%0 Journal Article
%T Replay Attack Prevention in Decentralised Contact
Tracing: A Blockchain-Based Approach
%A Lavanya-Nehan Degambur
%J Open Access Library Journal
%V 11
%N 2
%P 1-17
%@ 2333-9721
%D 2024
%I Open Access Library
%R 10.4236/oalib.1111179
%X Digital contact tracing solutions have aided humanity in the first line of de-fense against the COVID-19 pandemic, but not without major technical drawbacks such as attacks against digital contact tracing technology and loss of privacy and security. The most popularly used digital contact tracing system is the decentralised DP-3T protocol and it suffers from the replay attack. A re-play attack involves taking contact tracing data from one location and re-transmitting it to another location and creating multiple issues such as false positive cases and inhibiting the COVID-19 pandemic fight. This project¡¯s aim was to try to prevent replay attacks in digital contact tracing systems using blockchain. The research methodology used was an empirical study using both qualitative and quantitative techniques. A literature review was performed by systematically reviewing and analyzing digital contact tracing concepts, theo-ries, and research work. The DP-3T protocol was critically analysed to discover the threat surface that is vulnerable to replay attacks. A remodeled version of the DP-3T protocol was proposed by applying blockchain technology to store different keys and broadcast data, using hash values of location coordinates to ensure privacy, redefining the roles of participating entities, and enabling the authentication and validation of data using the blockchain when received by a user. The proposed solution was implemented and tested in a Python simula-tion. The simulation was input with real-life data which was saved on the blockchain, and broadcasts were simulated between senders and receivers be-fore simulating replay attacks. Hence, all replay attacks are prevented during the Normal Operation phase of the protocol owing to the four layers of condi-tions verifications and validations that must be performed on a received broadcast. As compared with the DP-3T protocol, Vaudenay¡¯s Interactive Protocol and Pietrzak¡¯s Delayed Authentication scheme, our proposed solution prevents 100% of replay attacks and protects user privacy.
%K COVID-19
%K Decentralised Digital Contact Tracing
%K DP-3T
%K Blockchain
%K Privacy
%U http://www.oalib.com/paper/6815244