The main goal of proximity tracing mobile applications is to notify people that they have been in close proximity of COVID-19 virus carriers in the last N days even though the carriers who did not have symptoms and were not even tested at the time of interaction. Ensuring the highest data protection and security standards will encourage a quick and broad adoption by citizens.
This document proposes a ROBust and privacy-presERving proximity Tracing (ROBERT) scheme that relies on a federated server infrastructure and temporary anonymous identifiers with strong security and privacy guarantees.
The ROBERT scheme is the result of a collaborative work between Inria (collaborative effort led by the PRIVATICS team) and Fraunhofer AISEC. We are a group of privacy and security researchers. We have put a lot of effort to analyze the security and privacy implications of our protocol, and we are now happy to provide the first version to the community for scrutiny and feedback. Any comment to improve it is welcome.
-
the detailed technical specification of the protocol (current version is v1.1). In order to easily see the differences between versions 1.0 and 1.1, a diff file (in HTML format) is available
-
a high-level discussion on the misleading debate about centralised versus decentralised approaches
-
a simplified high-level overview of the protocol along with an FAQ (in English and French)
-
a comic that explains ROBERT protocol and answers basic questions (in English and French)
We will be happy to receive your constructive comments and questions using the standard "issues" tab above. The "pull requests" tab is not expected to be usefull in this context.
Please refrain from discussing technical aspects of ROBERT protocol on Twitter. We encourage you instead to create a new "issue" or continue discussing in an existing non-closed "issues" thread.
Contact us at (robert-contact@inria.fr)
-
If you’re not familiar with GitHub and you need help
-
If you have a similar project and you would like to exchange or collaborate