Commit 0c1feb86 authored by Cypres TAC's avatar Cypres TAC
Browse files

merge SK_L key size from 280 bits to 208 bits

parents f49de8ae 2f966ca5
......@@ -3,7 +3,7 @@
#include <stdint.h>
#define SK_L_SIZE (60)
#define SK_L_SIZE (51)
/* Permanent location secret key, this key is not defined in the clea library itself,
it should be defined outside as it depends on the hardware specific storage location */
......
......@@ -3,7 +3,7 @@
#include <stdlib.h>
#include "clea.h"
uint8_t SK_L[SK_L_SIZE] = {17, 50, 178, 117, 142, 93, 11, 228, 16, 198, 218, 172, 28, 203, 30, 149, 105, 157, 195, 247, 12, 226, 62, 13, 255, 126, 84, 96, 87, 163, 80, 97, 213, 211, 66, 20, 248, 127, 9, 64, 84, 127, 135, 165, 127, 171, 14, 78, 34, 229, 223, 249, 156, 59, 123, 51, 153, 17, 250, 106};
uint8_t SK_L[SK_L_SIZE] = {17, 50, 178, 117, 142, 93, 11, 228, 16, 198, 218, 172, 28, 203, 30, 149, 105, 157, 195, 247, 12, 226, 62, 13, 255, 126, 84, 96, 87, 163, 80, 97, 213, 211, 66, 20, 248, 127, 9, 64, 84, 127, 135, 165, 127, 171, 14, 78, 34, 229, 223};
uint8_t PK_SA[PUBLIC_KEY_SIZE] = {0xbc, 0x05, 0x51, 0x56, 0x7e, 0xcc, 0x32, 0x77, 0x99, 0x8f, 0x4b, 0xa9, 0xaf, 0x0c, 0xa6, 0x35, 0xdd, 0xe3, 0x6b, 0xd2, 0x01, 0x55, 0x95, 0xbc, 0xab, 0xa2, 0x74, 0x0c, 0xcd, 0xc0, 0x6e, 0x7f, 0x78, 0x0d, 0x9e, 0xd2, 0xf4, 0x7f, 0xbc, 0xc5, 0xb4, 0xb4, 0x65, 0x49, 0x73, 0x3e, 0x2f, 0x9f, 0xb0, 0xf5, 0xc5, 0x86, 0x7a, 0x08, 0xec, 0xf6, 0x45, 0x16, 0xf9, 0x8d, 0x4c, 0x8a, 0x7e, 0xd5};
uint8_t PK_MCTA[PUBLIC_KEY_SIZE] = {0xbc, 0x05, 0x51, 0x56, 0x7e, 0xcc, 0x32, 0x77, 0x99, 0x8f, 0x4b, 0xa9, 0xaf, 0x0c, 0xa6, 0x35, 0xdd, 0xe3, 0x6b, 0xd2, 0x01, 0x55, 0x95, 0xbc, 0xab, 0xa2, 0x74, 0x0c, 0xcd, 0xc0, 0x6e, 0x7f, 0x78, 0x0d, 0x9e, 0xd2, 0xf4, 0x7f, 0xbc, 0xc5, 0xb4, 0xb4, 0x65, 0x49, 0x73, 0x3e, 0x2f, 0x9f, 0xb0, 0xf5, 0xc5, 0x86, 0x7a, 0x08, 0xec, 0xf6, 0x45, 0x16, 0xf9, 0x8d, 0x4c, 0x8a, 0x7e, 0xd5};
......
