bluetooth based contact tracing
play

Bluetooth Based Contact Tracing Scheme for Hamagen Benny Pinkas - PowerPoint PPT Presentation

Aug 11, 2023 •17 likes •447 views

Hashomer: A Proposal for a Privacy-Preserving Bluetooth Based Contact Tracing Scheme for Hamagen Benny Pinkas Eyal Ronen Some disclaimers We are not that kind of doctors (medical / epidemiology) We do not represent the Israeli Ministry

  1. Hashomer: A Proposal for a Privacy-Preserving Bluetooth Based Contact Tracing Scheme for Hamagen Benny Pinkas Eyal Ronen

  2. Some disclaimers • We are not that kind of doctors (medical / epidemiology) • We do not represent the Israeli Ministry of Health • We would not talk about the crypto details (see white paper) • We will talk about our views on what is contact tracing • Centralized vs. De-centralized • The DP3T / GAPPLE solutions vs. our own • What we think is the right solution for Israel

  3. One of the main problems of COVID19 • Sdfg Image taken from DP3T

  4. People meet each other

  5. Alice is identified as COVID-19 positive

  6. Need to inform whoever met Alice

  7. Manual Contact Tracing • Manual epidemiologic interrogation • Where have you been in the last two weeks? • Hard to remember exact location and times • Exposure defined as under 2 meter for over 15 minutes • Who you have met? • Some contacts are unknown • Notify all of you contacts • How to notify unknown contacts? Initial solution: publish list of locations • A labor intensive and inefficient process • Very coarse grain and inaccurate information • Hard to scale to a large number of new positives

  8. How can contacts be automatically traced? • Cellular information • Pros: global, does not depend on user cooperation • Cons: accuracy wise - inaccurate privacy wise - tracks location rather than contacts government may learn locations of all people. • Same arguments apply to similar types of surveillance: credit card purchases, security cams, etc. • Homomorphic encryption and MPC • Might be used for processing data while limiting the risk, but will not mitigate it completely. Do not scale up well.

  9. How can contacts be automatically traced? • Location data gathered on the device itself: GPS, wifi signals, etc. • Pros: More accurate • Cons: Still inaccurate (especially indoors) Tracks location rather than contacts Requires cooperation by users (install an app; must convince users that this is for their own good) Privacy wise: depends on the specific solution

  10. Contact tracing in Israel • Manual epidemiologic interrogation • Fine grained - individual contacts or specific locations • Coarse grained – closing whole schools or workplaces • Shabak - based on cellular networks (and other information?) • List of customers at restaurants • Wide and disturbing impacts on privacy • Still not very accurate

  11. Contact tracing in Israel • Hamagen privacy preserving GPS based solution • Devices keep a log of their whereabouts • Devices retrieve a list of infected persons' locations generated from manual interrogation • Locally compare it to the user's GPS history • Alert for possible exposure with time and location • Preserve privacy for healthy users nothing leaves the device • Almost no privacy for infected persons MoH redacts sensitive locations • GPS has low accuracy, especially inside buildings. Large number of false positives.

  12. Bluetooth Low Energy (BLE) tracking • Can identify other devices in close range BLE • Privacy issues • Can ’ t just publish MAC address • Technical issues • Distance and duration estimations depend on multiple factors (model, obstructions...) • BLE must be sent/received in the background • Power consumption ? • Effective only if both devices support the protocol • For full utility, 60% of users must install. Still good if fewer people install.

  14. In an Ideal World Trusted Party etc. …

  15. In an Ideal World Knows all contacts (not necessarily locations)

  16. In an Ideal World Knows all contacts

  17. Centralized Output The government

  18. Centralized Output The government stay at home! Government does not learn about the contacts of non-infected people (in this ideal implementation)

  19. De Decentralized Output Data which enables to identify contacts

  20. De Decentralized Output Data which enables to identify contacts Oops Oops Oops Government learns nothing, unless those who contacted the sick person want to report about this

  21. De Decentralized Output Data which enables to identify contacts Oops Oops Oops Government learns nothing, unless those who contacted the sick person want to report about this

  22. Centralized vs. Decentralized • Who controls the data? (government vs. users) • Who gets the output? (government vs. users) • Centralized (Singapore, Australia, UK?): we must trust that the government does not misuse its power • Even more so in real world implementations of this model • Decentralized (Europe / GAPPLE): we must trust that users will do the right thing

  23. Real World Implementation of the Centralized model In the real world, the implementation of the centralized model might reveal to the government who was in contact with whom

  24. Our Approach • Users must trust that the system preservers their rights • Otherwise they will “cheat” • Government might fight that, but we don’t want to get there

  25. Basic centralized design • Government chooses the values sent over BLE • (simplification) Each device encrypts its identity (plus the time) under the government's public key, and broadcasts it over BLE

  26. Basic centralized design • Government chooses the values sent over BLE • (simplification) Each device encrypts its identity (plus the time) under the government's public key, and broadcasts it over BLE • Users who receive such messages keep them (but cannot decrypt)

  27. Basic centralized design • When a user is sick, it sends to the government all encrypted ids that it received

  28. Basic centralized design • When a user is sick, it sends to the government all encrypted ids that it received • The government decrypts these ids and tells the corresponding people to quarantine stay at home!

