Profile picture
, 7 tweets, 2 min read
My Authors
Read all threads
1/7: Hang on a minute, I have misunderstood something important. In my blog post I wrote of Tracetogether "Whenever you're within Bluetooth range of a person, you send them your ID, encrypted with the public key of the Singaporean authorities."
Is that what everyone else thought?
2/7: But their whitepaper actually says: "TempIDs are cryp-tographically generated by the backend service."
bluetrace.io/static/bluetra…
Those encrypted IDs you send out all the time are AES encryptions, generated for you by a central server, using a key you don't know.
3/7: The public-key-based system I thought they were using is described as an alternative that isn't implemented because of its computational burden. They add that this allows health authority monitoring by "logging the issuance of daily batches of TempIDs." Daily is a key word.
4/7: It seems to me this protocol difference has two huge implications:

a. You have no idea what is in those encrypted messages your phone sends via bluetooth, even if you inspect the source code for the app running on your phone.
5/7: b. Daily logging allows govt to detect whether you have the app running at least once each day. A slight update to hourly or more frequent downloads of encrypted IDs would allow more fine-grained constant surveillance of whether the app was running on your phone.
6/7: So now more than ever we need some clear explanation from the Australian government of what they're planning for their app that is 'based on' TraceTogether. Will they commit to phone-based generation of encrypted IDs? #auspol #COVID19au
7/7: It's an educational experience for me because, even though the source code is openly available, one of its most privacy-critical features remains obscure.

Was I the only person confused here?
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Vanessa Teague

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#auspol #COVID19au

More from @VTeagueAus see all

Profile picture
Vanessa Teague
@VTeagueAus
1/6: OK, let's think of a list of specific questions - I'll start with whether "What is being proposed is no different than our existing health surveillance system." In our current system, a health official asks an infected person for a list of people & places they've been near.
2/6: Some obvious differences:
- When relying on human memory, you might forget. Automation should be better.
- When relying on human memory, you can choose to omit certain people or places. Will Australia's app have that option, or will it be all-or-nothing?
#covid19australia
3/6:
- Human memory cannot usually be compelled (at least not in countries like Aus), but data can be compulsorily acquired, e.g. under TOLA. Will TOLA, and other laws about compulsory phone-opening, be amended to carve out contact data stored on your phone by the app? #auspol
Read 6 tweets
Profile picture
Vanessa Teague
@VTeagueAus
Here's the youtube video of my #LCA2020 talk.
#LCA2020 Links for further reading, including work by many others, e.g. @MichelleBlom8 @philipbstark @chrisculnane @GrahameBowland @SarahJamieLewis @pereiraucl

SwissPost/Scytl analysis git.openprivacy.ca/swiss-post-scy…

End-to-end Verifiability arxiv.org/pdf/1504.03778…
Some end-to-end verifiable systems
Helios heliosvoting.org
StarVote arxiv.org/abs/1211.1904
vVote bitbucket.org/vvote/
arxiv.org/abs/1404.6822

Risk Limiting Audits
stat.berkeley.edu/~stark/Preprin…

of complex votes
arxiv.org/abs/1903.08804… (IRV)
arxiv.org/abs/1610.00127 (Senate)
Read 3 tweets
Profile picture
Vanessa Teague
@VTeagueAus
Analysis with @SarahJamieLewis and Olivier Pereira of the SwissPost-Scytl e-voting system. people.eng.unimelb.edu.au/vjteague/Swiss… The code uses a trapdoor commitment scheme, so it is possible for an authority to provide a proof of a correct election outcome while actually manipulating votes.
This is exactly what verifiability is meant to prevent. They say they have now fixed it, but without an open public process for examining the code, we can't be sure whether other similar issues remain, or whether other Internet voting systems such as NSW iVote are also affected.
Nothing in our analysis suggests this problem was introduced deliberately. It is entirely consistent with a naive implementation of a complex cryptographic protocol by well-intentioned people who lacked a full understanding of its security assumptions & other important details.
Read 6 tweets

Embed code for your website

×
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!