovery: Harnessing Privacy to Tame the Coronavirus , 2020, 2003.13670.

[27]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[28]  Moni Naor,et al.  Differential privacy under continual observation , 2010, STOC '10.

[29]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[30]  Eric Horvitz,et al.  PACT: Privacy-Sensitive Protocols And Mechanisms for Mobile Contact Tracing , 2020, IEEE Data Eng. Bull..

[31]  Alysson Neves Bessani,et al.  An intrusion-tolerant firewall design for protecting SIEM systems , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[32]  Matt J Keeling,et al.  Contact tracing and disease control , 2003, Proceedings of the Royal Society of London. Series B: Biological Sciences.

[33]  Kartik Nayak,et al.  Solida: A Blockchain Protocol Based on Reconfigurable Byzantine Consensus , 2016, OPODIS.

[34]  Emin Gün Sirer,et al.  Bitcoin-NG: A Scalable Blockchain Protocol , 2015, NSDI.

[35]  Björn Scheuermann,et al.  Privacy-Preserving Contact Tracing of COVID-19 Patients , 2020, IACR Cryptol. ePrint Arch..