Provable Privacy Guarantee for Individual Identities and Locations in Large-Scale Contact Tracing

Tyler Nicewarner,Wei Jiang,Aniruddha Gokhale,Dan Lin
2024-09-19
Abstract:The task of infectious disease contact tracing is crucial yet challenging, especially when meeting strict privacy requirements. Previous attempts in this area have had limitations in terms of applicable scenarios and efficiency. Our paper proposes a highly scalable, practical contact tracing system called PREVENT that can work with a variety of location collection methods to gain a comprehensive overview of a person's trajectory while ensuring the privacy of individuals being tracked, without revealing their plain text locations to any party, including servers. Our system is very efficient and can provide real-time query services for large-scale datasets with millions of locations. This is made possible by a newly designed secret-sharing based architecture that is tightly integrated into unique private space partitioning trees. Notably, our experimental results on both real and synthetic datasets demonstrate that our system introduces negligible performance overhead compared to traditional contact tracing methods. PREVENT could be a game-changer in the fight against infectious diseases and set a new standard for privacy-preserving location tracking.
Cryptography and Security
What problem does this paper attempt to address?
The main problem that this paper attempts to solve is how to ensure the identity and location privacy of individuals in large - scale contact tracing while achieving efficient contact tracing. Specifically: 1. **Identity and Location Privacy Protection**: Existing contact - tracing systems cannot fully protect users' privacy when collecting and analyzing data, and may expose users' real identities or precise location information. The method proposed in this paper aims to ensure that no party (including the server) can obtain the user's plain - text location information or real identity throughout the process. 2. **Multi - channel Location Data Integration**: In order to obtain the complete trajectory of an individual, it is necessary to use multiple location collection methods (such as GPS, Bluetooth, QR codes, etc.). However, currently, no single contact - tracing system can integrate these multi - channel location data while ensuring privacy protection. The PREVENT system solves this problem by combining multiple location collection methods and using a new architecture of secret sharing and private space partitioning trees. 3. **Efficient Large - scale Queries**: Traditional contact - tracing methods are inefficient when dealing with large - scale data sets and it is difficult to achieve real - time query services. The PREVENT system has designed an efficient query algorithm that can quickly identify the affected population in a large - scale data set containing millions of locations without introducing significant performance overhead. 4. **Indirect Contact Tracing**: Some viruses (such as the novel coronavirus) can survive in the air for several hours, so it is possible to be infected even without direct contact. Existing methods can usually only identify direct contacts and ignore indirect contacts. The PREVENT system can effectively track indirect contacts by processing encrypted user location information through a unique pyramid data structure, thus providing a more comprehensive contact - tracing service. In summary, this paper proposes an innovative privacy - protected contact - tracing system named PREVENT, which not only solves the problem of insufficient privacy protection in existing systems but also improves the scalability and query efficiency of the system, providing a new solution for infectious disease prevention and control.