Abstract

Contact tracing in case of pandemic is becoming an essential mitigation tool for national health services to break infection chains and prevent the virus from spreading further. To support manual tracing, several countries have been developing contact tracing apps that detect nearby mobile phones using Bluetooth. Such data collection raised privacy concerns and several privacy-preserving protocols have been proposed to prevent the leakage of personal and sensitive information. These solutions are mainly divided into two categories using a centralized or a decentralized exposure score computation. However, both approaches depict limitations. This article presents Desire , a novel exposure notification system that leverages the best of centralized and decentralized systems. As opposed to existing contact tracing schemes, Desire leverages Private Encounter Tokens ( Pets ) generated locally on the device that uniquely identify an encounter between two nodes while being private and unlinkable by the server. The role of the server is merely to match PETs generated by diagnosed users with the pets provided by requesting users. Our privacy risk analysis shows that Desire drastically improves privacy against malicious users (i.e., limitation of decentralized systems) and authority (i.e., limitation of centralised systems). We implemented Desire , evaluated it in real condition, and show it feasibility.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.