From a look at the Cryptography paper, this looks basically the same as #DP3T design one, though with the anonimity benefit of rotating Mac addresses and ephemeral IDs at the same time. It's a good set of trade-offs.https://www.apple.com/newsroom/2020/04/apple-and-google-partner-on-covid-19-contact-tracing-technology/ …
-
-
It has to be relayed within the 10 minute window but obviously it's possible to leave a phone in the ER of some hospital and have it constantly upload all the high-risk Bluetooth IDs and immediately relay them to all the attack targets elsewhere.
-
Yep, it's also a hard attack to mitigate. Even you add some kind of active authentication, a bi-directional replay would defeat that too. Just like those amplifier attacks on wireless car fobs.
- 1 more reply
New conversation -
-
-
Failure to secure the user's identity before letting them issue EphIDs opens the system up to even stronger attackshttps://twitter.com/ristad/status/1248438067276496896 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.