2020
DOI: 10.48550/arxiv.2006.05914
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

Mind the GAP: Security & Privacy Risks of Contact Tracing Apps

Abstract: Contact tracing apps running on mobile devices promise to reduce the manual effort required for identifying infection chains and to increase the tracing accuracy in the presence of COVID-19. Since the beginning of the pandemic, several contract tracing apps have been proposed or deployed in practice by academia or academic-industrial consortia. While some of them rely on centralized approaches and bear high privacy risks, others are based on decentralized approaches aimed at addressing user privacy aspects. Go… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4

Citation Types

1
20
0

Year Published

2020
2020
2022
2022

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 8 publications
(21 citation statements)
references
References 4 publications
1
20
0
Order By: Relevance
“…We define and categorize the threat levels based on attackers' privilege levels regarding accessing RPI beacons in different realworld scenarios. These privilege levels are also compatible with the assumptions made in the existing literature [5], [6], [7], [8], [9], [10], [11]. In the walking trail and your neighbor models, an adversary can sniff a very limited amount of beacons for obtaining RPIs.…”
Section: Threat Models and Claimed Privacy Guaranteessupporting
confidence: 76%
See 4 more Smart Citations
“…We define and categorize the threat levels based on attackers' privilege levels regarding accessing RPI beacons in different realworld scenarios. These privilege levels are also compatible with the assumptions made in the existing literature [5], [6], [7], [8], [9], [10], [11]. In the walking trail and your neighbor models, an adversary can sniff a very limited amount of beacons for obtaining RPIs.…”
Section: Threat Models and Claimed Privacy Guaranteessupporting
confidence: 76%
“…As with all security solutions, the privacy guarantees of GAEN are relative. There certainly exist extreme scenarios (e.g., [3], [6], [7], [8], [19], [20]) where attackers may learn additional information. If an adversary has access to RPIs, TEKs, and RPI date-time information read by (say) thousands of users, then the adversary can profile a user's movement [3], [7], [6].…”
Section: Gaen's Privacy Wrt Threat Modelsmentioning
confidence: 99%
See 3 more Smart Citations