Robust ambiguity for contact tracing
This addresses privacy concerns in contact tracing systems for public health applications, but it is incremental as it builds on prior work.
The paper tackles the privacy issue in decentralized contact tracing where users can identify infected contacts, by proposing a modified DH-based protocol that is robust against malicious users and establishes security properties.
A known drawback of `decentralised' contact tracing architectures is that users who have been in contact with an infected person are able to precisely identify the relevant contact, and thereby perhaps identify the infected person. In their proposal, the PACT team discuss a simple DH-based protocol to mitigate this problem, but dismiss it because it is vulnerable to a malicious user who may deviate from the specified behaviour. This note presents a modified protocol which achieves robustness against a fully malicious user, and establishes some simple security properties.