Image for post
Image for post
Photo by Patrick Tomasso on Unsplash

The Rise and Fall of the NHSX App

Well, the writing has been on the wall for a while, but today, the UK government officially cancelled the centralised approach of the NHSX App, and are now focusing on the Google/Apple integration:

Image for post
Image for post
Image for post
Image for post

The flaws

It was promised to be a world-leading App, but few technical people have ever seen it as being a solution. In fact, on 29 April 2020, many leading UK cybersecurity academics (of which I was one) wrote a letter to the UK Government [here]:

Image for post
Image for post
Image for post
Image for post
  • The data is stored on the public cloud and is not stored in the NHS infrastructure.
  • The Bluetooth beacons are sourced in an App, and which is likely to suffer from power drain problems, and also with the App being put to sleep if not being used.
  • A breach of the private key on the server releases all of the contacts.
  • Bob can be traced for a day using his daily public key. This is generated every day and is broadcast every time that Bob comes into contact with someone. By relaying the broadcast, to another place, Bob can be tracked with his daily public key. In the Google/Apple method, a new tracing ID is generated every 10 minutes, and which limits the tracking opportunities.

20 years and stored in the Amazon Cloud

The NHSX App in the UK has not had a good time and has been criticized for its centralisation nature. But it’s really what happens on the back-end that really matters, especially how the data will be used, and how long it will be kept for. And so, the details are finally being released about the NHSX App, and where Public Health England (PHE) says that it will hold the data gathered by the NHS Test and Trace App for 20 years and for five years for contacts:

Image for post
Image for post
Image for post
Image for post

The Apple/Google Approach

And so, in a spirit of openness, Google released its cryptography specification for a new privacy-preserving Bluetooth protocol. Google’s core focus is on key scheduling and Bluetooth Advertisements (what would be thought of as Bluetooth beacons). Overall there are three main encryption keys:

Image for post
Image for post
Image for post
Image for post
import osK_track = os.urandom(32)    # 256-bit random keyprint ("Tracing key: "+binascii.hexlify(K_track).decode())
## HKDF(Key, Salt, Info, OutputLength)# DayNumber ← Number of Seconds since Epoch/ (60 × 60 × 24)DayNumber = str(int(time.time()/(60*60*24)))print ("\nDay number: "+DayNumber)D_i = "CT-DTK" + DayNumberKey_day_i = PBKDF2(K_track, D_i).read(16)print ("Daily key: "+binascii.hexlify(Key_day_i).decode())
# TimeNumberInterval ← Seconds Since Start of DayNumber/(60 × 10)today = datetime.date.today()seconds_since_midnight = time.time() - time.mktime(today.timetuple())TINj=str(int(seconds_since_midnight //(600*10)))print ("\nTINj (Time interval number): "+TINj)TINj_str = "CT-RPI" + TINjrpi = hashlib.pbkdf2_hmac('sha256', Key_day_i, TINj_str.encode() , 10000)[:16]print ("Rolling ID: "+binascii.hexlify(rpi).decode())

The NHSX App

The spread of COVID-19 is likely to be contained with the usage of contract tracing, and where carriers will be traced for those who they have been in contact with. In some countries of the world, broadcast methods have been used, and where carriers are traced on a map:

Image for post
Image for post
  • Not possible to trace a user or device from Bluetooth beacons (other than being in near proximity to Bob, and we can see beacons from him).
  • Not possible to spoof data for another user.
  • Not possible to see if the user of a phone which has sent a beacon is a carrier.
  • Robust against malicious users, including for replay information about proximity.
Image for post
Image for post
Figure 1: Overview

Broadcast Value

The values broadcasted by Bob (BroadcastValues) uses the public key sent within the registration process. Each day the device creates a new ephemeral private key on an elliptic curve (P256):

Image for post
Image for post
Image for post
Image for post

Conclusions

The academic community is there to provide support. Possibly it would have taken a little bit longer to set up, but ‘a stitch in time saves nine’.

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store