Let's do an English thread on the French (and EU) Health Pass.
It launches tomorrow (mandatory for large events), and is very similar to the EU Digital COVID Certificate. However the implementation is a privacy nightmare: a central server gets a live view of who uses their pass!
It launches tomorrow (mandatory for large events), and is very similar to the EU Digital COVID Certificate. However the implementation is a privacy nightmare: a central server gets a live view of who uses their pass!
The digital pass follows the structure of a dumb paper certificate, with identity info, COVID data (vaccine or PCR), and a digital signature by an authority. The digital signature is more secure that paper, but we have to trust all the doctors who enter COVID data in the system.
The problem is that the official verification app uses a central server to validate the signature: the app sends the whole data, and the server answers whether the user is COVID-safe. This makes no sense cryptographically, but I guess it isn't written down explicitly in the spec.
The central server is run by a gouvernement-owned company that is not supposed to see the health data. In addition, they get metada: they know *who* uses their pass, *when*, and they can even infer infer the *location* from the IP of the verifier.
In addition they use a CDN with Akamai. So a third-party answering to US regulations likely has access to all this data. All the talk about about sovereignty and independence from GAFAM was clearly a red herring.
The normal way to verify the signature would be do it locally on the verification device. That's the whole point of using signatures, rather than making online COVID queries! With a local verification, only organisers and attendees known who was at the event.
This is a nice illustration of the privacy issues of a Health Pass. The 2D code contains plaintext health data (vaccine date, nb. of shots), and we don't know what the verifier will do with it. In France, the shot date allows to infer more data, such as comorbidity or pregnancy.
The system is not privacy-preserving, but alternative were possible. For instance, we could distribute daily codes (3 for a negative PCR, hundreds for a vaccine), with only a single bit health info "COVID-safe". This scheme is cumbersome on paper, but easy in a digital wallet.
We can regulate the offical app, and EU rules take this particular problem into account. But there is no guarantee that the verifier is not using a third-party app. And this French example shows that even the official app can get it very wrong. 
Given this example, I now believe that the EU Digital COVID Certificate will do more harm than good. Fraud on paper certificates is probably not very high, and the risk of tracking is much lower if the data is read by a human.
The bug was found by reverse engineering (the app is closed source) while the privacy policy claims no data is sent, and the minister was praising its privacy. Privacy watchdog CNIL had very little time to evaluate the proposal, and probably few details.
https://mobile.twitter.com/gilbsgilbs/status/1401128591153373186
The ministry has now acknowledged the issue and says that the app will be fixed soon. They say that the central server does not store anything, but the whole point of data minimization is that you don't have to trust such unverifiable statements.
Addendum: the EU Digital COVID Certificate specifications explain how to import a certificate in a wallet app with online queries. This makes no sense: the digital pass should be the same QR-code as the paper one, so the wallet should copy just the data.
https://twitter.com/j08ny/status/1402560313581580290
• • •
Missing some Tweet in this thread? You can try to
force a refresh
