About ARCTIC - the Digital Vaccination Certificate
Due to the ongoing COVID-19 pandemic, the issue of a “Proof of Vaccination” has been raised in multiple countries. In my thesis, I compare the Swiss Covid Certificate and a centralized approach against my own proposed solution: ARCTIC
Introduction
The core properties a "Proof of Vaccination" must fulfill include non-forgeability and protection of the certificate holder's privacy. Moreover, the verification procedure must be both easy and sound. In my thesis, I compare existing state level solutions, pointing out their strengths and weaknesses in the given context for the above mentioned properties.
Objectives
The objectives when designing ARCTIC were clear: build a solution to the Proof of Vaccination problem that protects the privacy of the certificate holders at least as well as existing solutions, while also making the verification procedure easier, yet still sound, through automation. A further goal was to analyze and compare existing solutions, especially the Swiss Covid Certificate, both because it is relevant to Switzerland, and because it is built on the European Union's Digital Green Certificate, making it relevant for the entire EU.
ARCTIC
ARCTIC is my proposed solution for a Proof of Vaccination. It is Automatically Readable by computers, which simplifies the verification procedure for human verifiers and enables automated gates based on the certificate. It is based on a Chain of Trust, meaning that, while there is a centralized authority, it does not issue certificates directly. Thus the vaccination data is kept between the certificate holder and the person performing the vaccination. And it is an Immunization Certificate, in that it is based on FHIR (Fast Healthcare Interoperability Resources) Immunization records and cryptographically secured. ARCTIC has advantages in terms of availability, convenience, and soundness when compared to other solutions, and enables automated certificate verification.