Evaluation of SwissCovid app

The National Cyber Security Heart (NCSC) organized a public safety take a look at
of the SwissCovid app.
The take a look at “targets to provide pudgy transparency”.

In accordance with the public take a look at, we equipped a document on June 5 which used to be
field to To blame Disclosure without a duration restrict.
A summary of our conclusions were rapid published by NCSC with out our
document.
On the opposite hand, our document were commented and even criticized in the clicking
on June 10 by SwissCovid representatives
(whereas we were restful forbidden to publish the document itself).

On June 16, we bought an authorization to publish by ourselves.
The NCSC dwelling lists many safety review experiences which would be rather
optimistic about SwissCovid.
It doesn’t checklist ours.
As a substitute, it comprises a “detailed diagnosis” by NCSC about out document.
We are in a disagreement with this diagnosis.

Because it appears to be rather clear that dialog is now no longer transparent,
we build right here our observations for the public.

The June 5 document used to be augmented with an addendum.
In summary, our observations are as follows.

• Despite the truth that the availability code of the app is equipped, we are in a position to now no longer
  bring collectively it, flee it, and develop it work with out signing an settlement
  with Apple or Google.
  We enact now no longer get it well suited with the belief of beginning provide.
• A vital fragment of the contact tracing protocol (which used to be in the beginning the
  DP3T protocol) is applied by Apple-Google in a fragment of the system
  called GAEN.
  This fragment has no accessible provide code although the law requires
  disclosure of the availability code of all parts of the system.
• Some servers are hosted by Amazon, as fragment of a CDN provider.
• The accessible records to doable users is unclear, incomplete,
  or unsuitable.
• Customers is at possibility of be traced or identified by surveillance programs of
  third events whereas the expend of SwissCovid.
• Identified users who document delight in a possibility to be identified by a third
  birthday party.
• Third events would possibly possibly inject flawed that that you would possibly possibly imagine contamination signals on a
  goal phone or on a foremost team of goal telephones.
  This would consequence in making folks drag to quarantine with out being
  thought to be as at possibility.

To resolve GAEN having no accessible provide code although the law mandates
all parts to thrill in an accessible provide code, the Federal Council
issued an ordinance making an exhaustive checklist of parts which does
now no longer embody GAEN.
To account for such exclusion, SwissCovid promoters argue that GAEN is
fragment of the operating system of the phone, or most incessantly fragment of the
Bluetooth dialog interface of the phone, and that it’s no longer
frequent to require to expose the availability code of such parts.
We speak that GAEN is such a fragment of the phone, on the least on Android telephones.
GAEN is fragment of the Google Play Companies and products which would be just of the
operating system and of the dialog interfaces.
We would no doubt flee a pre-identical outdated version of SwissCovid on an Android
phone which had no Google Play Companies and products.
On the opposite hand, this phone had the Android operating system and must expend
Bluetooth.
Furthermore, many of the outdated DP3T protocol which used to be applied in
this pre-identical outdated version disappeared in the latest version of the app
since an identical protocol is now in GAEN.
We create that there just isn’t a founded technical justification for with the exception of
GAEN from the parts of the system.
We strongly mediate that the ordinance is a real trick to bypass the law
which is the final consequence of a disagreement between SwissCovid and
Apple-Google.
We bustle constitutional specialists to develop an review on the validity
of the ordinance.

• Evaluation of SwissCovid

We build right here the NCSC diagnosis on our document along with our delight in notes.
The summary of our remarks are as follows.

