Tracking Covid-19 Without Sacrificing Privacy
Secure contact tracking has proven challenging to implement, because even if a user’s contact data is encrypted, it is still difficult to hide the user’s metadata, which could be used to determine a user’s identity, furthermore, many existing tracking software implementations may require a user to send sensitive information such as location data to be processed by a central authority. Current systems such as DP-3T and COVIDSafe do not provide anonymity or much privacy protection. It is also not guaranteed that the data collected will not be used for marketing, commercial gain, or law enforcement.
Khopesh is a new secure contact tracking system that offers strong privacy guarantees, hiding both a user’s contacts and location data. This is made possible through the use of identity-based encryption, mix networks, and a novel technique called secure-contact contract signing, which enables groups of users to view each other's reports.