Several countries adopted the Google & Apple exposure notification system (GAEN) to slow the spread of the SARS-CoV-2 virus down. GAEN promised to guarantee security and privacy through a decentralized approach. In this paper, we report several relevant privacy and integrity threats in GAEN, including new attacks. GAEN's security issues are not inherent risks of contact tracing systems. Indeed, we also propose a system named Pronto-B2 which enjoys a much better resilience with respect to mass surveillance and replay attacks.
Privacy and Integrity Threats in Contact Tracing Systems and Their Mitigations / Avitabile, G.; Botta, V.; Iovino, V.; Visconti, I.. - In: IEEE INTERNET COMPUTING. - ISSN 1089-7801. - 27:(2023), pp. 13-19. [10.1109/MIC.2022.3213870]
Privacy and Integrity Threats in Contact Tracing Systems and Their Mitigations
Botta V.;Visconti I.
2023
Abstract
Several countries adopted the Google & Apple exposure notification system (GAEN) to slow the spread of the SARS-CoV-2 virus down. GAEN promised to guarantee security and privacy through a decentralized approach. In this paper, we report several relevant privacy and integrity threats in GAEN, including new attacks. GAEN's security issues are not inherent risks of contact tracing systems. Indeed, we also propose a system named Pronto-B2 which enjoys a much better resilience with respect to mass surveillance and replay attacks.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
