Towards Defeating Mass Surveillance and SARS-CoV-2: The Pronto-C2 Fully Decentralized Automatic Contact Tracing System

Gennaro Avitabile, Vincenzo Botta, Vincenzo Iovino, and Ivan Visconti (University of Salerno)

Automatic contact tracing is currently used in several countries in order to limit the spread of SARS-CoV-2. Many governments decided to develop smartphone apps based on the “Exposure Notifications” designed by Apple and Google according to a decentralized approach previously proposed by the DP-3T team. Decentralization was pushed as a key feature to protect privacy in contrast to centralized approaches that could leverage automatic contact tracing to realize mass-surveillance programs.

In this work, taking into account the privacy and integrity vulnerabilities of DP-3T systems, we show the design of a decentralized contact tracing system named Pronto-C2 that has better resilience against various attacks. We also discuss the significant overhead of Pronto-C2 when used in real-world scenarios.

Paper

View More Papers

Refining Indirect Call Targets at the Binary Level

Sun Hyoung Kim (Penn State), Cong Sun (Xidian University), Dongrui Zeng (Penn State), Gang Tan (Penn State)

Does Every Second Count? Time-based Evolution of Malware Behavior...

Alexander Küchler (Fraunhofer AISEC), Alessandro Mantovani (EURECOM), Yufei Han (NortonLifeLock Research Group), Leyla Bilge (NortonLifeLock Research Group), Davide Balzarotti (EURECOM)

Reining in the Web's Inconsistencies with Site Policy

Stefano Calzavara (Università Ca' Foscari Venezia), Tobias Urban (Institute for Internet Security and Ruhr University Bochum), Dennis Tatang (Ruhr University Bochum), Marius Steffens (CISPA Helmholtz Center for Information Security), Ben Stock (CISPA Helmholtz Center for Information Security)

KUBO: Precise and Scalable Detection of User-triggerable Undefined Behavior...

Changming Liu (Northeastern University), Yaohui Chen (Facebook Inc.), Long Lu (Northeastern University)