  29. Basic centralized design • When a user is sick, it sends to the government all encrypted ids that it received • The government decrypts these ids and tells the corresponding people to quarantine stay at home! • Can be misused • Stored ids can be subpoenaed or compromised • Passive receivers can be used to accurately track users • Many more...

  30. Basic decentralized design • Every 5 minutes each device picks a random value and broadcasts it over BLE

  31. Basic decentralized design • Every 5 minutes each device picks a random value and broadcasts it over BLE rand1, rand2, ... • If user is COVID positive, he can choose to give the government the list of values that he broadcasted

  32. Basic decentralized design • The government broadcasts the random values received from all new COVID+ people rand values of all new sick users

  33. Basic decentralized design • The government broadcasts the random values received from all new COVID+ people rand values of all • All users compare this list to the values that they new sick users received • If there is a match then they can choose to report match ? this

  34. Google/Apple • Similar to the DP-3T decentralized design • Similar to basic design • Generate random key for each day • Ephemeral IDs for the day are all derived from the daily key • Infected person's daily "Temporary Exposure Keys" are broadcasted to all users • Reduces the communication complexity • 1000 positives × 14 days × 24 hours × 4 ids per hour × 16 Bytes ~ 21 MB • 1000 positives × 14 days × 16 Bytes ~ 0.2MB

  35. Tradeoff Between Privacy and Explainability • Do we protect the privacy of infected persons? • Depends on the information given to users, but basically NO • GAPPLE / DP3T only reveal the day of the contact • No explainability • No way to filter false positives • Doesn't seem to be a problem for DP3T in Switzerland • Only protects privacy against receivers which follow the protocol • In Israel locations and times are published • We suggest revealing location and coarse time of contact

  36. Linkability and Partial Disclosure • GAPPLE / DP3T send a single key per day, which allows linking all IDs that an infected person sent on the same day • It is also impossible to redact "sensitive" time periods • We suggest using hourly keys • Using a "Tree" like key derivation scheme to allow flexible tradeoff between privacy and communication complexity • And allowing the user or MoH to redact different periods of time • Better privacy

  37. Relay Attacks • Attack Scenario • BT receiver is placed in an emergency room • BT transmitter is placed in a busy supermarket rand

  38. Protecting against Relay Attacks • GAPLLE / DP3T is insecure wrt these attacks • We suggest sending the user's coarse grain geohash • Receiver anyway knows this location • Use authenticated encryption, key revealed only for infected persons • Server does not learn the location • Tradeoff between security and privacy • Location information stored on device might be compromised or subpoenaed • More advance attacks still possible • e.g., colluding with an infected person

  39. Proving exposure to COVID+ • In DP3T/GAPPLE, users can So you can ’ t just claim that they were Did anyone see any of take the exam exposed to a patient these values sent by new tomorrow … sick users? • Our design enables users to prove that they were exposed I did!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On Bluetooth-Based Contact-Tracing Smartphone Applications Principles and Controversies Lo

On Bluetooth-Based Contact-Tracing Smartphone Applications Principles and Controversies Lo

@lpp_crypto On Bluetooth-Based Contact-Tracing Smartphone Applications Principles and Controversies Lo Perrin 2nd of June, 2020 GdT Maths4covid19 Theory Practice ... but then why is everyone at each others throat? How is a

1.56k views • 91 slides
Contact Tracing Goals of Contact Tracing Rapidly identify all persons with close contact to a

Contact Tracing Goals of Contact Tracing Rapidly identify all persons with close contact to a

Florida Department of Health in Lee County Contact Tracing Goals of Contact Tracing Rapidly identify all persons with close contact to a confirmed or probable COVID-19 positive case. Ensure all close contacts identified are notified and

644 views • 11 slides
COVID-19 Contact Tracing in Schools Louisiana Department of Health Office of Public Health

COVID-19 Contact Tracing in Schools Louisiana Department of Health Office of Public Health

COVID-19 Contact Tracing in Schools Louisiana Department of Health Office of Public Health Importance of Contact Tracing It is critical to conduct im Timely and thorough contact immediate contact tracing and identify all tracing can

1.29k views • 20 slides
Contact Tracing Commonwealth of Kentucky Department for Public Health Engagement Event

