HOME

TheInfoList



OR:

The Temporary Contact Numbers Protocol, or TCN Protocol, is an
open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
,
decentralized Decentralization or decentralisation is the process by which the activities of an organization, particularly those regarding planning and decision making, are distributed or delegated away from a central, authoritative location or group. Conce ...
, anonymous exposure alert protocol developed by Covid Watch in response to the
COVID-19 pandemic The COVID-19 pandemic, also known as the coronavirus pandemic, is an ongoing global pandemic of coronavirus disease 2019 (COVID-19) caused by severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The novel virus was first identif ...
. The Covid Watch team, started as an independent research collaboration between
Stanford University Stanford University, officially Leland Stanford Junior University, is a private research university in Stanford, California. The campus occupies , among the largest in the United States, and enrolls over 17,000 students. Stanford is consider ...
and the
University of Waterloo The University of Waterloo (UWaterloo, UW, or Waterloo) is a public research university with a main campus in Waterloo, Ontario Waterloo is a city in the Canadian province of Ontario. It is one of three cities in the Regional Municipality ...
was the first in the world to publish a
white paper A white paper is a report or guide that informs readers concisely about a complex issue and presents the issuing body's philosophy on the matter. It is meant to help readers understand an issue, solve a problem, or make a decision. A white paper ...
, develop, and open source fully anonymous Bluetooth exposure alert technology in collaboration with CoEpi after writing a blog post on the topic in early March. Covid Watch's TCN Protocol received significant news coverage and was followed by similar decentralized protocols in early April 2020 like DP-3T, PACT, and Google/Apple
Exposure Notification The (Google/Apple) Exposure Notification (GAEN) system, originally known as the Privacy-Preserving Contact Tracing Project, is a framework and protocol specification developed by Apple Inc. and Google to facilitate digital contact tracing during ...
framework A framework is a generic term commonly referring to an essential supporting structure which other things are built on top of. Framework may refer to: Computing * Application framework, used to implement the structure of an application for an op ...
. Covid Watch then helped other groups like the TCN Coalition and MIT SafePaths implement the TCN Protocol within their open source projects to further the development of decentralized technology and foster global interoperability of contact tracing and exposure alerting apps, a key aspect of achieving widespread adoption. Covid Watch volunteers and nonprofit staff also built a fully open source mobile app for sending anonymous exposure alerts first using the TCN Protocol and later using the very similar Google/Apple Exposure Notification Framework (ENF). The protocol, like
BlueTrace BlueTrace is an open-source application protocol that facilitates digital contact tracing of users to stem the spread of the COVID-19 pandemic. Initially developed by the Singaporean Government, BlueTrace powers the contact tracing for the TraceT ...
and the
Google / Apple contact tracing project The (Google/Apple) Exposure Notification (GAEN) system, originally known as the Privacy-Preserving Contact Tracing Project, is a framework and protocol specification developed by Apple Inc. and Google to facilitate digital contact tracing during ...
, use
Bluetooth Low Energy Bluetooth Low Energy (Bluetooth LE, colloquially BLE, formerly marketed as Bluetooth Smart) is a wireless personal area network technology designed and marketed by the Bluetooth Special Interest Group (Bluetooth SIG) aimed at novel applications in ...
to track and log encounters with other users. The major distinction between TCN and protocols like BlueTrace is the fact the central reporting server never has access to contact logs nor is it responsible for processing and informing clients of contact. Because contact logs are never transmitted to third parties, it has major privacy benefits over approaches like the one used in BlueTrace. This approach however, by its very nature, does not allow for human-in-the-loop reporting, potentially leading to false positives if the reports are not verified by public health agencies. The TCN protocol received notoriety as one of the first widely released digital contact tracing protocols alongside BlueTrace, the Exposure Notification framework, and the
Pan-European Privacy-Preserving Proximity Tracing Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT/PEPP) is a full-stack open protocol designed to facilitate digital contact tracing of infected participants. The protocol was developed in the context of the ongoing COVID-19 pandemic. Th ...
(PEPP-PT) project. It also stood out for its incorporation of
blockchain A blockchain is a type of distributed ledger technology (DLT) that consists of growing lists of records, called ''blocks'', that are securely linked together using cryptography. Each block contains a cryptographic hash of the previous block, a ...
technology, and its influence over the Google/Apple project.