......@@ -13,7 +13,7 @@
#include "external_deps/time.h"
#include "clea.h"
uint8_t SK_L[SK_L_SIZE] = {17, 50, 178, 117, 142, 93, 11, 228, 16, 198, 218, 172, 28, 203, 30, 149, 105, 157, 195, 247, 12, 226, 62, 13, 255, 126, 84, 96, 87, 163, 80, 97, 213, 211, 66, 20, 248, 127, 9, 64, 84, 127, 135, 165, 127, 171, 14, 78, 34, 229, 223, 249, 156, 59, 123, 51, 153, 17, 250, 106};
uint8_t SK_L[SK_L_SIZE] = {17, 50, 178, 117, 142, 93, 11, 228, 16, 198, 218, 172, 28, 203, 30, 149, 105, 157, 195, 247, 12, 226, 62, 13, 255, 126, 84, 96, 87, 163, 80, 97, 213, 211, 66, 20, 248, 127, 9, 64, 84, 127, 135, 165, 127, 171, 14, 78, 34, 229, 223};
uint8_t PK_HA[PUBLIC_KEY_SIZE] = {0xbc, 0x05, 0x51, 0x56, 0x7e, 0xcc, 0x32, 0x77, 0x99, 0x8f, 0x4b, 0xa9, 0xaf, 0x0c, 0xa6, 0x35, 0xdd, 0xe3, 0x6b, 0xd2, 0x01, 0x55, 0x95, 0xbc, 0xab, 0xa2, 0x74, 0x0c, 0xcd, 0xc0, 0x6e, 0x7f, 0x78, 0x0d, 0x9e, 0xd2, 0xf4, 0x7f, 0xbc, 0xc5, 0xb4, 0xb4, 0x65, 0x49, 0x73, 0x3e, 0x2f, 0x9f, 0xb0, 0xf5, 0xc5, 0x86, 0x7a, 0x08, 0xec, 0xf6, 0x45, 0x16, 0xf9, 0x8d, 0x4c, 0x8a, 0x7e, 0xd5};
uint8_t PK_MCTA[PUBLIC_KEY_SIZE] = {0xbc, 0x05, 0x51, 0x56, 0x7e, 0xcc, 0x32, 0x77, 0x99, 0x8f, 0x4b, 0xa9, 0xaf, 0x0c, 0xa6, 0x35, 0xdd, 0xe3, 0x6b, 0xd2, 0x01, 0x55, 0x95, 0xbc, 0xab, 0xa2, 0x74, 0x0c, 0xcd, 0xc0, 0x6e, 0x7f, 0x78, 0x0d, 0x9e, 0xd2, 0xf4, 0x7f, 0xbc, 0xc5, 0xb4, 0xb4, 0x65, 0x49, 0x73, 0x3e, 0x2f, 0x9f, 0xb0, 0xf5, 0xc5, 0x86, 0x7a, 0x08, 0xec, 0xf6, 0x45, 0x16, 0xf9, 0x8d, 0x4c, 0x8a, 0x7e, 0xd5};
......
......@@ -14,7 +14,6 @@ import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
@Builder
@Getter
@EqualsAndHashCode
......@@ -25,7 +24,7 @@ public class LocationContact {
public static final String REGION_VALIDATION_MESSAGE = "Location phone is mandatory";
public static final String PIN_VALIDATION_MESSAGE = "Secret digit PIN must contain exactly 6 characters";
public static final String PERIOD_START_TIME_VALIDATION_MESSAGE = "Period start time must not be null";
/* Phone number of the location contact person, one digit = one character */
@NotBlank(message= PHONE_VALIDATION_MESSAGE)
String locationPhone;
......@@ -41,4 +40,4 @@ public class LocationContact {
@NotNull(message= PERIOD_START_TIME_VALIDATION_MESSAGE)
@Setter(AccessLevel.PROTECTED)
Instant periodStartTime;
}
}
\ No newline at end of file
......@@ -146,7 +146,11 @@ public class LocationContactMessageEncoder {
long periodStartTime = bitLocationContactMessage.getNextLong(32);
LocationContact locationContact = new LocationContact(locationPhone.toString(),
<<<<<<< HEAD
locationRegion, locationPin.toString(), TimeUtils.instantFromTimestamp(periodStartTime));
=======
locationRegion, locationPin.toString(), TimeUtils.instantFromTimestamp(periodStartTime));
>>>>>>> mybranch
this.validateMessage(locationContact);
return locationContact;
......
......@@ -46,7 +46,7 @@ import fr.inria.clea.lsp.utils.TimeUtils;
class LocationSpecificPartTest {
/* Example of a permanent Location Secret Key used for the tests */
private final String permanentLocationSecretKey = "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504";
private final String permanentLocationSecretKey = "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575";
private CleaEciesEncoder cleaEciesEncoder;
private String[] serverAuthorityKeyPair;
private String[] manualContactTracingAuthorityKeyPair;
......
