User devices must send dummy data "of the same size" to central servers

[arelaxend]

Dear contributors,

What is the proposition ?
Devices must send dummy data « of the same size (TBDL) » to the central system for covid negative and untested persons.

What is the threat ?
If the white paper does not include the proposition, there is a threat to a special case of man and the middle attacks.

Without dummy data, an attaquant can infer that some devices with IPs address x send network packets to central servers. And that therefore, those IP addresses belong to some people Covid positive.

Whereas with dummy data "of the same size", an attaquant can simply infer that some IP addresses have installed the application.

Why does the proposition remove this specific threat ?
An attaquant cannot process a packet without the right certificate. This is the purpose of using a secure connection.
But can start listening the network and say "there has been an exchange from A to central servers". Going further the attaquant can infer that the exchanges are of type "daily keys" by looking at the size / frequency / number of packets or other metadata.
If some device exchange to central servers this means that those device are Covid positive unless all devices exchange to central servers using dummy data for covid negative devices.

Does is apply to the Google/Apple protocol ?
Yes

Is there any references of this threat in DP3T papers ?
Yes and no, partially.
In the DP3T - Data Protection and Security paper, one can read:

To combat traffic analysis, apps will periodically upload data to the epidemiology research
lab, even if they have not been in contact with an infected person. More precisely, the app
picks a schedule for uploading data to the epidemiology research lab (e.g., once every 2
days). For every scheduled event, the phone creates an encrypted connection to the lab,
and uploads either the real data, or a dummy message of the same size.

There is no mention of this for central servers as of 12/04/2020.

More on this for the case of HTTPS

The HTTPS protocol is encrypted above the HTTP application layer. That is the GET request (full URL) is encrypted in the HTTP header and an application eavesdropping on the network traffic will not be able to decrypt the traffic.

That said, you could log the IP addresses (especially those connected to servers on port 443 - HTTPS) as the IP layer is not encrypted with HTTPS.

This is what your netstat command does. It looks for TCP connections on your network card, and notes which ones are connecting to port 443 and observes the IP address of the HTTPS servers you are connecting to.

Alexandre Sarfati

[lbarman]

Hi @arelaxend, thanks for your input ! We are aware of this and it should appear in some future version of the whitepaper.
Thanks.