Contact tracing via mobile applications is gaining significant traction in the battle against Covid-19. A plethora of contact tracing apps have been developed and deployed in several countries around the world. However, people are rightfully concerned about the security and privacy risks of such applications. To this end, the contribution of this work is twofold. First, we present an in-depth analysis of the security and privacy characteristics of the most prominent contact tracing protocols, under both passive and active adversaries. The results of our study indicate that all protocols are vulnerable to a variety of attacks, mainly due to the deterministic nature of the underlying cryptographic protocols. Our second contribution is the design of SpreadMeNot, a novel contact tracing protocol that can defend against most passive and active attacks, thus providing strong (provable) security and privacy guarantees that are necessary for such a sensitive application. Moreover, we experimentally demonstrate that SpreadMeNot---while being built on asymmetric crypto primitives---sports little overhead. Our detailed analysis, both formal and experimental, shows that SpreadMeNot satisfies security, privacy, and performance requirements, hence being an ideal candidate for building a contact tracing solution that can be adopted by the majority of the general public, as well as to serve as an open source reference for further developments in the field.

中文翻译：

---

SpreadMeNot：一种可证明安全且保护隐私的联系人跟踪协议

在与 Covid-19 的战斗中，通过移动应用程序进行的联系人跟踪正在获得巨大的吸引力。全球多个国家/地区开发并部署了大量联系人跟踪应用程序。然而，人们理所当然地担心此类应用程序的安全和隐私风险。为此，这项工作的贡献是双重的。首先，我们深入分析了被动和主动对手下最突出的联系人跟踪协议的安全和隐私特征。我们的研究结果表明，所有协议都容易受到各种攻击，这主要是由于底层加密协议的确定性。我们的第二个贡献是 SpreadMeNot 的设计，这是一种新颖的联系人跟踪协议，可以防御大多数被动和主动攻击，从而为此类敏感应用程序提供必要的强大（可证明）安全性和隐私保证。此外，我们通过实验证明了 SpreadMeNot——虽然是建立在非对称加密原语上的——但开销很小。我们的正式和实验详细分析表明，SpreadMeNot 满足安全、隐私和性能要求，因此是构建可被大多数公众采用的联系人跟踪解决方案的理想候选者，并作为该领域进一步发展的开源参考。