......@@ -17,7 +17,7 @@ import fr.inria.clea.lsp.exception.CleaCryptoException;
public class LocationTest {
/* Example of a permanent Location Secret Key used for the tests */
private final String permanentLocationSecretKey = "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504";
private final String permanentLocationSecretKey = "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575";
private String[] serverAuthorityKeyPair;
private String[] manualContactTracingAuthorityKeyPair;
private Instant periodStartTime;
......@@ -32,7 +32,11 @@ public class LocationTest {
serverAuthorityKeyPair = cleaEciesEncoder.genKeysPair(true);
manualContactTracingAuthorityKeyPair = cleaEciesEncoder.genKeysPair(true);
periodStartTime = Instant.now().truncatedTo(ChronoUnit.HOURS);
<<<<<<< HEAD
locationContact = new LocationContact("33800130000", 10, "012345", periodStartTime);
=======
locationContact = new LocationContact("3380013000", 10, "012345", periodStartTime);
>>>>>>> mybranch
}
@Test
......
staff, countryCode, LTId, CRIexp, venueType, venueCat1, venueCat2, periodDuration, ct_periodStart, t_qrStart, SK_SA, PK_SA, lsp_base64
0, 492, 1839f2b2-4765-51fa-6581-3f31ec65f902, 5, 12, 0, 0, 3, 1062694, 3825699763, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ABg58rJHZVH6ZYE/Mexl+QJurG0CYm+ONfqfQzxgaxcZo45q7DFGFbCePmkj4pqwPX3ULuF1/3Ze0Do/9DCoPLyltOyxKyvYiTQDBkwrFGu7Tf74vzyTXyWfpILQ78fQnKCEBzcL6EwKGoCT0JMj0hQpLx8Hz8/wMOYwJmBwS7V8RlJtzECWW0cXbBROEwN131bs49SI2SYJJD8/njXUbpZDbl2H8UsRKz+UJLeaUw==
1, 4095, 1839f2b2-4765-51fa-6581-3f31ec65f902, 31, 31, 15, 15, 255, 1062694, 3825699763, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ABg58rJHZVH6ZYE/Mexl+QL1+2HNHa4/oxPunA511t5L6RuzvcYJVS1sHo9sElOU6lBM2Q7S2xk651WNcJ3QvDnZuEt91x4usoTYWTBDOG0luCrfs271MNtfl2O01Zf4h7YaYvS1KZ2CAv3gO0yevf/QkUxjtWbNhCFjuJBm2ncz0g+5SMnD9UBQma5ErwOT8cvd8zUjXSKkUzl7CjwkAVnvq/KnXEnxNYSzKOpBbQ==
1, 592, 1839f2b2-4765-51fa-6581-3f31ec65f902, 31, 31, 15, 15, 255, 1062694, 3825699763, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ABg58rJHZVH6ZYE/Mexl+QKfWe2c6gEJFbNt6CY9ex+NBD5Uw7FeZ4ih1vrOt1Uzjm4dUzJfP7mekEAgpeHiEOjaC0fV+4Oz8QOmhVcD3jmlGlYbmBhNfi2rQDOTJYCiVXeeAC1r+zPt3qveJaA=
0, 492, 1839f2b2-4765-51fa-6581-3f31ec65f902, 5, 10, 3, 3, 5, 1062694, 3825699763, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ABg58rJHZVH6ZYE/Mexl+QIYbZTrqIUqb/nQ7T6KIlaSCOfRAYQiE1rW5jwKvnQkKvVoL/7jsMwoNMI1X4BV5+fLo+CzXA1aynoK8cLmWFx75ezbrMxCrGUIE4v7ztokMXe6oBbFRuN6Fy9WzfoPeP20V1FklzuW+3aftxhugsoBipF1UOyd8z6QciGJCgOJORQN4nIe110N1G16c6AMWXgxJ4kxlTV1UG0f2j36hA==
1, 202, 1839f2b2-4765-51fa-6581-3f31ec65f902, 5, 31, 3, 1, 10, 1062694, 3825699763, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ABg58rJHZVH6ZYE/Mexl+QJsFq9cuuaa7C34SktDBQgKQRdrpLUgj9XqPJ5FUuj53FHCvNCvsAQ+QKO0VBNMlXSwbgRpBxioeskp4+GWMKUvFSSAW3bvECJWu1oF5copD0mig7+qYGObi5jBuVp18X8JZDLDYljmVALxXWlUNC87xl2I1JbeXn4Qxn8tGAN6A9wOMUsrxrJxB3MDmhpd3qKOmo7BX02hAGT0SlfRhg==