Overview

The TCN protocol works off the basis of Temporary Contact Numbers (TCN), semi-random identifiers derived from a seed. When two clients encounter each other, a unique TCN is generated, exchanged, and then locally stored in a contact log. Then, once a user tests positive for infection, a report is sent to a central server. Each client on the network then collects the reports from the server and independently checks their local contact logs for a TCN contained in the report. If a matching TCN is found, then the user has come in close contact with an infected patient, and is warned by the client. Since each device locally verifies contact logs, and thus contact logs are never transmitted to third parties, the central reporting server cannot by itself ascertain the identity or contact log of any client in the network. This is in contrast to competing protocols like BlueTrace, where the central reporting server receives and processes client contact logs.


Temporary contact numbers

The entire protocol is based on the principle of ''temporary contact numbers'' (TCN), a unique and anonymous 128-bit identifier generated deterministically from a seed value on a client device. TCNs are used to identify people with which a user has come in contact, and the seed is used to compactly report infection to a central reporting server. TCN reports are authenticated to be genuine by a secret held only by the client.


Generation

To generate a TCN, first a ''report authorization key'' (RAK) and ''report verification key'' (RVK) are created as the signing and verification keys of a signature scheme (RAK-RVK pair). In the reference implementation this pair is created using the
Ed25519 In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature schemes ...
signature scheme. Then, using the RAK an initial ''temporary contact key'' (TCK) is generated using the algorithm tck_ = H\_tck(rak) , where H\_tck() is the
SHA-256 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...
hash function A hash function is any function that can be used to map data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or simply ''hashes''. The values are usually u ...
as H\_tck(s) = SHA256(\text\_\text, , s) . This TCK is not used to generate any TCNs, but is used in the next TCK; where all future TCKs are calculated using the algorithm tck_ = H\_tck(rvk , , tck_) . A 128 bit TCN is then generated from a given TCK using the algorithm tcn_ = H\_tcn(le\_u16(i) , , tck_) , where le\_u16() formats a supplied number as a
little endian In computing, endianness, also known as byte sex, is the order or sequence of bytes of a word of digital data in computer memory. Endianness is primarily expressed as big-endian (BE) or little-endian (LE). A big-endian system stores the most sig ...
unsigned 2 byte integer, and H\_tcn() is the SHA-256 hash function as H\_tcn(s) = SHA256(\text\_\text, , s) :128. The following diagram demonstrates the key derivation process:TCNs are unique to each device encounter, and RAK-RVK pairs are cycled at regular intervals to allow a client to report only specific periods of contact.


Reporting

When a client wishes to submit a report for the TCN indices s > 0 to e , it structures the report as report = rvk , , tck_ , , le\_u16(s) , , le\_u16(e) , , memo . A signature is then calculated using the RAK, and it is transmitted to the server as s\_report = report, , sig . Because any given TCK can only be used to derive an equal or higher indexed TCNs, by submitting tck_ no encounters prior to tcn_ can be calculated. However, there is no upper limit to encounters calculated using the same RAK-RVK pair, which is why they are cycled often. To prevent clients calculating unused TCNs, e indicates the last TCN index generated with the given RVK. Additionally, since the RVK is used to calculate a TCK, and tck_ is provided, no valid TCNs in the reporting period can be derived from an illegitimate report. The only correct TCN calculable from a mismatched RVK and tck_ is tcn_ , the TCN before the start of the reporting period. Once a report is received, clients individually recalculate TCKs and TCNs for a given period using the original algorithms: \begin tck_s = H\_tck(rvk , , tck_)\\ tcn_ = H\_tcn(le\_u16(s) , , tck_)\\ tck_ = H\_tck(rvk , , tck_)\\ tcn_ = H\_tcn(le\_u16(s+1) , , tck_)\\ ...\\ tck_ = H\_tck(rvk , , tck_)\\ tcn_ = H\_tcn(le\_u16(e) , , tck_) \end This is used by client devices to check their local contact logs for potential encounters with the infected patient, but has the dual benefit of verifying reports since false reports will never produce matching TCNs.


