TEnK-U: Terrorist Attacks for Fake Exposure Notifications in Contact Tracing Systems

In this work we show that an adversary can leverage blockchain technology to attack the integrity of contact tracing systems based on Google-Apple Exposure Notifications (GAEN). We design a suite of smart contracts named TEnK-U allowing an on-line market where infected individuals interested in monetizing their status will then upload to the servers of the GAEN-based systems some keys (i.e., TEKs) chosen by an adversary. As a consequence, there will be fake exposure notifications of at-risk contacts arbitrarily decided by the adversary and allowed by infected individuals looking for money. Such vulnerability can be exploited to anonymously and digitally trade valuable contact tracing data without a mediator and without risks of being cheated. This makes infected individuals prone to get bribed by adversaries willing to compromise the integrity of the contact tracing system for any malicious purpose. For instance, large-scale attacks with catastrophic consequences (e.g., jeopardizing the health system, compromising the result of elections) are easy to mount and attacks to specific targets are completely straight-forward (e.g., schools, shops, hotels, factories). We show as main contribution a smart contract with two collateral deposits that works, in general, on GAEN-based systems and concretely with Immuni and SwissCovid. In addition, we show smart contracts with one collateral deposit that work with SwissCovid. Finally, we also suggest the design of a more sophisticated smart contract that could potentially be used to attack GAEN-based system even in case those systems are repaired to make the previous attacks ineffective. This last smart contract crucially uses DECO to connect blockchains with TLS sessions. Our work shows that risks envisioned by Anderson and Vaudenay are absolutely concrete, in particular TEnK-U shows how to realize with Immuni and SwissCovid the terrorist attack to decentralized systems discussed by Vaudenay.

[1]  Financial Cryptography , 1997, Lecture Notes in Computer Science.

[2]  Jason Teutsch,et al.  Smart Contracts Make Bitcoin Mining Pools Vulnerable , 2017, Financial Cryptography Workshops.

[3]  Serge Vaudenay,et al.  Analysis of SwissCovid , 2020 .

[4]  Crypto Group at I. S. T. Austria Inverse-Sybil Attacks in Automated Contact Tracing , 2020, IACR Cryptol. ePrint Arch..

[5]  Krzysztof Pietrzak,et al.  Delayed Authentication: Preventing Replay and Relay Attacks in Private Contact Tracing , 2020, IACR Cryptol. ePrint Arch..

[6]  Joel Reardon,et al.  Proximity Tracing in an Ecosystem of Surveillance Capitalism , 2020, WPES@CCS.

[7]  I. G. BONNER CLAPPISON Editor , 1960, The Electric Power Engineering Handbook - Five Volume Set.

[8]  Dan Boneh,et al.  Zether: Towards Privacy in a Smart Contract World , 2020, IACR Cryptol. ePrint Arch..

[9]  Jonathan Katz,et al.  Incentivizing Blockchain Forks via Whale Transactions , 2017, Financial Cryptography Workshops.

[10]  Vincenzo Iovino,et al.  Towards Defeating Mass Surveillance and SARS-CoV-2: The Pronto-C2 Fully Decentralized Automatic Contact Tracing System , 2020, IACR Cryptol. ePrint Arch..

[11]  Sanjay Jain,et al.  When Cryptocurrencies Mine Their Own Business , 2016, Financial Cryptography.

[12]  Amir Herzberg,et al.  Efficient Non-Interactive Zero-Knowledge Proofs in Cross-Domains without Trusted Setup , 2019, IACR Cryptol. ePrint Arch..

[13]  Serge Vaudenay,et al.  Analysis of DP3T , 2020, IACR Cryptol. ePrint Arch..

[14]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[15]  Tommy Koens,et al.  Efficient Zero-Knowledge Range Proofs in Ethereum , 2017 .

[16]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[17]  Fan Zhang,et al.  DECO: Liberating Web Data Using Decentralized Oracles for TLS , 2020, CCS.

[18]  Bernd Freisleben,et al.  Mind the GAP: Security & Privacy Risks of Contact Tracing Apps , 2020, 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom).

[19]  Vincent Lenders,et al.  Contact Tracing: An Overview of Technologies and Cyber Risks , 2020, ArXiv.

[20]  Serge Vaudenay,et al.  Centralized or Decentralized? The Contact Tracing Dilemma , 2020, IACR Cryptol. ePrint Arch..

[21]  Fan Zhang,et al.  Town Crier: An Authenticated Data Feed for Smart Contracts , 2016, CCS.

[22]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[23]  Joel Reardon,et al.  SwissCovid: a critical analysis of risk assessment by Swiss authorities , 2020, ArXiv.

[24]  Amr M. Youssef,et al.  Verifiable Sealed-Bid Auction on the Ethereum Blockchain , 2018, IACR Cryptol. ePrint Arch..

[25]  Sarah Meiklejohn,et al.  Smart contracts for bribing miners , 2018, IACR Cryptol. ePrint Arch..

[26]  Carmela Troncoso,et al.  Decentralized Privacy-Preserving Proximity Tracing , 2020, IEEE Data Eng. Bull..

[27]  Iuon-Chang Lin,et al.  Blockchain based smart contract for bidding system , 2018, 2018 IEEE International Conference on Applied System Invention (ICASI).

[28]  OpenSSL OpenSSL : The open source toolkit for SSL/TSL , 2002 .