0, 492, 33de6154-4d97-fa2a-67b7-ee6ead2ba50f, 5, 12, 0, 0, 3, 1062861, 3826300545, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ADPeYVRNl/oqZ7fubq0rpQ+tpUVK3hjbg0ppQcAlOtIF5q+2VE0xY/tqFpLnsx+0XW4GFIRemr9iM3ePapOznbaauRp74OgR2zttSDHXBbX5tZbJwfMmNGZ4xnps93s6l3480UKjOj5BDilX9mY6+ndzCzYaTbBgK6aiqbg5yJn6euEjBaBNPJI9S+eGsQLcFRgwdM9vVjf/rgAo+HIKeWgRRuNRlkuYMPpi+HeBZA==
1, 4095, 33de6154-4d97-fa2a-67b7-ee6ead2ba50f, 31, 31, 15, 15, 255, 1062861, 3826300545, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ADPeYVRNl/oqZ7fubq0rpQ/9F0A5amZjz7/mfh8fsnvbXvXd/SXiBYgYHKC68u7t9hsNZQ237vKzgDVNrA8crcyt7OzY/wB2Vrom5zrcgh4cl1QR94LU2S8jRLcC5gl9wgp/bkFVMhHGj/HnbuRTuS8kwo5xJAUf0f3FTTh5QUEUq27upYsz32kCqFVnzAKm7wH2rju1VgXxstfozLGy7MeEehz7Hw4VFMCyKAzIBA==
1, 592, 33de6154-4d97-fa2a-67b7-ee6ead2ba50f, 31, 31, 15, 15, 255, 1062861, 3826300545, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ADPeYVRNl/oqZ7fubq0rpQ9OyDkiotegiD9nJoNf8RZKt4e8WeEpSZllfy0bOh+QwjiF8M6uAj6tytJaPlqhnSZYh6hAgDq3OAQ7BIwC6eCC9xNjH4IqCZA8X59hIjVoV/1vlEAU5i+JiQIGQ6M=
0, 492, 33de6154-4d97-fa2a-67b7-ee6ead2ba50f, 5, 10, 3, 3, 5, 1062861, 3826300545, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ADPeYVRNl/oqZ7fubq0rpQ9MwAB/ix5cJZC9et6AOBKhBxe4qBQUD8jYD1N3baMJnJtc8fkfHEuBoKoZNgfnnDU/Oka2EIQiTEfsyTWMHd0d7ZXDWoZMqmYMygZU5TW/XXbgH6JdtMChOfoGHEL5aLCPyz9B0Jwvxxg0/KwTze/V6w6fKLunx0mifl3lPgNAo2qrjXHP3EnlrnFPJ73nZzmnDzMp8Uq5ZrawH976ag==
1, 202, 33de6154-4d97-fa2a-67b7-ee6ead2ba50f, 5, 31, 3, 1, 10, 1062861, 3826300545, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, ADPeYVRNl/oqZ7fubq0rpQ9BoYGN0nV+w7qkSQLc9+THqUYEii3XruWAuF4b2KYlL2ltYCO3+ZeoKpFPclSAXGKz9zKAIDrQ0lXETSIcXcFUq5MqtKGpTe7d9uR7c6AnFhPZeoRyOWV/9uY6o3nqNzVEq0mUCVK3d6dxPKdcoAYDiUTlL0m39YI205i4zAIVnQZPoSiXoaDgfCkZhhdZpwqqHwOqPbs1pOVv6tvgVQ==
locationPhone, locationRegion, locationPin, t_periodStart, SK_SA, PK_SA, SK_MCTA, PK_MCTA, lsp_base64
3380013000, 1, 012345, 3825698400, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ABg58rJHZVH6ZYE/Mexl+QJurG0CYm+ONfqfQzxgaxcZo45q7DFGFbCePmkj4pqwPX3ULuF1/3Ze0Do/9DCoPLyltOyxKyvYiTQDBkwrFGu7Tf74vzyTXyWfpILQ78fQnKCEBzcL6EwKGoCT0JMj0hQpLx8Hz8/wMOYwJmBwS7V8RlJtzECWW0cXbBROEwN131bs49SI2SYJJD8/njXUbpZDbl2H8UsRKz+UJLeaUw==
001122334455667, 255, 012345, 3825698400, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ABg58rJHZVH6ZYE/Mexl+QL1+2HNHa4/oxPunA511t5L6RuzvcYJVS1sHo9sElOU6lBM2Q7S2xk651WNcJ3QvDnZuEt91x4usoTYWTBDOG0luCrfs271MNtfl2O01Zf4h7YaYvS1KZ2CAv3gO0yevf/QkUxjtWbNhCFjuJBm2ncz0g+5SMnD9UBQma5ErwOT8cvd8zUjXSKkUzl7CjwkAVnvq/KnXEnxNYSzKOpBbQ==
