Comments (7)
If what was published was ephids at risk (#14 might be in form of Bloom filters) - they would be able to prove that given at risk ephid was theirs, by using their sk_t private key.
I do not think this is possible now.
from documents.
i think an additional digital certificate issued by the backend for this specific EphID of at-risk user and can be verified by the health authorities can work as a proof.
from documents.
But proof of what proposition? The back-end doesn't know user's names or biometrics, so it can't be proof that the person called John Smith who is 167cm tall and has a certain fingerprint is at-risk. It sounds like just proof that a person was identified as at risk at a certain time, but that has no information value.
So then presumably the proof isn't just the existence of the certificate, but the bearing of it - the proposition is that the person who presented this certificate was at risk of having coronavirus, which seems easy to subvert by passing the cert to someone else for them to present as if it was theirs. The certificate would effectively be a bearer instrument.
from documents.
By the way I didn't raise this issue just to suggest there should be a way to make this proof - I expect there are trade off for and against, but I would leave it mostly to people who's job it is to think about such things to work out exactly what they are. If someone is able to prove something, then potentially they can be compelled to prove it, reducing their privacy. That's part of why electoral systems try to ensure people can't prove that they voted one way or the other.
from documents.
Part of a proof might be to at regular intervalls the client makes a hash of all collected ephids, and sends the hash to be timestamped and signed by a trusted server. Then if a SK is published after the signing, the user can prove that the collected records have not been tampered with.
Edit : A hash tree can be a better solution, since only a small portion of the recored ephids needs to be revealed in order to prove that it was recorded.
from documents.
@bdsl there are more than one way to use digital certificates as a registered instrument, the backend server doesn't need to know the biometrics of the person. within in the system boundaries, the person is Identified by EphID (to others) and by SK (to backend), using the decentralized nature of the system the healthcare authorities can validate everything the rest. the user's role in this is only to give consent to transfer "necessary" information from one entity to the other without being able to control or manipulate the content.
Using something like electronic seals that contains a document part to confirm the identity of the person (from backend perspective) and a valid seal to confirm his health-status can be enough to avoid most of the edge cases.
This can be elaborated with the following example:
- healthcare authority identify and test user, outside the system boundaries.
- In case of found infected, user reports infected to the application, backend server responds with encrypted/hashed form of user SK.
- user is directed to communicate to healthcare authorities, which issues an electronic seal to confirm positive test, the seal is generated by and attached to the encrypted SK.
- user sends the digital document received from healthcare authorities to backend server which does two things:
- validates the authenticity and integrity of the seal which means that it was issued by the correct legal entity and was not changed (there are many ways to achieve that beyond the scope of this conversation).
- decrypts the document part and verify that the SK is the same as sender's SK which means that it was not copied or published by a different person.
even if another person gives the healthcare authorities a fake or copied key and they issue him an infection digital seal, the backend will invalidate it because it will not match his own SK. Also healthcare authorities will not be able to match the physical identity of the user to his SK since they receive it in an encrypted form.
from documents.
Thank you all for your inputs !
As pointed out, only the health authorities can provide a "meaningful" proof (as in "John Smith is sick"), the backend knows no identities. Therefore, signatures/commitments will not solve the problem here, as two hackers (one infected and one not) can easily swap any credentials. This could be mitigated if we used TEEs on the phones.
Since solutions need to involve user identification and health authorities, this issue seems best solved outside the system (by keeping the diagnostic sheet the health authorities will give you).
Would this answer the question ?
Thanks
from documents.
Related Issues (20)
- Was DP-3T Exposure Calculation.pdf Android only? HOT 1
- Stability of distance estimation in case of using a bluetooth Extender HOT 2
- [Public Engagement] Visual Explainer / Scrollytelling on Privacy Preserving Proximity Tracing
- Mistake in communicating how information is passed around, in CH implementations of the apps HOT 3
- Reproducibility of Figure 1 in "DP3T - Exposure Score Calculation.pdf" HOT 3
- Risk calculation when exposed to multiple infectors both for < 15 min. HOT 7
- Naive secret sharing would allow for "jamming" on a non-physical level
- Why did the SwissCovid team not disclose the existence of the LASEC report? HOT 15
- Add support for multiple epidemics HOT 1
- [DOCUMENTATION] FAQ on Apple/Google framework issues HOT 1
- App feature request: Show stored app data as visualization of contact events HOT 3
- Schedule for F-Droid (and/or direct download) release of the Android app HOT 3
- [DOCUMENTATION] Cartoon, Dutch version, one pager: wrong text in picture 6. HOT 1
- Smartwatch App - Market Analysis (WearOS, WatchOS, Fitbit OS and Garmin Watch OS) and way forward HOT 1
- Who controls the 0xFD68 Bluetooth UUID?
- Potential privacy issue of new Exposure Notifications Express? HOT 3
- Wrong text on panel 6 of the NL onepage graphic HOT 1
- Update French onepage translation HOT 2
- Would like to understand the time window for notification
- Question: Where can I find the BLE MAC randomization code in DP^3T?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from documents.