User devices must send dummy data "of the same size" to central servers #144
Labels
protocol
Questions about the protocol/cryptography
will-close-soon-without-further-input
For discussions that seem resolved (or stalled). We do so to be able to handle new issues.
Dear contributors,
What is the proposition ?
Devices must send dummy data « of the same size (TBDL) » to the central system for covid negative and untested persons.
What is the threat ?
If the white paper does not include the proposition, there is a threat to a special case of man and the middle attacks.
Without dummy data, an attaquant can infer that some devices with IPs address x send network packets to central servers. And that therefore, those IP addresses belong to some people Covid positive.
Whereas with dummy data "of the same size", an attaquant can simply infer that some IP addresses have installed the application.
Why does the proposition remove this specific threat ?
An attaquant cannot process a packet without the right certificate. This is the purpose of using a secure connection.
But can start listening the network and say "there has been an exchange from A to central servers". Going further the attaquant can infer that the exchanges are of type "daily keys" by looking at the size / frequency / number of packets or other metadata.
If some device exchange to central servers this means that those device are Covid positive unless all devices exchange to central servers using dummy data for covid negative devices.
Does is apply to the Google/Apple protocol ?
Yes
Is there any references of this threat in DP3T papers ?
Yes and no, partially.
In the
DP3T - Data Protection and Security
paper, one can read:There is no mention of this for central servers as of 12/04/2020.
More on this for the case of HTTPS
The HTTPS protocol is encrypted above the HTTP application layer. That is the GET request (full URL) is encrypted in the HTTP header and an application eavesdropping on the network traffic will not be able to decrypt the traffic.
That said, you could log the IP addresses (especially those connected to servers on port 443 - HTTPS) as the IP layer is not encrypted with HTTPS.
This is what your netstat command does. It looks for TCP connections on your network card, and notes which ones are connecting to port 443 and observes the IP address of the HTTPS servers you are connecting to.
Alexandre Sarfati
The text was updated successfully, but these errors were encountered: