---
OA_place: publisher
OA_type: gold
_id: '18961'
abstract:
- lang: eng
  text: "Automated contact tracing (ACT) emerged as a promising measure to curb the
    spread of Covid-19. Users enable ACT on their smartphones to automatically record
    contacts with other users. If a user tests positive for the disease, they report
    their diagnosis to alert their contacts.\r\nDesigning effective ACT protocols
    is challenging since they need to be efficient and secure while also ensuring
    users' privacy. As ACT protocols necessarily leak some information by design,
    defining privacy is difficult. For example, a user cannot deny having met another
    user. Ideally, however, the user can plausibly deny everything else, in particular,
    when they met. We call this privacy property contact-time deniability.\r\nWhile
    some early works discussed contact-time deniability informally, it has received
    little attention since then. We investigate deniability from a rigorous, theoretical
    point of view and arrive at the following impossibility result:\r\nA decentralized
    protocol with unidirectional communication cannot be contact-time deniable and
    replay-secure. This holds even if malicious users treat smartphones as black-boxes.\r\n
    Unidirectional protocols are usually very efficient and many proposals are unidirectional,
    e.g., the widely-deployed Google-Apple Exposure Notifications. So the impossibility
    result considerably constrains the design space of efficient, secure, and private
    ACT protocols. However, it can also be used as a guide; we discuss several possibilities
    to achieve contact-time deniability in practice."
acknowledgement: "We thank Raluca-Georgia Diugan for her initial contributions and
  support afterward.\r\nThis research was funded in whole or in part by the Austrian
  Science Fund (FWF) 10.55776/F85."
article_processing_charge: No
article_type: original
author:
- first_name: Christoph Ullrich
  full_name: Günther, Christoph Ullrich
  id: ec98511c-eb8e-11eb-b029-edd25d7271a1
  last_name: Günther
- first_name: Krzysztof Z
  full_name: Pietrzak, Krzysztof Z
  id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
  last_name: Pietrzak
  orcid: 0000-0002-9139-1654
citation:
  ama: 'Günther CU, Pietrzak KZ. Deniability in automated contact tracing: Impossibilities
    and possibilities. <i>Proceedings on Privacy Enhancing Technologies</i>. 2024;2024(4):636-648.
    doi:<a href="https://doi.org/10.56553/popets-2024-0134">10.56553/popets-2024-0134</a>'
  apa: 'Günther, C. U., &#38; Pietrzak, K. Z. (2024). Deniability in automated contact
    tracing: Impossibilities and possibilities. <i>Proceedings on Privacy Enhancing
    Technologies</i>. Bristol, UK/Virtual: Privacy Enhancing Technologies Symposium
    Advisory Board. <a href="https://doi.org/10.56553/popets-2024-0134">https://doi.org/10.56553/popets-2024-0134</a>'
  chicago: 'Günther, Christoph Ullrich, and Krzysztof Z Pietrzak. “Deniability in
    Automated Contact Tracing: Impossibilities and Possibilities.” <i>Proceedings
    on Privacy Enhancing Technologies</i>. Privacy Enhancing Technologies Symposium
    Advisory Board, 2024. <a href="https://doi.org/10.56553/popets-2024-0134">https://doi.org/10.56553/popets-2024-0134</a>.'
  ieee: 'C. U. Günther and K. Z. Pietrzak, “Deniability in automated contact tracing:
    Impossibilities and possibilities,” <i>Proceedings on Privacy Enhancing Technologies</i>,
    vol. 2024, no. 4. Privacy Enhancing Technologies Symposium Advisory Board, pp.
    636–648, 2024.'
  ista: 'Günther CU, Pietrzak KZ. 2024. Deniability in automated contact tracing:
    Impossibilities and possibilities. Proceedings on Privacy Enhancing Technologies.
    2024(4), 636–648.'
  mla: 'Günther, Christoph Ullrich, and Krzysztof Z. Pietrzak. “Deniability in Automated
    Contact Tracing: Impossibilities and Possibilities.” <i>Proceedings on Privacy
    Enhancing Technologies</i>, vol. 2024, no. 4, Privacy Enhancing Technologies Symposium
    Advisory Board, 2024, pp. 636–48, doi:<a href="https://doi.org/10.56553/popets-2024-0134">10.56553/popets-2024-0134</a>.'
  short: C.U. Günther, K.Z. Pietrzak, Proceedings on Privacy Enhancing Technologies
    2024 (2024) 636–648.
conference:
  end_date: 2024-07-20
  location: Bristol, UK/Virtual
  name: 'PETs: Privacy Enhancing Technologies Symposium '
  start_date: 2024-07-15
corr_author: '1'
date_created: 2025-01-29T13:39:34Z
date_published: 2024-07-01T00:00:00Z
date_updated: 2025-04-15T08:16:04Z
day: '01'
ddc:
- '000'
department:
- _id: KrPi
- _id: GradSch
doi: 10.56553/popets-2024-0134
file:
- access_level: open_access
  checksum: 348ed6adcf6ad2f925227bde1758cae6
  content_type: application/pdf
  creator: dernst
  date_created: 2025-01-29T13:44:47Z
  date_updated: 2025-01-29T13:44:47Z
  file_id: '18962'
  file_name: 2024_ProcPrivacyEnhTech_Guenther.pdf
  file_size: 611567
  relation: main_file
  success: 1
file_date_updated: 2025-01-29T13:44:47Z
has_accepted_license: '1'
intvolume: '      2024'
issue: '4'
language:
- iso: eng
license: https://creativecommons.org/licenses/by/4.0/
month: '07'
oa: 1
oa_version: Published Version
page: 636-648
project:
- _id: 34a34d57-11ca-11ed-8bc3-a2688a8724e1
  grant_number: F8509
  name: Security and Privacy by Design for Complex Systems
publication: Proceedings on Privacy Enhancing Technologies
publication_identifier:
  issn:
  - 2299-0984
publication_status: published
publisher: Privacy Enhancing Technologies Symposium Advisory Board
quality_controlled: '1'
status: public
title: 'Deniability in automated contact tracing: Impossibilities and possibilities'
tmp:
  image: /images/cc_by.png
  legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode
  name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)
  short: CC BY (4.0)
type: journal_article
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 2024
year: '2024'
...