Encryption system for a secure contact tracing app

In the fight against Covid-19, an interdisciplinary research team at the Technical University of Munich (TUM) has developed a model for a contact tracing app that protects personal data. The concept is based on an encryption process that prevents the temporary contact numbers (TCNs) of infected individuals from ending up on the phones of their contacts. A prototype is now undergoing testing in cooperation with the ITO Open Source Consortium. The app has also successfully completed the Bluetooth Special Interest Group qualification process.

Researchers around the world are working hard on measures to bring the SARS-CoV-2 coronavirus under control. One approach seen as promising is the idea of slowing the spread of the virus by means of secure digital contact tracing based on a globally compatible app.

Among the research groups working on contact tracing apps is ContacTUM, an interdisciplinary team from the fields of physics, informatics, law, mathematics and medicine anchored by the physicist Prof. Elisa Resconi.

Warning the contact persons

The basic principle of contact tracing is to notify contacts of infected individuals with the help of an app. Mobile phones on which the app is installed exchange constantly changing, randomly generated TCNs (temporary contact numbers) using Bluetooth technology.

These TCNs are collected locally on the devices and stored there for a limited period of around two weeks. In case of a medically confirmed diagnosis of a Covid-19 infection, the individual’s contacts are anonymously notified using the contact tracing app.

Centralized or decentralized

The notification mechanism takes either the centralized or decentralized approach. In the centralized approach, the app uploads to a central server the TCNs of every contact person received by the infected individual’s device. The server then uses the TCNs to dispatch messages with the app in order to notify the corresponding contact persons of a potential infection.

The risk of the centralized approach: All of the data are stored at a single location. As a result, there is a high risk of abuse because it becomes possible to de-anonymize and disclose personal contacts as soon as the data on the server can be accessed.

In a decentralized approach, the infected individuals release only the TCNs transmitted by their own device to a server. These TCNs are downloaded from the server by all devices where the app is installed. The check to determine whether any of these “infected” TCNs were previously received now takes place locally on the individual devices. Consequently, the only party with knowledge of possible contact with an infected individual is the contact person himself – and not the central server.

More protection for infected individuals through encryption processes

ContacTUM has been working to build on this decentralized approach and make it more secure. The cross-checking of TCNs of infected individuals against those collected on mobile phones takes place without having to load the infected individuals’ TCNs onto the phones. This is possible with an encryption process known as private set intersection cardinality, which does not require information to be exchanged in plain text.

Under the ContacTUM concept, contact persons can thus be warned without their mobile phones being able to recognize the “infected” TCNs among the TCNs stored there.

“As a result, the risk scenario in which an attacker could combine the received TCNs with other information such as the date, time and location where the TCN was transmitted – which would endanger the anonymity of an infected person – is minimized to a large extent,” says physicist Kilian Holzapfel.

Privacy protection by design

“It’s important to us to ensure that data protection standards are met by design, in other words in the programming,” says Prof. Elisa Resconi. That is why Prof. Dirk Heckmann of the TUM School of Governance and Prof. Christian Djeffal of the Munich Center for Technology in Society have been involved in the project from the beginning, contributing their expertise in data protection and IT security.

TUM and ITO jointly develop app prototype

To develop an app prototype based on this principle, ContacTUM is working closely with ITO, an open source consortium of around 30 international developers who are open and transparent in all of their activities.

A prototype of the app is being tested with the Android operating system. The code is publicly available. “But it will still probably be a few weeks before an absolutely secure and technically flawless app is ready for use,” says Kilian Holzapfel.

Worldwide compatibility through cooperation with Bluetooth SIG

To ensure that future contact tracing apps worldwide are based on the same decentralized approach to guarantee international compatibility, ContacTUM has submitted a successful qualification request for its decentralized standard to Bluetooth SIG with the express support of leading international IT firms.

In addition, ContacTUM is a member of the TCN Coalition, which was co-founded by ITO. Alongside DP-3T, TCN is one of the major collaborative groups working on a decentralized contact tracing app.

Simulations to assess effectiveness of the app

Parallel to the app design work, a team within ContacTUM, led by the physicist Prof. Stefan Schönert and the mathematician Prof. Johannes Müller, has created simulations to identify the conditions under which the app can make a real difference in slowing the spread of covid-19. Based on initial computations, the scientists believe that, for this to be achieved, at least 60 percent of the population would have to install and use the contact tracing app. Their results also showed that the contacts of an infected person’s contacts would have to be notified without delay as well to break the infection chain.

Publications:

ContacTUM Consortium, ITO Consortium: Digital Contact Tracing Service: an improved decentralised design for privacy and effectiveness. April 17, 2020 (Working Paper)

ContacTUM Consortium: K. Holzapfel, M. Karl, L. Lotz, G. Carle, C. Djeffal, C. Haack, D. Heckmann, M. Köppl, P. Krause, L. Marx, S. Meighen-Berger, J. Pollmann, T. Pollmann, E. Resconi, S. Schönert, A. Turcati, C. Wiesinger

ITO Consortium: C. Allan, K. Bitterschulte, J. Buchwald, C. Fischer, J. Gampe, M. Häcker, J. Islami, A. Pomplun, S. Preisner, N. Quast, C. Romberg, C. Steinlehner, T. Ziehm

/Public Release. The material in this public release comes from the originating organization and may be of a point-in-time nature, edited for clarity, style and length. View in full here.