DP-3T
- The short name or acronym of the protocol
-
DP-3T
- In case multiple versions of the protocol exist, indicate the version number
-
2020-04-12
- Technical descriptions/white papers describing the protocol. Provide one or more web addresses (one per line)
-
https://github.com/DP-3T/documents/blob/master/DP3T%20White%20Paper.pdf
- If the protocol has been formally verified, provide a pointer to the proof and/or articles or paper(s) describing those efforts
-
https://blog.symbolic.software/2020/04/05/dp-3t-verifpal/
-
EPFL: Prof. Carmela Troncoso, Prof. Mathias Payer, Prof. Jean-Pierre Hubaux, Prof. Marcel Salathé, Prof. James Larus, Prof. Edouard Bugnion, Dr. Wouter Lueks, Theresa Stadler, Dr. Apostolos Pyrgelis, Dr. Daniele Antonioli, Ludovic Barman, Sylvain Chatel
ETHZ: Prof. Kenneth Paterson, Prof. Srdjan Capkun, Prof. David Basin, Dr. Jan Beutel, Dennis Jackson
KU Leuven: Prof. Bart Preneel, Prof. Nigel Smart, Dr. Dave Singelee, Dr. Aysajan Abidin
TU Delft: Prof. Seda Gürses
University College London: Dr. Michael Veale
CISPA Helmholtz Center for Information Security: Prof. Cas Cremers, Prof. Michael Backes
University of Oxford: Dr. Reuben Binns
University of Torino / ISI Foundation: Prof. Ciro Cattuto
University of Salerno: Prof. Giuseppe Persiano
IMDEA Software: Prof. Dario Fiore
University of Porto (FCUP) and INESC TEC: Prof. Manuel Barbosa
Stanford Univerity: Prof. Dan Boneh - People in the same location cannot be correlated to each other based on data sent upstream
-
- References for the field 'Co-location cannot be inferred'
-
- Temporary IDs are generated and stored client-side
-
-
- Assurance that future encounters will not be compromised by knowledge of current encounter
-
-
- Assurance that past encounters are not be compromised by knowledge of current encounter
-
-
- Attackers cannot trigger externally observable effects involving users they did not encounter
-
-
- Messages exchanged contain an adequate integrity check
-
-
- Users cannot broadcast identifiers they did not originate or were assigned
-
-
- Can a malicious user impersonate others by replaying broadcasted signals
-
-
- A passive adversary with physical proximity is unable to capture information not present IRL
-
-
- When users are near for multipe consecutive time slots, the combined data cannot be used to infer the length of an encounter.
-
-
- Users who transmit reports never as a result reveal information to users they did not themselves come into contact with.
-
-
- Users can retrieve updates concerning their medical status without revealing information to anyone
-
-
- Different keys of the same user cannot be feasibly linked in any way by a passive observer which is able to gather a set of sufficient size by continued observation
-
-
- No leaks of information to other apps through timing analysis
-
-
- Can the user control the pruning behaviour of the recorded contacts? As in, can data that is no longer relevant be set to be automatically removed?
-
-
-
- The time window of every contact is registered
-
-
- If the protocol has a home page on the web, add the URL
-
https://github.com/DP-3T/documents
- If the protocol has a separate logo, please upload
-
dp3t.jpg