The payload is what allows identity and distance estimation information to be shared. The payload can also include cryptographic information that allows detection and prevention of Relay and Replay attacks, and prevent misuse of mobile contact tracing by mischievous individuals or hostile state actors.
Whilst our Protocol allows you to use any payload you wish, we are suggesting the below envelope payload in order to maximise international interoperability and security.
The Herald protocol allows any payload to be transported over it. We do also provide a recommended envelope header for all apps, and two contact tracing example payloads:-
We provide a recommended Herald Envelope header that allows international interoperability between any app, centralised or decentralised, whether for contact tracing or other uses.
We are working on a DRAFT Herald Secured inner payload as the inner payload as this provides maximum epidemiological information to the health authority whilst maintaining privacy by keeping the contact event ‘node’ identified from the contact graph on individuals’ mobile phones only.
Benefits of our secure payload include:-
We also provide a simpler Herald Simple inner payload for basic decentralised contact tracing.
Every contact tracing app must allow the sharing of the below information
Every payload must also consider the following security and privacy issues.
The combined Herald inner and envelope payloads provide a hybrid model. A contact graph where only one side of the graph is identified is present on the health authority’s server, and all exact contact event pairwise information (but no identity information) is stored on each phone. The exchange method also prevents spoofing, relay, and replay attacks.
In a pure decentralised protocol, just generate the ClientID (rotation key) using a symmetric master key that is only stored in the secure enclave of your phone, and not shared with anyone.
In a pure centralised protocol we recommend a forward secure ClientID generated from a symmetric key which is agreed upon by both server (health authority providing the app) and client (the mobile app) using a Diffie-Hellman key agreement approach.
Using our protocol and envelope payload allows apps from countries using both centralised and decentralised approaches to interoperate, maximising interoperability whilst assuring privacy and security.
A pure decentralised approach has some drawbacks, both for epidemiology and security. These are described in our Contact tracing introduction.