As governments around the world decide to deploy digital health passports as a tool to curb the spread of Covid-19, it becomes increasingly importation to consider how these can be constructed with privacy by design. In this paper we discuss the privacy and security issues of common approaches to constructing digital health passports. We then show how to construct, and deploy, secure and private digital health passports, in a simple and efficient manner. We do so by using a protocol for distributed password-based token issuance, secret sharing and leveraging modern smart phones' secure hardware. Our solution only requires a constant amount of asymmetric cryptographic operations and a single round of communication between the user and the party verifying the user's digital health passport, and only two rounds between the user and the server issuing the digital health passport.
翻译:随着世界各国政府决定使用数字健康护照作为遏制Covid-19扩散的工具,人们越来越多地进口这些护照,以考虑如何通过设计来建立隐私。在本文件中,我们讨论了建造数字健康护照的共同办法的隐私和安全问题。然后我们以简单、高效的方式展示了如何建造、部署和部署安全和私人数字健康护照的隐私和安全问题。我们这样做的方式是使用一个协议来分发基于密码的代号发放、秘密分享和利用现代智能手机的安全硬件。我们的解决办法只需要经常进行不对称加密操作,用户和核实用户数字健康护照的一方之间只进行一轮通信,用户和签发数字健康护照的服务器之间只有两轮。