[tor-dev] Building a privacy-preserving "contact tracing" app
teor
teor at riseup.net
Fri Apr 24 07:15:16 UTC 2020
Hi Adrien,
> On 22 Apr 2020, at 16:35, Adrien Luxey <adrien at luxeylab.net> wrote:
>
> The French state is making a glosing about the "privacy-preserving", "anonymous" contact tracing app they are developing with Inria (national informatics research agency). You can check about the protocol proposal, ROBERT, here: https://github.com/ROBERT-proximity-tracing/documents (in English!)
>
> As you would expect, the proposal is not privacy-preserving unless you believe the State would never ever misbehave, e.g. link IP address to identity with the help of ISPs etc. There is some relevant criticism here: https://github.com/ROBERT-proximity-tracing/documents/issues/6
Not just the French state, lots of them are doing it :-(
> I'd like to propose a really private "contact tracing" counter-proposal, which would use Tor's onion services for sender-receiver anonymity. Not that I am a proponent of the idea, but we need to come up with alternatives in the debate.
There are a few decent privacy-preserving contact protocols.
I'd give you links, but I can't find them right now.
(Search engines are doing weird things to covid searches, and I can't remember my friends' twitter handles. Oops!)
> My question is: would the Tor community agree on having StopCovid's traffic go through its net? In my proposal, I would only broadcast a message from a declared COVID-positive person to all its recent contacts; the proximity sensing would remain Bluetooth. Still, deployed at the scale of a country, it's a lot of traffic.
How much traffic will the app use?
How many users?
The Tor network currently handles about 70 Gigabits per second of user traffic. This graph shows the traffic for all relays. There are usually 3 relays in each user circuit:
https://metrics.torproject.org/bandwidth.html
Tor currently has a few million active users:
https://metrics.torproject.org/userstats-relay-country.html
I'm sure we'd love to help. But maybe the Tor network can't scale to hundreds of millions of people using an app?
T
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20200424/f2c5285d/attachment.sig>
More information about the tor-dev
mailing list