The Crypto on the NHSX COVID-19 App is a Thing of Maths Beauty

Forget the Apple/Google API method for rolling IDs, and using boring only hashing methods. The cryptography used in the NHSX app is a thing of real maths beauty and integrates symmetric key encryption, public key encryption and elliptic curves. The method involved uses ECIES (Elliptic Curve Integrated Encryption Scheme) with AES, and you can find out more here. Its main focus is to preserve the privacy of the identities involved around a contact, and in stopping replay attacks.

Introduction

The spread of COVID-19 is likely to be contained with the usage of contract tracing, and where carriers will be traced for those who they have been in contact with. In some countries of the world, broadcast methods have been used, and where carriers are traced on a map:

In this way, it is possible for those who are in close proximity that they are near a carrier. While this is highly effective in terms of containing the spread, it has significant problems in terms of breaching the rights of privacy:

Some of my patients were more afraid of being blamed than dying of the virus