SecureABC: Secure AntiBody Certificates for COVID-19

COVID-19 has resulted in unprecedented social distancing policies being enforced worldwide. As governments seek to restore their economies, open workplaces and permit travel there is a demand for technologies that may alleviate the requirement for social distancing whilst also protecting healthcare services. In this work we explore the controversial technique of so-called immunity passports and present SecureABC: a decentralised, privacy-preserving protocol for issuing and verifying antibody certificates. We consider the implications of antibody certificate systems, develop a set of risk-minimising principles and a security framework for their evaluation, and show that these may be satisfied in practice. Finally, we also develop two additional protocols that minimise individual discrimination but which still allow for collective transmission risk to be estimated. We use these two protocols to illustrate the utility-privacy trade-offs of antibody certificates and their alternatives.