33800130000, 21, 012345, 3825698400, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ABg58rJHZVH6ZYE/Mexl+QIYbZTrqIUqb/nQ7T6KIlaSCOfRAYQiE1rW5jwKvnQkKvVoL/7jsMwoNMI1X4BV5+fLo+CzXA1aynoK8cLmWFx75ezbrMxCrGUIE4v7ztokMXe6oBbFRuN6Fy9WzfoPeP20V1FklzuW+3aftxhugsoBipF1UOyd8z6QciGJCgOJORQN4nIe110N1G16c6AMWXgxJ4kxlTV1UG0f2j36hA==
33800130000, 12, 543210, 3825698400, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ABg58rJHZVH6ZYE/Mexl+QJsFq9cuuaa7C34SktDBQgKQRdrpLUgj9XqPJ5FUuj53FHCvNCvsAQ+QKO0VBNMlXSwbgRpBxioeskp4+GWMKUvFSSAW3bvECJWu1oF5copD0mig7+qYGObi5jBuVp18X8JZDLDYljmVALxXWlUNC87xl2I1JbeXn4Qxn8tGAN6A9wOMUsrxrJxB3MDmhpd3qKOmo7BX02hAGT0SlfRhg==
3380013000, 1, 012345, 3826299600, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ADPeYVRNl/oqZ7fubq0rpQ+tpUVK3hjbg0ppQcAlOtIF5q+2VE0xY/tqFpLnsx+0XW4GFIRemr9iM3ePapOznbaauRp74OgR2zttSDHXBbX5tZbJwfMmNGZ4xnps93s6l3480UKjOj5BDilX9mY6+ndzCzYaTbBgK6aiqbg5yJn6euEjBaBNPJI9S+eGsQLcFRgwdM9vVjf/rgAo+HIKeWgRRuNRlkuYMPpi+HeBZA==
001122334455667, 255, 012345, 3826299600, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ADPeYVRNl/oqZ7fubq0rpQ/9F0A5amZjz7/mfh8fsnvbXvXd/SXiBYgYHKC68u7t9hsNZQ237vKzgDVNrA8crcyt7OzY/wB2Vrom5zrcgh4cl1QR94LU2S8jRLcC5gl9wgp/bkFVMhHGj/HnbuRTuS8kwo5xJAUf0f3FTTh5QUEUq27upYsz32kCqFVnzAKm7wH2rju1VgXxstfozLGy7MeEehz7Hw4VFMCyKAzIBA==
33800130000, 21, 012345, 3826299600, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ADPeYVRNl/oqZ7fubq0rpQ9MwAB/ix5cJZC9et6AOBKhBxe4qBQUD8jYD1N3baMJnJtc8fkfHEuBoKoZNgfnnDU/Oka2EIQiTEfsyTWMHd0d7ZXDWoZMqmYMygZU5TW/XXbgH6JdtMChOfoGHEL5aLCPyz9B0Jwvxxg0/KwTze/V6w6fKLunx0mifl3lPgNAo2qrjXHP3EnlrnFPJ73nZzmnDzMp8Uq5ZrawH976ag==
33800130000, 12, 543210, 3826299600, 34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8, 04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5, 3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd, 045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4, ADPeYVRNl/oqZ7fubq0rpQ9BoYGN0nV+w7qkSQLc9+THqUYEii3XruWAuF4b2KYlL2ltYCO3+ZeoKpFPclSAXGKz9zKAIDrQ0lXETSIcXcFUq5MqtKGpTe7d9uR7c6AnFhPZeoRyOWV/9uY6o3nqNzVEq0mUCVK3d6dxPKdcoAYDiUTlL0m39YI205i4zAIVnQZPoSiXoaDgfCkZhhdZpwqqHwOqPbs1pOVv6tvgVQ==
......@@ -13,7 +13,7 @@
"PK_SA": "04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5",
"SK_MCTA": "3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd",
"PK_MCTA": "045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4",
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504"
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575"
},
{
"staff": 1,
......@@ -29,8 +29,8 @@
"SK_SA": "34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8",
"PK_SA": "04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5",
"SK_MCTA": "3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd",
"PK_MCTA": "045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4",
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504"
