Closed luigigubello closed 4 years ago
The messages collected by Alice from Bob's application, through the bluetooth interface, have a message authentication code (mac), that is computed with Bob's key. This key is only shared with the server, and is unknown to Alice. So Alice is unable can change the datetime, but will not compute a new mac accordingly. When Alice will upload this fake message, it will be rejected by the server.
Thank you! I don't know how I failed to see the MAC explanation (pag. 8), sorry my fault. Thanks for the reply, I think I can close the issue :)
Important:
I may have misunderstood the document, if so please sorry in advance.
Page 5
Alice finds out she is positive to COVID-19, so she decides to upload her LocalProximityList but in a past time she edited this list (this list is in her phone, so she has the root privileges to edit it). She doesn't like Bob and at least one Bob's EBID is in her LocalProximityList, she is sure to know his EBID because she remembers the moment where they were together and alone in the previous days (so at that moment any other EBID could no be received). She adds many Bob's EBIDs to her LocalProximityList, inventing the datetime. So she uploads a fake LocalProximityList to the server. Now Bob sends his EBIDs - without a datetime - to the server and the server calculates the "risk score". In the server's database there are many fake Bob's EBIDs uploaded by Alice so Bob received the alert by the server.
I'm not sure, so my question is: is this scenario plausible? Does the server check the data it receives?
I really agree with this point.
Best regards, Luigi (I am sorry if it is a duplicate.)