Encryption system for a secure contact tracing app
Coronavirus: Research team testing decentralized contact tracing
2020-04-27 – News from the Physics Department
In the fight against Covid-19, an interdisciplinary research team at the
Technical University of Munich (TUM) has developed a model for a contact tracing
app that protects personal data. The concept is based on an encryption process
that prevents the temporary contact numbers (TCNs) of infected individuals from
ending up on the phones of their contacts. A prototype is now undergoing testing
in cooperation with the ITO Open Source Consortium. The app has also
successfully completed the Bluetooth Special Interest Group qualification
The goal of the research team is to develop a data protection-secure app for fighting corona.
– Image: iStockphoto.com / Geber86
Researchers around the world are working hard on measures to bring the
SARS-CoV-2 coronavirus under control. One approach seen as promising is
the idea of slowing the spread of the virus by means of secure digital
contact tracing based on a globally compatible app.
Among the research groups working on contact tracing apps is ContacTUM,
an interdisciplinary team from the fields of physics, informatics, law,
mathematics and medicine anchored by the physicist
Prof. Elisa Resconi.
Centralized or decentralized
The notification mechanism takes either the centralized or decentralized
approach. In the centralized approach, the app uploads to a central
server the TCNs of every contact person received by the infected
individual’s device. The server then uses the TCNs to dispatch messages
with the app in order to notify the corresponding contact persons of a
The risk of the centralized approach: All of the data are stored at a
single location. As a result, there is a high risk of abuse because it
becomes possible to de-anonymize and disclose personal contacts as soon
as the data on the server can be accessed.
In a decentralized approach, the infected individuals release only the
TCNs transmitted by their own device to a server. These TCNs are
downloaded from the server by all devices where the app is installed.
The check to determine whether any of these “infected” TCNs were
previously received now takes place locally on the individual devices.
Consequently, the only party with knowledge of possible contact with an
infected individual is the contact person himself – and not the central
More protection for infected individuals through encryption processes
ContacTUM has been working to build on this decentralized approach and
make it more secure. The cross-checking of TCNs of infected individuals
against those collected on mobile phones takes place without having to
load the infected individuals’ TCNs onto the phones. This is possible
with an encryption process known as private set intersection
cardinality, which does not require information to be exchanged in plain
Under the ContacTUM concept, contact persons can thus be warned without
their mobile phones being able to recognize the “infected” TCNs among
the TCNs stored there.
“As a result, the risk scenario in which an attacker could combine the
received TCNs with other information such as the date, time and location
where the TCN was transmitted – which would endanger the anonymity of an
infected person – is minimized to a large extent,” says physicist Kilian
Privacy protection by design
“It’s important to us to ensure that data protection standards are met
by design, in other words in the programming,” says Prof. Elisa Resconi.
That is why
Prof. Dirk Heckmann
of the TUM School of Governance and
Prof. Christian Djeffal
Munich Center for Technology in Society have been involved in the
project from the beginning, contributing their expertise in data
protection and IT security.
TUM and ITO jointly develop app prototype
To develop an app prototype based on this principle, ContacTUM is
working closely with
an open source
consortium of around 30 international developers who are open and
transparent in all of their activities.
A prototype of the app is being tested with the Android operating
code is publicly available.
“But it will still probably
be a few weeks before an absolutely secure and technically flawless app
is ready for use,” says Kilian Holzapfel.
Worldwide compatibility through cooperation with Bluetooth SIG
To ensure that future contact tracing apps worldwide are based on the
same decentralized approach to guarantee international compatibility,
ContacTUM has submitted a successful qualification request for its
decentralized standard to Bluetooth SIG with the express support of
leading international IT firms.
In addition, ContacTUM is a member of the
which was co-founded by ITO.
Alongside DP-3T, TCN is one of the major collaborative groups working on
a decentralized contact tracing app.
Simulations to assess effectiveness of the app
Parallel to the app design work, a team within ContacTUM, led by the
Prof. Stefan Schönert
Prof. Johannes Müller,
created simulations to identify the conditions under which the app can
make a real difference in slowing the spread of covid-19. Based on
initial computations, the scientists believe that, for this to be
achieved, at least 60 percent of the population would have to install
and use the contact tracing app. Their results also showed that the
contacts of an infected person’s contacts would have to be notified
without delay as well to break the infection chain.
Digital Contact Tracing Service: an improved decentralised design for privacy and effectiveness
ContacTUM Consortium, ITO Consortium
- ContacTUM Consortium:
- K. Holzapfel, M. Karl, L. Lotz, G. Carle, C. Djeffal, C. Haack, D. Heckmann, M. Köppl, P. Krause, L. Marx, S. Meighen-Berger, J. Pollmann, T. Pollmann, E. Resconi, S. Schönert, A. Turcati, C. Wiesinger
- ITO Consortium:
- C. Allan, K. Bitterschulte, J. Buchwald, C. Fischer, J. Gampe, M. Häcker, J. Islami, A. Pomplun, S. Preisner, N. Quast, C. Romberg, C. Steinlehner, T. Ziehm