U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Privacy-Enhancing Cryptography PEC

Encounters Metrics

A multidisciplinary NIST initiative seeks to address the Covid-19 pandemic by analyzing the availability, effectiveness, accuracy, and privacy of automated contact tracing efforts. PEC team members have been participating, by studying privacy tradeoffs of widespread contact tracing applications and considering how privacy can be improved within these systems.

  • 2021-January-26-28: NIST workshop Challenges for Digital Proximity Detection in Pandemics: Privacy, Accuracy, and Impact. The workshop was held to engage with the broader community. PEC team members helped organize the breakout session on privacy.  A summary of the workshop and scribe notes on the privacy discussion will be available in a NISTIR (link TBA).
  • 2021-March-28: “Encounter Metrics and Exposure Notification” – This article in the Journal of Research of NIST introduces the concept of “encounter metrics”: measuring the levels of interaction in a population of autonomous agents equipped with Bluetooth Low Energy (BLE) broadcasting devices. The assumption is that the speed at which an epidemic spreads is proportional to levels of interaction. Measuring these levels can help understand how certain environments hinder or promote epidemics. It can also be helpful to implement reactive policies such as contact tracing. The approach promotes privacy by design, addressing a privacy concern with many "digital proximity detection” applications that log “overheard” pseudonyms between BLE devices. The concern is that the pseudonyms are used to identify infected individuals despite the fact that they have been broadcast, and thus potentially available to third parties. Instead of pseudonyms we propose using a standard cryptographic technique called “exchange of secret keys”. The technique allows two parties to securely agree on a secret key while using a public communication channel. These keys can later be used as identifiers of “risky encounters" while preserving the privacy of all parties. A NIST news article summarizes some of the high-level ideas for a general audience.

Contacts

Reach the PEC team at:
crypto-privacy@nist.gov

Luís T. A. N. Brandão

René Peralta

Angela Robinson

Topics

Security and Privacy: cryptography, privacy

Created January 03, 2017, Updated November 12, 2021