Contact Tracing Commonwealth of Kentucky Department for Public Health Engagement Event

Contact Tracing Commonwealth of Kentucky Department for Public Health Engagement Event Presentation Contact Tracing Overview Kentucky is implementing Contact Tracing to help stop the spread of diseases like COVID-19 and help Kentuckians stay

269 views • 7 slides
Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth

Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth

Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth Today Bluetooth Special Interests Group Compatible with a multitude of devices Widespread IEEE Standard Secure

230 views • 7 slides
COVID-19 Use Case Contact Tracing simplycast.com | info@simplycast.com | 866-323-6572 ext. 1

COVID-19 Use Case Contact Tracing simplycast.com | info@simplycast.com | 866-323-6572 ext. 1

COVID-19 Use Case Contact Tracing simplycast.com | info@simplycast.com | 866-323-6572 ext. 1 Introduction This use case is designed to aid health officials with the contact tracing process when someone tests positive for COVID-19. Through

376 views • 12 slides
Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by

Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by

Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by Nokia as Wibree (2001) Bluetooth Smart Why has BLE been so Successful? Rapid adoption by vendors Apple Samsung Simple design Cheap in

422 views • 20 slides
Ray tracing Computer Graphics 2006 Based on slides by: Santa Clara University Ray Tracing

Ray tracing Computer Graphics 2006 Based on slides by: Santa Clara University Ray Tracing

Ray tracing Computer Graphics 2006 Based on slides by: Santa Clara University Ray Tracing What is it? Why use it? Basics Advanced topics References Ray-Tracing: Why Use It? Simulate rays of light Produces natural

705 views • 59 slides
Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda

Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda

ITE Mid-Colonial District Annual Meeting April 29, 2010 Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda Bluetooth and How It Works The BlueTOAD TM Device Evaluation Project

270 views • 22 slides
Advanced Ray Tracing 1 2/8/2006 Distributed Ray Tracing Distributed ray tracing is an

Advanced Ray Tracing 1 2/8/2006 Distributed Ray Tracing Distributed ray tracing is an

Advanced Ray Tracing 1 2/8/2006 Distributed Ray Tracing Distributed ray tracing is an elegant technique that tackles many problems at once Stochastic ray tracing: distribute rays stochastically across pixel Distributed ray tracing:

327 views • 8 slides
10,000 TESTS/DAY GOAL MET 300,444 TESTS COMPLETED TO DATE INCREASED CONTACT TRACING NEARLY

10,000 TESTS/DAY GOAL MET 300,444 TESTS COMPLETED TO DATE INCREASED CONTACT TRACING NEARLY

10,000 TESTS/DAY GOAL MET 300,444 TESTS COMPLETED TO DATE INCREASED CONTACT TRACING NEARLY 500% TO FIND AND FIGHT THE VIRUS STATEWIDE POSITIVITY RATE 26.9% 4/17 12.8% 5/26 DEATHS PER DAY HOSPITALIZATIONS AND ICU EFFECTIVE FRIDAY, MAY 29

433 views • 15 slides
MIT 6.837 - Ray Tracing Ray Tracing MIT EECS 6.837 Most slides are taken from Frdo Durand and

MIT 6.837 - Ray Tracing Ray Tracing MIT EECS 6.837 Most slides are taken from Frdo Durand and

MIT 6.837 - Ray Tracing Ray Tracing MIT EECS 6.837 Most slides are taken from Frdo Durand and Barb Cutler Some slides courtesy of Leonard McMillan 1 2 Ray Tracing Ray Tracing Ray Tracing kills two birds with one stone: Solves the

327 views • 11 slides
Norways COVID-19 app Eivind Arvesen, Sep. 3rd 2020 How to Get People to Use Contact Tracing

Norways COVID-19 app Eivind Arvesen, Sep. 3rd 2020 How to Get People to Use Contact Tracing

Norways COVID-19 app Eivind Arvesen, Sep. 3rd 2020 How to Get People to Use Contact Tracing Apps Amsterdam Smart City Who am I? Eivind Arvesen Consultant @ Bouvet (Oslo, Norway) Privacy and security Senior software developer

318 views • 17 slides
The Rise (and Fall?) of (De)Centralized Automatic Contact Tracing Gennaro Avitabile, Vincenzo

The Rise (and Fall?) of (De)Centralized Automatic Contact Tracing Gennaro Avitabile, Vincenzo

The Rise (and Fall?) of (De)Centralized Automatic Contact Tracing Gennaro Avitabile, Vincenzo Botta, Vincenzo Iovino, Ivan Visconti (DIEM - University of Salerno) How to Notify Risks of Infection? Matthew Green on March 19: (more or less)

