Watch the stream
Workshop should go as follows:
Part 1: Quick review on the Apple-Google exposure notification protocol, split into 3 main parts
1- Broadcast of rolling proximity identifiers over Bluetooth LE and scanning for such identifiers transmitted by nearby devices.
2- Transmission of temporary exposure keys, from which rolling proximity indentifiers are generated, to public health authorities upon diagnosis.
3- Key matching protocol occurring on device to determine if the owner was in close proximity to another user who then tested positive, triggering the notification.
Part 2: Setting up and test the Bluefruit LE sniffer
Part 3: Walk-through of the Bluetooth portion of the protocol code that is to be compiled and flashed on the ESP Vroom 32. That covers the scanning code, the advertising code and critical data structures involved.
Part 4: Build, compile and flash the ESP Vroom32. Run the Bluefruit sniffer to see rolling proximity identifiers being transmitted. Play with timeouts to see identifiers being rotated.
Part 5: Conclusion
Participants should prepare by:
Clone the repository on GitHub https://github.com/Marc-andreLabonte/MCUTrace
Review of the Google and Apple Documents, procure ESP Vroom 32 and Bluefruit LE sniffer, setup the ESP IDF tool chain.
Setting up the ESP IDF tool chain: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/
Google and Apple Documents:
- https://blog.google/documents/58/Contact_Tracing_-_Bluetooth_Specification_v1.1_RYGZbKW.pdf
- https://www.blog.google/documents/62/Exposure_Notification_-_Bluetooth_Specification_v1.1.pdf
- https://developers.google.com/android/exposure-notifications/verification-system
- https://www.blog.google/documents/60/Exposure_Notification_-_Cryptography_Specification_v1.1.pdf
- https://github.com/google/exposure-notifications-internals
- https://developer.apple.com/documentation/exposurenotification/setting_up_a_key_server
Participants must have the following equipment:
- Bluefruit bluetooth sniffer, e.g. this one from Mouser -The Android application "Beacon Scope" would work for those who don't have the sniffer.
-
ESP Vroom 32 development board, e.g. this one from Amazon
-
The NSEC 2021 badge is also using the ESP32 and works for the workshop
Marc-André Labonté ,
Marc-andre Labonte was a system administrator for more than a decade at the McGill Genome Center while it was known as the McGill University and Genome Quebec Innovation Center. There, he took part in the design, deployment, operation and maintenance of the data center as it went through multiple upgrade cycles to accommodate ever powerful high throughput genome sequencers coming to market.
Then, he joined the ETTIC team at Desjardins in 2016 as infrastructure penetration tester. Currently doing vulnerability research on IOT devices, he also presented "Automated contact tracing experiment on ESP Vroom32" workshop at NSEC in 2021. His work is motivated by curiosity and a strong sense of personal privacy in a world of connected devices and data hungry organizations.