Several countries adopted the Google & Apple exposure notification system (GAEN) to slow the spread of the SARS-CoV-2 virus down. GAEN promised to guarantee security and privacy through a decentralized approach. In this paper, we report several relevant privacy and integrity threats in GAEN, including new attacks. GAEN's security issues are not inherent risks of contact tracing systems. Indeed, we also propose a system named Pronto-B2 which enjoys a much better resilience with respect to mass surveillance and replay attacks.
Privacy and Integrity Threats in Contact Tracing Systems and Their Mitigations
Iovino V.;Visconti I.
2023-01-01
Abstract
Several countries adopted the Google & Apple exposure notification system (GAEN) to slow the spread of the SARS-CoV-2 virus down. GAEN promised to guarantee security and privacy through a decentralized approach. In this paper, we report several relevant privacy and integrity threats in GAEN, including new attacks. GAEN's security issues are not inherent risks of contact tracing systems. Indeed, we also propose a system named Pronto-B2 which enjoys a much better resilience with respect to mass surveillance and replay attacks.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
