[{"ddc":["000"],"type":"journal_article","publication":"Proceedings on Privacy Enhancing Technologies","date_updated":"2025-04-15T08:16:04Z","article_processing_charge":"No","article_type":"original","language":[{"iso":"eng"}],"corr_author":"1","abstract":[{"text":"Automated contact tracing (ACT) emerged as a promising measure to curb the spread of Covid-19. Users enable ACT on their smartphones to automatically record contacts with other users. If a user tests positive for the disease, they report their diagnosis to alert their contacts.\r\nDesigning effective ACT protocols is challenging since they need to be efficient and secure while also ensuring users' privacy. As ACT protocols necessarily leak some information by design, defining privacy is difficult. For example, a user cannot deny having met another user. Ideally, however, the user can plausibly deny everything else, in particular, when they met. We call this privacy property contact-time deniability.\r\nWhile some early works discussed contact-time deniability informally, it has received little attention since then. We investigate deniability from a rigorous, theoretical point of view and arrive at the following impossibility result:\r\nA decentralized protocol with unidirectional communication cannot be contact-time deniable and replay-secure. This holds even if malicious users treat smartphones as black-boxes.\r\n Unidirectional protocols are usually very efficient and many proposals are unidirectional, e.g., the widely-deployed Google-Apple Exposure Notifications. So the impossibility result considerably constrains the design space of efficient, secure, and private ACT protocols. However, it can also be used as a guide; we discuss several possibilities to achieve contact-time deniability in practice.","lang":"eng"}],"oa":1,"day":"01","conference":{"start_date":"2024-07-15","location":"Bristol, UK/Virtual","name":"PETs: Privacy Enhancing Technologies Symposium ","end_date":"2024-07-20"},"OA_type":"gold","year":"2024","title":"Deniability in automated contact tracing: Impossibilities and possibilities","volume":2024,"doi":"10.56553/popets-2024-0134","publication_status":"published","file_date_updated":"2025-01-29T13:44:47Z","_id":"18961","publication_identifier":{"issn":["2299-0984"]},"intvolume":"      2024","issue":"4","project":[{"grant_number":"F8509","name":"Security and Privacy by Design for Complex Systems","_id":"34a34d57-11ca-11ed-8bc3-a2688a8724e1"}],"quality_controlled":"1","date_published":"2024-07-01T00:00:00Z","month":"07","status":"public","tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","image":"/images/cc_by.png","short":"CC BY (4.0)"},"page":"636-648","department":[{"_id":"KrPi"},{"_id":"GradSch"}],"date_created":"2025-01-29T13:39:34Z","citation":{"ista":"Günther CU, Pietrzak KZ. 2024. Deniability in automated contact tracing: Impossibilities and possibilities. Proceedings on Privacy Enhancing Technologies. 2024(4), 636–648.","short":"C.U. Günther, K.Z. Pietrzak, Proceedings on Privacy Enhancing Technologies 2024 (2024) 636–648.","mla":"Günther, Christoph Ullrich, and Krzysztof Z. Pietrzak. “Deniability in Automated Contact Tracing: Impossibilities and Possibilities.” <i>Proceedings on Privacy Enhancing Technologies</i>, vol. 2024, no. 4, Privacy Enhancing Technologies Symposium Advisory Board, 2024, pp. 636–48, doi:<a href=\"https://doi.org/10.56553/popets-2024-0134\">10.56553/popets-2024-0134</a>.","chicago":"Günther, Christoph Ullrich, and Krzysztof Z Pietrzak. “Deniability in Automated Contact Tracing: Impossibilities and Possibilities.” <i>Proceedings on Privacy Enhancing Technologies</i>. Privacy Enhancing Technologies Symposium Advisory Board, 2024. <a href=\"https://doi.org/10.56553/popets-2024-0134\">https://doi.org/10.56553/popets-2024-0134</a>.","ieee":"C. U. Günther and K. Z. Pietrzak, “Deniability in automated contact tracing: Impossibilities and possibilities,” <i>Proceedings on Privacy Enhancing Technologies</i>, vol. 2024, no. 4. Privacy Enhancing Technologies Symposium Advisory Board, pp. 636–648, 2024.","ama":"Günther CU, Pietrzak KZ. Deniability in automated contact tracing: Impossibilities and possibilities. <i>Proceedings on Privacy Enhancing Technologies</i>. 2024;2024(4):636-648. doi:<a href=\"https://doi.org/10.56553/popets-2024-0134\">10.56553/popets-2024-0134</a>","apa":"Günther, C. U., &#38; Pietrzak, K. Z. (2024). Deniability in automated contact tracing: Impossibilities and possibilities. <i>Proceedings on Privacy Enhancing Technologies</i>. Bristol, UK/Virtual: Privacy Enhancing Technologies Symposium Advisory Board. <a href=\"https://doi.org/10.56553/popets-2024-0134\">https://doi.org/10.56553/popets-2024-0134</a>"},"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","file":[{"date_updated":"2025-01-29T13:44:47Z","file_id":"18962","content_type":"application/pdf","creator":"dernst","relation":"main_file","access_level":"open_access","date_created":"2025-01-29T13:44:47Z","success":1,"file_size":611567,"checksum":"348ed6adcf6ad2f925227bde1758cae6","file_name":"2024_ProcPrivacyEnhTech_Guenther.pdf"}],"acknowledgement":"We thank Raluca-Georgia Diugan for her initial contributions and support afterward.\r\nThis research was funded in whole or in part by the Austrian Science Fund (FWF) 10.55776/F85.","has_accepted_license":"1","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","oa_version":"Published Version","OA_place":"publisher","author":[{"full_name":"Günther, Christoph Ullrich","id":"ec98511c-eb8e-11eb-b029-edd25d7271a1","last_name":"Günther","first_name":"Christoph Ullrich"},{"id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","full_name":"Pietrzak, Krzysztof Z","orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","last_name":"Pietrzak"}]}]