Solutions/Criteria | Security | Privacy |
DP-3T | Vulnerable against Replay Attacks. | Encounters information can be revealed. |
Interactive Protocol [7] | Prevent Replay Attacks if the same course times are used. | Digital evidence is protected only to a certain degree if small tags are used. |
Delayed Authentication Scheme [8] | Probably prevents replay attacks. | Digital evidence about encounters can be revealed in parties deflecting from the protocol. |
Our Proposed Solution | 1. Prevents 100% of Replay attacks whereby Receiver’s location hash differs from Broadcast’s Location Hash. 2. Prevents 100% of Replay attacks whereby Receiver’s date time differs from Broadcast’s date time. 3. Prevents 100% of Total Replay attacks whereby broadcasts have different locations and different date times as compared to the receiver, ephemeral keys that have passed their validity period, and/or broadcasts that have already been received by the receiver. 4. Any broadcast that does not fulfil all four criteria needed to be accepted is automatically flagged as a replayed broadcast, resulting in an acceptance rate of only 9.10% in a batch of 11 receivers with variable locations and date times. 5. The acceptance rate can be increased by making date times or location coordinates coarser. | Location Hashes prevent encounters from being disclosed. |