Gennaro Avitabile, Vincenzo Botta, Vincenzo Iovino, and Ivan Visconti (University of Salerno)

Automatic contact tracing is currently used in several countries in order to limit the spread of SARS-CoV-2. Many governments decided to develop smartphone apps based on the “Exposure Notifications” designed by Apple and Google according to a decentralized approach previously proposed by the DP-3T team. Decentralization was pushed as a key feature to protect privacy in contrast to centralized approaches that could leverage automatic contact tracing to realize mass-surveillance programs.

In this work, taking into account the privacy and integrity vulnerabilities of DP-3T systems, we show the design of a decentralized contact tracing system named Pronto-C2 that has better resilience against various attacks. We also discuss the significant overhead of Pronto-C2 when used in real-world scenarios.

View More Papers

Your Phone is My Proxy: Detecting and Understanding Mobile...

Xianghang Mi (University at Buffalo), Siyuan Tang (Indiana University Bloomington), Zhengyi Li (Indiana University Bloomington), Xiaojing Liao (Indiana University Bloomington), Feng Qian (University of Minnesota Twin Cities), XiaoFeng Wang (Indiana University Bloomington)

Read More

User Expectations and Understanding of Encrypted DNS Settings

Alexandra Nisenoff, Nick Feamster, Madeleine A Hoofnagle†, Sydney Zink. (University of Chicago and †Northwestern)

Read More

KUBO: Precise and Scalable Detection of User-triggerable Undefined Behavior...

Changming Liu (Northeastern University), Yaohui Chen (Facebook Inc.), Long Lu (Northeastern University)

Read More

To Err.Is Human: Characterizing the Threat of Unintended URLs...

Beliz Kaleli (Boston University), Brian Kondracki (Stony Brook University), Manuel Egele (Boston University), Nick Nikiforakis (Stony Brook University), Gianluca Stringhini (Boston University)

Read More