• NCSC says that the outcomes of the public take a look at come in on
  the NCSC web dwelling.
  On the opposite hand, our document is now no longer there and we wonder if rather just a few experiences are
  lacking.
  We order that the public take a look at is now no longer as transparent as it aimed.
• NCSC restful insinuates that GAEN is fragment of the operating system,
  which is now no longer the case.
• NCSC claims that the expend of GAEN increased the privacy of the users.
  We strongly disagree with this commentary.
  Outsourcing a vital fragment of contact tracing to an opaque implementation,
  which is made accessible by a third birthday party,
  which used to be build in on up-to-date telephones with out the consent of the
  users,
  and
  which used to be now no longer field to an just audit
  can now no longer reinforce the privacy of anybody.
• NCSC claims that GAEN is an interface and now no longer a protocol.
  We disagree with this commentary.
  GAEN implements a vital fragment of the contact tracing protocol, what outdated-normal
  to be the DP3T protocol.
  We quite take the app as being an interface between GAEN, the servers,
  and the user.
• NCSC argues that Amazon webhosting some servers is harmless since the
  provider is handiest about distributing non-sensitive records.
  In rather just a few context, such inform has been confirmed to be corrupt.
  On the opposite hand, we now delight in got insufficient records to assess on the safety
  impact of this provider.
• NCSC talked about lots of that that you would possibly possibly imagine assaults being identified and documented
  with out offering any reference.
  We are aware those assaults are now no longer new and we are in a position to now no longer imagine NCSC
  is unaware of those assaults.
  Our significant level is that users must be responsive to those assaults and
  records is now no longer with out problems accessible at the present.
• NCSC states that “Customers can consistently turn off tracing if they’re in
  what they take into checklist to be a sensitive atmosphere”.
  We strongly accept as true with it but we mediate that users must learn about
  that that you would possibly possibly imagine assaults and to be reminded that they’ll turn off
  SwissCovid if they’re concerned.
• NCSC argues that having apps scanning Bluetooth although the user
  turned off Bluetooth is now no longer a possibility for the user.
  That is unsuitable.
  Some apps (and even GAEN) would possibly possibly continue scanning
  (towards the user’s consent).
  They would possibly resolve the danger of an infection of the user with thresholds
  rather just a few than those from FOPH and additionally title the contacts of
  the user.
  For the time being, turning off Bluetooth scanning is subtle on telephones
  and this is identified as a privacy possibility.
• NCSC claims that malicious apps are now no longer an dispute particular to
  SwissCovid.
  Our level is that SwissCovid adds a threat that malicious apps can
  exploit.

• (Annotated) Security Venture Submission [INR-4434]. Detailed diagnosis.

Our references:

• 8.4.2020 Serge Vaudenay.
  Evaluation of DP3T –
  Between Scylla and Charybdis.
  IACR-EPRINT 2020.
• 21.4.2020 Xavier Bonnetain, Anne Canteaut, Véronique Cortier,
  Pierrick Gaudry, Lucca Hirschi, Steve Kremer, Stéphanie Lacour,
  Matthieu Lequesne, Gaëtan Leurent, Léo Perrin,
  André Schrottenloher, Emmanuel Thomé, Serge Vaudenay,
  Christophe Vuillot.
  Le traçage anonyme,
  dangereux oxymore.
  (English version accessible.)
• 6.5.2020 Serge Vaudenay.
  Centralized or
  Decentralized? The Contact Tracing Procure 22 situation.
  IACR-EPRINT 2020.
• 5.6.2020 Serge Vaudenay, Martin Vuagnoux.
  Evaluation of SwissCovid
• 17.6.2020 Serge Vaudenay, Martin Vuagnoux.
  (Annotated) Security Venture Submission [INR-4434]. Detailed diagnosis.

Excellent references (in French):

• 818.101 LEp Art.60.
  Loi
  fédérale sur la lutte contre les maladies transmissibles
  de l’homme
  (LEp).
  Present disclose.
• 20.5.2020
  20.040 message from the Federal Council.
  Message
  concernant la modification urgente de la loi
  sur les épidémies en lien avec le coronavirus
  (Système de traçage de proximité).
• 13.5.2020 Ordinance for public pilot take a look at.
  Coronavirus :
  le Conseil fédéral adopte l’ordonnance sur l’utility
  de traçage de proximité et prolonge le soutien à la
  custom.

Other references:

• 10.6.2020
  Lars Baumgärtner, Alexandra Dmitrienko, Bernd Freisleben,
  Alexander Gruler, Jonas Höchst, Joshua Kühlberg, Mira Mezini,
  Markus Miettinen, Anel Muhamedagic, Thien Duc Nguyen, Alvar Penning,
  Dermot Frederik Pustelnik, Filipp Roos, Ahmad-Reza Sadeghi, Michael Schwarz,
  Christian Uhl.
  Tips the GAP: Security & Privacy
  Dangers of Contact Tracing Apps.
  Preprint arXiv: 2006.05914 [cs.CR], 2020.
• 16.6.2020 Douglas J. Leith, Stephen Farrell.
  GAEN
  Due Diligence:
  Verifying The Google/Apple Covid Exposure Notification API.
• 18.6.2020 Paul-Olivier Dehaye, Joel Reardon.
  SwissCovid:
  a Excessive Evaluation of Threat Evaluation by Swiss Authorities.
  Preprint arXiv: 2006.10719 [cs.CR], 2020.

Last update: June 19, 2020.