Privacy-Preserving Infection Exposure Notification without Trust in Third Parties

TL;DR

This paper proposes a privacy-preserving COVID-19 exposure notification system that does not rely on trust in third parties, using blockchain and blind signatures to enhance privacy and verifiability.

Contribution

It introduces a novel contact tracing mechanism that replaces trusted third parties with blockchain and cryptographic techniques for improved privacy and trustworthiness.

Findings

Higher verifiability of privacy protections with the proposed design

Use of blockchain for reporting positive cases enhances transparency

Application-side random number generation improves privacy

Abstract

In response to the COVID-19 pandemic, Bluetooth-based contact tracing has been deployed in many countries with the help of the developers of smartphone operating systems that provide APIs for privacy-preserving exposure notification. However, it has been assumed by the design that the OS developers, smartphone vendors, or governments will not violate people's privacy. We propose a privacy-preserving exposure notification under situations where none of the middle entities can be trusted. We believe that it can be achieved with small changes to the existing mechanism: random numbers are generated on the application side instead of the OS, and the positive test results are reported to a public ledger (e.g. blockchain) rather than to a government server, with endorsements from the medical institutes with blind signatures. We also discuss how to incentivize the peer-to-peer maintenance of the public ledger if it should be newly built. We show that the level of verifiability is much higher with our proposed design if a consumer group were to verify the privacy protections of the deployed systems. We believe that this will allow for safer contact tracing, and contribute to healthier lifestyles for citizens who may want to or have to go out under pandemic situations.