"PK_MCTA": "045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4",
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575"
},
{
......@@ -45,7 +45,7 @@
"PK_SA": "045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4",
"SK_MCTA": "34af7f978c5a17772867d929e0b800dd2db74608322d73f2f0cfd19cdcaeccc8",
"PK_MCTA": "04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5",
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504"
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575"
},
{
"staff": 0,
......@@ -62,7 +62,7 @@
"PK_SA": "04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5",
"SK_MCTA": "3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd",
"PK_MCTA": "045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4",
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504"
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575"
},
{
"staff": 1,
......@@ -79,6 +79,6 @@
"PK_SA": "04c14d9db89a3dd8da8a366cf26cd67f1de468fb5dc15f240b0d2b96dbdb5f39af962cb0bdc0bafcc9e523bf5cd4eba420c51758f987457954d32f1003bbaaf1c5",
"SK_MCTA": "3108f08b1485adb6f72cfba1b55c7484c906a2a3a0a027c78dcd991ca64c97bd",
"PK_MCTA": "045f802c016b2d14ef4d7ef01617c67c7506c0cd08aed3e4bcaf34ef5ffaddebb70a073d82c37bc874ce6705cec8b1c4a03b2ccd8f28b0c5034fb8774f2e97b1a4",
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd85758bab8f45fe01aac504"
"SK_L": "23c9b8f36ac1c0cddaf869c3733b771c3dc409416a9695df40397cea53e7f39e21f76925fc0c74ca6ee7c7eafad92473fd8575"
}
]
\ No newline at end of file
......@@ -11,7 +11,7 @@ and Java LSP decoding
# Java executable can encode or decode
# a Clé location Specific Part (LSP)
CMD_JAVA = ['java', '-cp',
'../java/target/clea-crypto-0.0.1-SNAPSHOT-jar-with-dependencies.jar',
'../java/target/clea-crypto-0.0.2-SNAPSHOT-jar-with-dependencies.jar',
'fr.inria.clea.lsp.LspEncoderDecoder']
# C executable can encode t a Cléa LSP
CMD_C = ['../c/build/test_clea']
......
# The Cluster Exposure Verification (Cléa) Protocol: Specifications of the Lightweight Version
# The Cluster Exposure Verification (Cléa) Protocol: Specifications of Protocol Version 0
Vincent Roca, Antoine Boutet, Claude Castelluccia
......@@ -6,7 +6,7 @@ PRIVATICS team, Inria, France
{firstname.lastname}@inria.fr
**_Preliminary Draft (Work in Progress), current version, March XXX, 2021_**
**_Preliminary Draft (Work in Progress), current version, April 1st, 2021_**
----
......@@ -60,11 +60,21 @@ In practice, no information is uploaded to the server unless a client is tested
In that case, if the user explicitly agrees (informed consent), the application uploads the list of scanned QR codes during the past 14 days[^footnote-1] along with timing information to the central server, in order to enable a **_centralized anonymous cluster detection_**.