226 views • 22 slides
BASIC PRICIPLE ASIC PRICIPLES 1. Seamless collaboration between Law Enforcement, Investigators

BASIC PRICIPLE ASIC PRICIPLES 1. Seamless collaboration between Law Enforcement, Investigators

BASIC PRICIPLE ASIC PRICIPLES 1. Seamless collaboration between Law Enforcement, Investigators and Health Authorities 2. Mass testing is critical to contact tracing 3. Transparency enhances contact tracing 4. Cognitive Interviewing skill is

505 views • 13 slides
Localized Contact Tracing for COVID-19 May 18, 2020 Anthony C. Leachon, MD, FPCP, FACP Special

Localized Contact Tracing for COVID-19 May 18, 2020 Anthony C. Leachon, MD, FPCP, FACP Special

Harnessing the Localized Contact Tracing for COVID-19 May 18, 2020 Anthony C. Leachon, MD, FPCP, FACP Special Adviser to the National Task Force for COVID-19 Past President, Philippine College of Physicians Outline 1. Global data and local

461 views • 24 slides
Abstract Meta-learning, or learning to learn, has gained renewed interest in recent years within

Abstract Meta-learning, or learning to learn, has gained renewed interest in recent years within

Abstract Meta-learning, or learning to learn, has gained renewed interest in recent years within the artificial intelligence community. However, meta-learning is incredibly prevalent within nature, has deep roots in cognitive science and

864 views • 74 slides
Excess power trigger generator Patrick Brady and Saikat Ray-Majumder University of

Excess power trigger generator Patrick Brady and Saikat Ray-Majumder University of

Excess power trigger generator Patrick Brady and Saikat Ray-Majumder University of Wisconsin-Milwaukee LIGO Scientific Collaboration G030XXX-00-Z Excess power method: the basic idea The basic idea: Pick a start time, a duration

654 views • 12 slides
Detecting Axion Dark Matter with Superconducting Qubits Akash Dixit, Ankur Agrawal, Srivatsan

Detecting Axion Dark Matter with Superconducting Qubits Akash Dixit, Ankur Agrawal, Srivatsan

Detecting Axion Dark Matter with Superconducting Qubits Akash Dixit, Ankur Agrawal, Srivatsan Chakram, Ravi Naik, Jonah Kudler-Flam, Aaron Chou, David Schuster University of Chicago avdixit@uchicago.edu 1 Outline of Talk Moving from phase

936 views • 26 slides
Disassemblers Instruction Set Reverse Engineering Agenda Motivation Introduction to the

Disassemblers Instruction Set Reverse Engineering Agenda Motivation Introduction to the

Building Custom Disassemblers Instruction Set Reverse Engineering Agenda Motivation Introduction to the playing field How to obtain byte code Recognizing basic properties of the byte code Implementing an IDA Pro processor

663 views • 52 slides
CPSC 533 Philosophical Foundations of Artificial Intelligence Presented by: Arthur Fischer

CPSC 533 Philosophical Foundations of Artificial Intelligence Presented by: Arthur Fischer

CPSC 533 Philosophical Foundations of Artificial Intelligence Presented by: Arthur Fischer Philosophical Questions in AI How can mind arise from nonmind? (This is the mind-body problem. ) How can there be free will in the mind, if the

393 views • 27 slides
Overcoming high nanopore basecaller error rates for DNA storage via basecaller-decoder

Overcoming high nanopore basecaller error rates for DNA storage via basecaller-decoder

Overcoming high nanopore basecaller error rates for DNA storage via basecaller-decoder integration and convolutional codes Shubham Chandak Stanford University ICASSP 2020 Team and funding Reyna Peter Shubham Kedar Joachim Jay Billy

339 views • 32 slides
Applications 28 th 31 th May 2017 Ringberg Castle Status DHPT 1.2b Leonard Germic, B.

Applications 28 th 31 th May 2017 Ringberg Castle Status DHPT 1.2b Leonard Germic, B.

21 st International Workshop on DEPFET Detectors and Applications 28 th 31 th May 2017 Ringberg Castle Status DHPT 1.2b Leonard Germic, B. Paschen, F. Ltticke, T. Hemperek, C. Marinas, H. Krger and Norbert Wermes 21 st International

529 views • 29 slides
PVMD Delft University of Technology Chalcogenide solar cells 2 I II III IV V VI He 5 6

PVMD Delft University of Technology Chalcogenide solar cells 2 I II III IV V VI He 5 6

CIGS technology - Material Ren van Swaaij PVMD Delft University of Technology Chalcogenide solar cells 2 I II III IV V VI He 5 6 7 8 9 10 B C N O F Ne 13 14 15 16 17 18 Al Si P S Cl Ar 29

563 views • 34 slides

More recommend