Crypto Design for the project

[leontiad]

Currently the crypto machinery for the project is involved the following workflow:

1. The creation of the random IDs
2. Broadcasting them using BLE between mobiles in the range of BLE
3. Polling the random IDs of infected users on the mobile phones
4. Matching receiving IDs with local IDs

The threat model of the app can be seen as follows:

1. External mobile users not in the range of mobile users using the app should not receive anything
2. Mobile users in the range of user using the app are seeing only random IDs without being able to track anyone
3. Third parties as the relay server do not learn any identifiable information.

Proposal (WIP)

Random IDs

Model H as a hash function and r a random nonce. Time is split in time slots t_1,t_2,...,t_i.

Init Phase:

The app picks a random nonce r, which never leaves the device and it is used to create random looking beacons b_i for each location

1. H(r) = S
2. K_0 =random key

   Broadcast Phase

3. K_i = H(K_i-1)
4. H(K_i-1,t_i) = b_i

[dcale]

Hi @leontiad thank you for this feedback, can you please check and review the proposal we have here and tell me what you think: https://github.com/AndreasGassmann/WeTrace/wiki

[leontiad]

Hi @dcale it is not clear why you want to use public key encryption here. The above design overviews just sends pseudorandom ids, which are untraceable . It would be better to put your wiki doc to an issue in order to open discuss it