I feel like the crypto in the COVID tracing apps is so simple that it doesn’t need much explanation. But I also see plenty of people nervous about the privacy these things provide. Is it worth explaining?
If I crack the downloaded dataset (which at least has to be in memory on the phone), can't I narrow down the time to a 10 minute window anyway?
-
-
Yes, you can do that with the current scheme because pseudo ID X are derived from time T and key K. Knowing K and X, you can brute-force T. I hope that this time-based derivation will go away.
-
If you're going to that volume of data, doing 63-bit ECDH between bluetooth senders is doable. Distribute a cuckoo filter to find the matches. That removes correlation and passive attacks. Though it does take bi-directional bluetooth ID receipt instead of unidirectional.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.