Ivan Visconti

Thien Duc Nguyen, Markus Miettinen, Alexandra Dmitrienko et al.

The COVID-19 pandemic has caused many countries to deploy novel digital contact tracing (DCT) systems to boost the efficiency of manual tracing of infection chains. In this paper, we systematically analyze DCT solutions and categorize them based on their design approaches and architectures. We analyze them with regard to effectiveness, security, privacy, and ethical aspects and compare prominent solutions with regard to these requirements. In particular, we discuss the shortcomings of the Google and Apple Exposure Notification API (GAEN) that is currently widely adopted all over the world. We find that the security and privacy of GAEN have considerable deficiencies as it can be compromised by severe, large-scale attacks. We also discuss other proposed approaches for contact tracing, including our proposal TRACECORONA, that are based on Diffie-Hellman (DH) key exchange and aim at tackling shortcomings of existing solutions. Our extensive analysis shows thatTRACECORONA fulfills the above security requirements better than deployed state-of-the-art approaches. We have implementedTRACECORONA, and its beta test version has been used by more than 2000 users without any major functional problems, demonstrating that there are no technical reasons requiring to make compromises with regard to the requirements of DCTapproaches.

Vincenzo Botta, Laura Fusco, Attilio Mondelli et al.

A major problem in blockchain-based supply chain management is the potential unreliability of digital twins when considering digital representations of physical goods. Indeed, the use of blockchain technology to trace goods is obviously ineffective if there is no strong correspondence between what is physically exchanged and the digital information that appears in blockchain transactions. In this work, we propose a model for strengthening the supply chain management of physical goods by leveraging blockchain technology along with a digital-twin verification feature. Our model can be instantiated in various scenarios and we have in particular considered the popular case of food traceability. In contrast to other models known in the literature that propose their own ad-hoc properties to assess the robustness of their supply chain management systems, in this work we use the formalism of secure computation, where processes are described through generic and natural ideal functionalities.