(Q4429)
Jump to navigation
Jump to search
Statements
5 April 2020
0 references
Upon installation, the app generates a key, which is a 32-bit random SK0 number, and registers with a central server with an ID different from SK0 and used by the server only to contact all registered apps for periodic updates related to infected people. Each app renews its key every day, calculating a new 32-bit random number SKt + 1 using a predefined hash function H1 having SKt as its argument.
0 references
This element of distributing SKt of devices owned by an infected person is a weak point with respect to privacy. In fact, when an app receives an SKt of an infected person, the corresponding EphIDs, could discover the identity of the person, because it can relate different EphIDs, which are otherwise unrelated, to the same original SKt.
0 references