The server can detect clusters by considering the number of COVID+ users in a location at the same time, without having access to the name nor address of this location.
Then this central server updates its list of location temporary pseudonyms and time (with an hour granularity by default) corresponding to clusters.
<img src="img/CLEA_centralized_cluster_detection.jpg" alt="CLEA_centralized_cluster_detection.jpg" width="700"/>
_Figure 1: Centralized cluster detection. Here Alice, tested COVID+, agrees to upload her scanned QR codes to the CLEA backend server, which, after verifying the validity of the upload, identifies if some of the visited locations needs to be qualified as potential cluster._
In parallel, each Cléa application periodically downloads this list containing the latest clusters that have been identified, in order to check locally whether or not there is a match.
In case of a match, the user is informed with a "warning".
The exact type of warning message could be adjusted to reflect the risk level (e.g., if a very high number of COVID+ users have been identified in a cluster), which is out of scope of the present specification.
Therefore this solution follows a **_decentralized risk evaluation_**.
<img src="img/CLEA_decentralized_risk_evaluation.jpg" alt="CLEA_decentralized_risk_evaluation.jpg" width="600"/>
_Figure 2: Decentralized risk evaluation. Here Bob compares his scanned QR codes with the new potential cluster location pseudonyms in a first step, and if a match is found, if the corresponding period overlaps significantly with his own presence as stored in his local database._
[^footnote-1]: the 14 days number is provided as an example. The national health authority will define the appropriate epidemiological value that is considered the most appropriate, that may also depend on another considerations like the date of first symptoms when known. The details are out of scope of this document.
We believe that making public the list of location temporary UUIDs and time corresponding to clusters is an acceptable tradeoff, because this information is not per se sensitive health data (it does not reveal any user health information to an eavesdropper), although it can be considered as personal data (it is associated to the location manager)[^footnote-2].
......@@ -110,7 +120,7 @@ It should be noted that technical implementation considerations (e.g., the exact
Several technical requirements, in particular motivated by the compatibility with embedded devices, have shaped the design:
- each QR code contains a country specific URL ("deep link"), composed of a contry specific prefix (for instance: `https://tac.gouv.fr/` in case of France), and a location specific part, defined in Section [Dynamic QR code generation within the device](#dynamic-qr-code-generation-within-the-device).
- each QR code contains a country specific URL ("deep link"), composed of a contry specific prefix (for instance: `https://tac.gouv.fr?v=0#` in case of France), and a location specific part, defined in Section [Dynamic QR code generation within the device](#dynamic-qr-code-generation-within-the-device).
Therefore, any binary information of the location specific part, is first translated to a printable character, using a Base64 encoding, which adds a 33% overhead compared to the binary size (see [RFC4648](#references)).
Since the output of a Base64 encoding uses an alphabet of 65 characters, it is not compatible with the Alphanumeric Mode of a QR code (limited to 45 printable characters), and it requires the use of the 8-bit Byte Mode (see [QRcode18004](#references), Section~8.4.4).