Memo

In the report structure, the memo is a space for freeform messages that differ between TCN implementations. The section is between 2 and 257 bytes, and made up of a tag identifying the specific implementation, as well as a data and data length pair. It is formatted as memo = tag , , len(data) , , data . The data is standardized for different tags, and can be as follows:


Technical specification

The protocol can be divided into two responsibilities: an encounter between two devices running TCN apps, and the notification of potential infection to users that came in contact with a patient. For the purposes of this specification, these areas are named the ''encounter handshake'', and ''infection reporting''. The ''encounter handshake'' runs on Bluetooth LE and defines how two devices acknowledge each other's presence. The ''infection reporting'' is built on
HTTPS Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is enc ...
and defines how infection notices are distributed among clients.


Encounter handshake

When two devices come within range of each other, they exchange a handshake containing TCNs. In order to achieve this the encounter handshake operates in two modes (both with two sub-modes), broadcast oriented and connection oriented. Broadcast oriented operates using the modes broadcaster and observer, while connection oriented operates using peripheral and central. The two modes are used to circumvent certain device limitations, particularly in regard to iOS restrictions in place before version 13.4. In both modes the protocol is identified with the 16 bit
UUID A universally unique identifier (UUID) is a 128-bit label used for information in computer systems. The term globally unique identifier (GUID) is also used. When generated according to the standard methods, UUIDs are, for practical purposes, uni ...
. In broadcast mode, a broadcaster advertises a 16-byte TCN using the service data field of the advertisement data. The observer reads the TCN from this field. In connection-oriented mode, the peripheral advertises using the UUID. The service exposes a read and writeable packet for sharing TCNs. After sharing a TCN, the central disconnects from the peripheral.


Infection reporting

When a user tests positive for infection, they upload a signed report, allowing the past 14 days of encounters to be calculated, to a central server. On a regular basis, client devices download reports from the server and check their local contact logs using the verification algorithm. If there is a matching record, the app notifies the user to potential infection.


TCN Coalition

On 5 April 2020, the global TCN Coalition was founded by Covid Watch and other groups that had coalesced around what was essentially the same approach and largely overlapping protocols, with the goal to reduce fragmentation, and enable global interoperability of tracing and alerting apps, a key aspect of achieving widespread adoption. The TCN Coalition also helped establish the Data Rights for Digital Contact Tracing and Alerting framework, which functions as a bill of rights for users of such apps. Currently the protocol is used by TCN Coalition members CoEpi and Covid Watch, and was likely a source of inspiration for the similar
Google / Apple contact tracing project The (Google/Apple) Exposure Notification (GAEN) system, originally known as the Privacy-Preserving Contact Tracing Project, is a framework and protocol specification developed by Apple Inc. and Google to facilitate digital contact tracing during ...
.


See also

*
BlueTrace BlueTrace is an open-source application protocol that facilitates digital contact tracing of users to stem the spread of the COVID-19 pandemic. Initially developed by the Singaporean Government, BlueTrace powers the contact tracing for the TraceT ...
*
Google / Apple contact tracing project The (Google/Apple) Exposure Notification (GAEN) system, originally known as the Privacy-Preserving Contact Tracing Project, is a framework and protocol specification developed by Apple Inc. and Google to facilitate digital contact tracing during ...
*
Pan-European Privacy-Preserving Proximity Tracing Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT/PEPP) is a full-stack open protocol designed to facilitate digital contact tracing of infected participants. The protocol was developed in the context of the ongoing COVID-19 pandemic. Th ...


References


External links


Covid Watch

TCN Coalition

Specification and reference implementation
{{FOSS Application layer protocols Computer-related introductions in 2020 Software associated with the COVID-19 pandemic Bluetooth software Medical software Android (operating system) software IOS software 2020 software Software using the MIT license Digital contact tracing protocols Digital contact tracing protocols with decentralized reporting