---
_id: '8987'
abstract:
- lang: eng
  text: "Currently several projects aim at designing and implementing protocols for
    privacy preserving automated contact tracing to help fight the current pandemic.
    Those proposal are quite similar, and in their most basic form basically propose
    an app for mobile phones which broadcasts frequently changing pseudorandom identifiers
    via (low energy) Bluetooth, and at the same time, the app stores IDs broadcast
    by phones in its proximity. Only if a user is tested positive, they upload either
    the beacons they did broadcast (which is the case in decentralized proposals as
    DP-3T, east and west coast PACT or Covid watch) or received (as in Popp-PT or
    ROBERT) during the last two weeks or so.\r\n\r\nVaudenay [eprint 2020/399] observes
    that this basic scheme (he considers the DP-3T proposal) succumbs to relay and
    even replay attacks, and proposes more complex interactive schemes which prevent
    those attacks without giving up too many privacy aspects. Unfortunately interaction
    is problematic for this application for efficiency and security reasons. The countermeasures
    that have been suggested so far are either not practical or give up on key privacy
    aspects. We propose a simple non-interactive variant of the basic protocol that\r\n(security)
    Provably prevents replay and (if location data is available) relay attacks.\r\n(privacy)
    The data of all parties (even jointly) reveals no information on the location
    or time where encounters happened.\r\n(efficiency) The broadcasted message can
    fit into 128 bits and uses only basic crypto (commitments and secret key authentication).\r\n\r\nTowards
    this end we introduce the concept of “delayed authentication”, which basically
    is a message authentication code where verification can be done in two steps,
    where the first doesn’t require the key, and the second doesn’t require the message."
article_processing_charge: No
author:
- first_name: Krzysztof Z
  full_name: Pietrzak, Krzysztof Z
  id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
  last_name: Pietrzak
  orcid: 0000-0002-9139-1654
citation:
  ama: 'Pietrzak KZ. Delayed authentication: Preventing replay and relay attacks in
    private contact tracing. In: <i>Progress in Cryptology</i>. Vol 12578. LNCS. Springer
    Nature; 2020:3-15. doi:<a href="https://doi.org/10.1007/978-3-030-65277-7_1">10.1007/978-3-030-65277-7_1</a>'
  apa: 'Pietrzak, K. Z. (2020). Delayed authentication: Preventing replay and relay
    attacks in private contact tracing. In <i>Progress in Cryptology</i> (Vol. 12578,
    pp. 3–15). Bangalore, India: Springer Nature. <a href="https://doi.org/10.1007/978-3-030-65277-7_1">https://doi.org/10.1007/978-3-030-65277-7_1</a>'
  chicago: 'Pietrzak, Krzysztof Z. “Delayed Authentication: Preventing Replay and
    Relay Attacks in Private Contact Tracing.” In <i>Progress in Cryptology</i>, 12578:3–15.
    LNCS. Springer Nature, 2020. <a href="https://doi.org/10.1007/978-3-030-65277-7_1">https://doi.org/10.1007/978-3-030-65277-7_1</a>.'
  ieee: 'K. Z. Pietrzak, “Delayed authentication: Preventing replay and relay attacks
    in private contact tracing,” in <i>Progress in Cryptology</i>, Bangalore, India,
    2020, vol. 12578, pp. 3–15.'
  ista: 'Pietrzak KZ. 2020. Delayed authentication: Preventing replay and relay attacks
    in private contact tracing. Progress in Cryptology. INDOCRYPT: International Conference
    on Cryptology in IndiaLNCS vol. 12578, 3–15.'
  mla: 'Pietrzak, Krzysztof Z. “Delayed Authentication: Preventing Replay and Relay
    Attacks in Private Contact Tracing.” <i>Progress in Cryptology</i>, vol. 12578,
    Springer Nature, 2020, pp. 3–15, doi:<a href="https://doi.org/10.1007/978-3-030-65277-7_1">10.1007/978-3-030-65277-7_1</a>.'
  short: K.Z. Pietrzak, in:, Progress in Cryptology, Springer Nature, 2020, pp. 3–15.
conference:
  end_date: 2020-12-16
  location: Bangalore, India
  name: 'INDOCRYPT: International Conference on Cryptology in India'
  start_date: 2020-12-13
date_created: 2021-01-03T23:01:23Z
date_published: 2020-12-08T00:00:00Z
date_updated: 2023-08-24T11:08:58Z
day: '08'
department:
- _id: KrPi
doi: 10.1007/978-3-030-65277-7_1
ec_funded: 1
external_id:
  isi:
  - '000927592800001'
intvolume: '     12578'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://eprint.iacr.org/2020/418
month: '12'
oa: 1
oa_version: Preprint
page: 3-15
project:
- _id: 258AA5B2-B435-11E9-9278-68D0E5697425
  call_identifier: H2020
  grant_number: '682815'
  name: Teaching Old Crypto New Tricks
publication: Progress in Cryptology
publication_identifier:
  eissn:
  - '16113349'
  isbn:
  - '9783030652760'
  issn:
  - '03029743'
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
series_title: LNCS
status: public
title: 'Delayed authentication: Preventing replay and relay attacks in private contact
  tracing'
type: conference
user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8
volume: 12578
year: '2020'
...