......@@ -138,7 +148,7 @@ The following acronyms and variable names are used:
| Short name | Full Name | Description |
|----------------|---------------------------|----------------------------------------------------|
| `LSP` | locationSpecificPart | The QR code of a location, at any moment, contains a URL ("deep link"), structured as: `"country-specific-prefix" / "Base64(location-specific-part)"`. The location specific part, renewed periodically, contains information related to the location at a given time. |
| `SK_L` | permanentLocationSecretKey | Permanent location 480-bits secret key. This key is never communicated, but is shared by all the location devices. For instance, this key can be stored in a protected stable memory of a dedicated device (or set of devices) by the manufacturer. The manufacturer should also keep a record of this `SK_L` in a secure place if the location manager later asks for additional devices. An appropriate location manager authentication mechanism needs to be defined for that purpose that is out of the scope of this document. |
| `SK_L` | permanentLocationSecretKey | Permanent location 408-bits secret key. This key is never communicated, but is shared by all the location devices. For instance, this key can be stored in a protected stable memory of a dedicated device (or set of devices) by the manufacturer. The manufacturer should also keep a record of this `SK_L` in a secure place if the location manager later asks for additional devices. An appropriate location manager authentication mechanism needs to be defined for that purpose that is out of the scope of this document. |
| `{PK_SA, SK_SA}` | serverAuthorityPublicKey / SecretKey | Public/secret key ECDH pair of the Authority in charge of the backend server. The public key is known by all devices. |
| `{PK_MCTA, SK_MCTA}` | manualCTAuthorityPublicKey / SecretKey | Public/secret key ECDH pair of the Authority in charge of the manual contact tracing. The public key is known by all devices. It is assumed that this authority is different from the authority in charge of the backend server. |
| `LTKey` | locationTemporarySecretKey | Location temporary 256-bits secret key, specific to a given Location at a given period. This key is never communicated outside of the device(s). |
......@@ -230,10 +240,13 @@ Since the devices are not perfectly synchronized (device clock drifts), a small
The QR code of a location, at any moment, contains a URL ("deep link"), structured as:
```
"country-specific-prefix" / "Base64(location-specific-part)"
"country-specific-prefix" "Base64(location-specific-part)"
```
For instance, the country specific prefix is: `https://tac.gouv.fr/` in case of France.
This section defines the structure of the location specific part.
For instance, the country specific prefix is: `https://tac.gouv.fr?v=0#` in case of France, where:
`v=0`indicates it's protocol version 0;
the `#` character prevents the text that follows (namely the Base64 encoding of the location specific part) to be sent to the `tac.gouv.fr` server if the application is not already installed on the user terminal.
In the remaining of this section, we define the structure of the location specific part.
The QR code of a location is renewed when switching from one period to another (change of `LTKey`/`LTId`), but also periodically during the period.
This renewal during the period is automatic every `qrCodeRenewalInterval` seconds.
......@@ -743,6 +756,8 @@ It is recommended to allow this feature only on a device located in a safe place
### 3.11- Web-based static QR code generation and integration in other web-based services
#### The case of private events
The system is compatible with a Web-based service meant to generate a static QR code, for instance to let an individual generate a QR code in the context of a private event.
To that purpose, etc.
......@@ -750,6 +765,8 @@ To that purpose, etc.
- TODO: short description.
```
#### The case of electronic ticketing
This approach is also compatible with online electronic ticketing systems (e.g., for buses, shared rides, trains, or shows).
Along with a ticket, a ready to be scanned QR code can be added, to let the user register their presence.
The QR code is necessarily static, a single LTKey/LTId being generated for the location/event.
......@@ -829,27 +846,27 @@ However, the risk being assessed locally, by default, the authority will not kno
| `n` | Order of `G` |
| `S` | Shared secret |
| `K` | Derived key for symetric encryption |
| `IV` | AES-GCM IV set to the 96-bit constant value `0xF01F2F3F4F5F6F7F8F9FAFB` (big endian encoding) |
| `C0` | Ephemeral public key |
### A.2- Pseudo-code:
```
Enc(key, msg):
Enc(pub_key, msg):
-Draw an ephemeral private key r in [1, n-1]
-Compute C0 = r * G
-Compute S = r * PK_SA
-Compute S = r * pub_key
-Compute K = KDF1(C0 | S)
-Compute (emsg, tag) = AES-256-GCM(K, msg)
-Compute emsg = AES-256-GCM(K, IV, msg) and tag = GMAC(K, IV, emsg)
-Return (emsg, tag, C0)
```
```
Dec(key, emsg, tag, C0):
-Compute S = SK_SA * C0
Dec(priv_key, emsg, tag, C0):
-Compute S = priv_key * C0
-Compute K = KDF1(C0 | S)
-Compute (msg, tag') = AES-256-GCM(K, emsg)
-Assert(tag == tag')
-Return msg
-Compute msg = AES-256-GCM(K, IV, emsg) and tag' = GMAC(K, IV, emsg)
-if(tag == tag') return msg else raise error
```
Note that in computation of K with the KDF1 function C0 is represented in its compressed form as specified in ANSI X9.62 (i.e. 33 bytes) and S is represented by its X coordinate (i.e. 32 bytes)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment