Apple/Google contact tracing

The approach to contact tracing taken by the Apple/Google project


  • Smartphones broadcast “Rolling Proximity Identifiers” via Bluetooth Low Energy (BLE) every 200-270ms.
  • Smartphones record these “Rolling Proximity Identifiers” that they detect in their environment, including when the signal was detected (but not where) and RSSI.
  • These “Rolling Proximity Identifiers” are cryptographically secure and change every 10 minutes.
  • The “Rolling Proximity Identifier” functionality is built into the smartphone operating system; Public Health Systems develop Apps for their regions based on this functionality.
  • When an App User has been tested positive for the virus (“Affected User”), their App uploads “Diagnosis Keys” and dates of possible infectiousness to a central server operated by the Public Health System.
  • App Instances of other users (potentially “Exposed User”) frequently download all Diagnosis Keys from the central server. Due to the way the keys are cryptographically related to each other, potentially-recorded “Rolling Proximity Identifiers” advertised by the infected person’s App Instance can be reconstructed.
  • If a match occurs, the App User may have been exposed to an infected other App User.


Known cryptographic vulnerabilities



Commentary / analysis:

Views from independent security researchers: