The short name or acronym of the protocol

DESIRE

In case multiple versions of the protocol exist, indicate the version number
1.0

edit

Technical descriptions/white papers describing the protocol. Provide one or more web addresses (one per line)

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf

edit

If the protocol has been formally verified, provide a pointer to the proof and/or articles or paper(s) describing those efforts

add

Claude Castelluccia, Nataliia Bielova, Antoine Boutet, Mathieu Cunche, Cedric Lauradoux, Daniel Le Métayer and Vincent Roca.

edit

People in the same location cannot be correlated to each other based on data sent upstream
Yes

edit

References for the field 'Co-location cannot be inferred'

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf Chapter 1.2 Private Encounter Tokens (PETs)

edit

Temporary IDs are generated and stored client-side
Yes

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf

edit

Assurance that future encounters will not be compromised by knowledge of current encounter
Yes

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf 1.2 Private Encounter Tokens (PETs)

edit

Assurance that past encounters are not be compromised by knowledge of current encounter
Yes

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf 3. Risk Analysis

edit

Attackers cannot trigger externally observable effects involving users they did not encounter
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf 3. Risk Analysis

edit

Messages exchanged contain an adequate integrity check
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 Appendix C. Bluetooth communications

edit

Users cannot broadcast identifiers they did not originate or were assigned
Yes

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf 1.2 Private Encounter Tokens (PETs)

edit

Can a malicious user impersonate others by replaying broadcasted signals
Yes

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0.pdf 1.2 Private Encounter Tokens (PETs) 3. Risk Analysis

edit

A passive adversary with physical proximity is unable to capture information not present IRL

add

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 3. Risk Analysis

edit

When users are near for multipe consecutive time slots, the combined data cannot be used to infer the length of an encounter.
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 2.4 Exposure Status Request

edit

Users who transmit reports never as a result reveal information to users they did not themselves come into contact with.
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 3. Risk Analysis

edit

Users can retrieve updates concerning their medical status without revealing information to anyone
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 note 29 on page 12

edit

Different keys of the same user cannot be feasibly linked in any way by a passive observer which is able to gather a set of sufficient size by continued observation
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 3. Risk Analysis

edit

No leaks of information to other apps through timing analysis

add

add

Can the user control the pruning behaviour of the recorded contacts? As in, can data that is no longer relevant be set to be automatically removed?
No

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 3. Risk Analysis

edit

An honest-but-curious server cannot learn information about user locations/contacts

edit

The time window of every contact is registered
Yes

edit

https://github.com/3rd-ways-for-EU-exposure-notification/project-DESIRE/raw/master/DESIRE-specification-EN-v1_0 2.1 Application Initialization

edit

If the protocol has a home page on the web, add the URL
https://hal.inria.fr/hal-02570382/

edit

If the protocol has a separate logo, please upload

add

Tags:
Created by Joost Agterhoek on 2020/07/24 11:34
    

Need help?

If you need help with XWiki you can contact:

reviewfacility
XWiki 11.10.3
contact@reviewfacility.eu