An analysis of the ROBERT spec pointed to a possible privacy issue concerning the upload of the local proximity list.
According to spec, the phone stores only the last 14 days, but it never validates that the length of the contagious period (starting date and end data given by the HA) is no more than 14. From the manual, I know that you type in a TAN to upload your keys. From the source, I've seen that the upload validates the 14 day window, but does not take into account the contagious period supposedly set by the health authority (HA). If the HA could set a larger window (or does by accident), then a network attacker could potentially run the key reveal on different days (by blocking communication with the server after TAN entry) and obtain keys for a longer period then 14 days.
This is likely handled by the implementation, but I could not verify this with the source code.
Hi!
An analysis of the ROBERT spec pointed to a possible privacy issue concerning the upload of the local proximity list.
According to spec, the phone stores only the last 14 days, but it never validates that the length of the contagious period (starting date and end data given by the HA) is no more than 14. From the manual, I know that you type in a TAN to upload your keys. From the source, I've seen that the upload validates the 14 day window, but does not take into account the contagious period supposedly set by the health authority (HA). If the HA could set a larger window (or does by accident), then a network attacker could potentially run the key reveal on different days (by blocking communication with the server after TAN entry) and obtain keys for a longer period then 14 days.
This is likely handled by the implementation, but I could not verify this with the source code.