Existing Bluetooth-based Private Contact Tracing (PCT) systems can privately detect whether people have come into direct contact with COVID-19 patients. However, we find that the existing systems lack functionality and flexibility, which may hurt the success of the contact tracing. Specifically, they cannot detect indirect contact (e.g., people may be exposed to coronavirus because of used the same elevator even without direct contact); they also cannot flexibly change the rules of “risky contact”, such as how many hours of exposure or how close to a COVID-19 patient that is considered as risk exposure, which may be changed with the environmental situation.
In this work, we propose an efficient and secure contact tracing system that enables to trace both direct contact and indirect contact. To address the above problems, we need to utilize users’ trajectory data for private contact tracing, which we call trajectory-based PCT. We formalize this problem as Spatiotemporal Private Set Intersection. By analyzing different approaches such as homomorphic encryption that could be extended to solve this problem, we identify that Trusted Execution Environment (TEE) is a proposing method to achieve our requirements. The major challenge is how to design algorithms for spatiotemporal private set intersection under limited secure memory of TEE. To this end, we design a TEE-based system with flexible trajectory data encoding algorithms. Our experiments on real-world data show that the proposed system can process thousands of queries on tens of million records of trajectory data in a few seconds.
-
[PSBD 2020] Secure and Efficient Trajectory-Based Contact Tracing using Trusted Hardware.
Fumiyuki Kato, Yang Cao, Masatoshi Yoshikawa.
7th International Workshop on Privacy and Security of Big Data (PSBD 2020) @IEEE BigData 2020
https://arxiv.org/abs/2010.13381 -
[ACM Transactions on Spatial Algorithms and Systems] PCT-TEE: Trajectory-based Private Contact Tracing System with Trusted Execution Environment
Fumiyuki Kato, Yang Cao, Yoshikawa Masatoshi
https://arxiv.org/abs/2012.03782
SOTA software-based approach vs hardware-based approach in PSI
experiment/
OS: Ubuntu
-
prepare CPU with Intel SGX instruction set. Docker and docker-compose are needed. And install linux-sgx-driver from https://github.com/intel/linux-sgx-driver.
-
Clone Rust SGX SDK
$ git clone https://github.com/apache/incubator-teaclave-sgx-sdk
- Clone this repository
$ git clone https://github.com/ylab-public/PCT
$ cd PCT
- Set environment variables like below on
.envto pass the docker container.
RUST_SDK_ROOT=/your/own/path/to/incubator-teaclave-sgx-sdk
PCT_DIR=/your/own/path/to/PCT
- Wake up docker container including AESM service
$ bin/up
$ bin/in
[docker-inside]$ make clean && QUERY_SIZE=1439 ENCODEDVALUE_SIZE=8 FEATURE="fsa st" make
[docker-inside]$ make clean && QUERY_SIZE=1439 ENCODEDVALUE_SIZE=8 FEATURE="fsa st" make && RUST_BACKTRACE=1 bin/app 10000 data/sample 2 data/sample/server.csv
args[0] = threashold of each chunk block size
args[1] = query data file dir (clientfile format => client-(theta_geo)-(theta_time)-(client_id)-(.+).csv
args[2] = number of clients
args[3] = central data file path"
- SDK
- Experimental dataset source