CAPEN: Cryptographic accumulator based privacy preserving exposure notification

Abstract

Contact tracing has a significant contribution in preventing the rapid spread of infectious diseases. During the COVID-19 pandemic, local authorities, researchers and the tech industry focused on developing digital contact tracing applications to automate tracing efforts and improve its efficiency. While digital contact tracing was proven to be an efficient method to mitigate transmission, the security and privacy of the user data remains a major concern. In this paper we focused on digital tracing application data privacy issues and proposed Cryptographic Accumulator based Privacy Preserving Exposure Notification module (CAPEN). In the CAPEN module we used an asymmetric cryptographic accumulator and greatest common divisor (gcd) function to provide privacy for the user data while providing accurate verification. Additionally, the CAPEN module has a significantly lower communication complexity while sharing larger datasets. The CAPEN module is architecture independent and can be easily incorporated with any digital contact tracing system in order to prevent enumeration and social graph attacks without compromising contact verification accuracy.