Results 1 - 10
of
12
Defining privacy for weighted votes, single and multi-voter coercion
- IN: ESORICS 2012. LNCS
, 2012
"... Most existing formal privacy definitions for voting protocols are based on observational equivalence between two situations where two voters swap their votes. These definitions are unsuitable for cases where votes are weighted. In such a case swapping two votes can result in a different outcome and ..."
Abstract
-
Cited by 8 (4 self)
- Add to MetaCart
Most existing formal privacy definitions for voting protocols are based on observational equivalence between two situations where two voters swap their votes. These definitions are unsuitable for cases where votes are weighted. In such a case swapping two votes can result in a different outcome and both situations become trivially distinguishable. We present a definition for privacy in voting protocols in the applied π-calculus that addresses this problem. Using our model, we are also able to define multi-voter coercion, i.e. situations where several voters are attacked at the same time. Then we prove that under certain realistic assumptions a protocol secure against coercion of a single voter is also secure against coercion of multiple voters. This applies for Receipt-Freeness as well as Coercion-Resistance.
Formal Verification of e-Auction protocols
"... Abstract. Auctions have a long history, having been recorded as early as 500 B.C.. With the rise of Internet, electronic auctions have been a great success and are increasingly used. Many cryptographic protocols have been proposed to address the various security requirements of these electronic tran ..."
Abstract
-
Cited by 4 (2 self)
- Add to MetaCart
Abstract. Auctions have a long history, having been recorded as early as 500 B.C.. With the rise of Internet, electronic auctions have been a great success and are increasingly used. Many cryptographic protocols have been proposed to address the various security requirements of these electronic transactions. We propose a formal framework to analyze and verify security properties of e-Auction protocols. We model protocols in the Applied Pi-Calculus and define privacy notions, which include secrecy of bids, anonymity of the participants, receiptfreeness and coercion-resistance. We also discuss fairness, non-repudiation and non-cancellation. Additionally we show on two case studies how these properties can be verified automatically using ProVerif, and discover several attacks. 1
Privacy and Verifiability in Voting Systems: Methods, Developments and Trends
, 2013
"... One of the most challenging aspects in computer-supported voting is to combine the apparently conflicting requirements of privacy and verifiability. On the one hand, privacy requires that a vote cannot be traced back from the result to a voter, while on the other hand, verifiability states that a vo ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
One of the most challenging aspects in computer-supported voting is to combine the apparently conflicting requirements of privacy and verifiability. On the one hand, privacy requires that a vote cannot be traced back from the result to a voter, while on the other hand, verifiability states that a voter can trace the effect of her vote on the result. This can be addressed using various privacy-enabling cryptographic primitives which also offer verifiability. As more and more refined voting systems were proposed, understanding of first privacy and later verifiability in voting increased, and notions of privacy as well as notions of verifiability in voting became increasingly more refined. This has culminated in a variety of verifiable systems that use cryptographic primitives to ensure specific kinds of privacy. However, the corresponding privacy and verifiability claims are not often verified independently. When they are investigated, claims have been invalidated sufficiently often to warrant a cautious approach to them. The multitude of notions, primitives and proposed solutions that claim to achieve both privacy and verifiability form an interesting but complex landscape. The purpose of this paper is to survey this landscape by providing an overview of the methods, developments and current trends regarding privacy and verifiability in voting systems.
A formal framework for modelling coercion resistance and receipt freeness.
, 2012
"... Abstract. Coercion resistance and receipt freeness are critical properties for any voting system. However, many different definitions of these properties have been proposed, some formal and some informal; and there has been little attempt to tie these definitions together or identify relations betw ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract. Coercion resistance and receipt freeness are critical properties for any voting system. However, many different definitions of these properties have been proposed, some formal and some informal; and there has been little attempt to tie these definitions together or identify relations between them. We give here a general framework for specifying different coercion resistance and receipt freeness properties using the process algebra CSP. The framework is general enough to accommodate a wide range of definitions, and strong enough to cover both randomization attacks and forced abstention attacks. We provide models of some simple voting systems, and show how the framework can be used to analyze these models under different definitions of coercion resistance and receipt freeness. Our formalisation highlights the variation between the definitions, and the importance of understanding the relations between them.
Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy
"... Abstract. In recent years, a number of infrastructures have been pro-posed for the collection and distribution of medical data for research purposes. The design of such infrastructures is challenging: on the one hand, they should link patient data collected from different hospitals; on the other han ..."
Abstract
-
Cited by 2 (2 self)
- Add to MetaCart
(Show Context)
Abstract. In recent years, a number of infrastructures have been pro-posed for the collection and distribution of medical data for research purposes. The design of such infrastructures is challenging: on the one hand, they should link patient data collected from different hospitals; on the other hand, they can only use anonymised data because of privacy regulations. In addition, they should allow data depseudonymisation in case research results provide information relevant for patients ’ health. The privacy analysis of such infrastructures can be seen as a problem of data minimisation. In this work, we introduce coalition graphs, a graph-ical representation of knowledge of personal information to study data minimisation. We show how this representation allows identification of privacy issues in existing infrastructures. To validate our approach, we use coalition graphs to formally analyse data minimisation in two (de)-pseudonymisation infrastructures proposed by the Parelsnoer initiative. 1
Automated Symbolic Proofs of Observational Equivalence
"... Many cryptographic security definitions can be naturally formulated as observational equivalence properties. How-ever, existing automated tools for verifying the observational equivalence of cryptographic protocols are limited: they do not handle protocols with mutable state and an unbounded number ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Many cryptographic security definitions can be naturally formulated as observational equivalence properties. How-ever, existing automated tools for verifying the observational equivalence of cryptographic protocols are limited: they do not handle protocols with mutable state and an unbounded number of sessions. We propose a novel definition of obser-vational equivalence for multiset rewriting systems. We then extend the Tamarin prover, based on multiset rewriting, to prove the observational equivalence of protocols with muta-ble state, an unbounded number of sessions, and equational theories such as Diffie-Hellman exponentiation. We demon-strate its effectiveness on case studies, including a stateful TPM protocol.
Expressing Receipt-Freeness and Coercion-Resistance in Logics of Strategic Ability: Preliminary Attempt
"... ABSTRACT Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness and coercion resistance are underpinned by existence (or nonexistence) of a suitable s ..."
Abstract
- Add to MetaCart
(Show Context)
ABSTRACT Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness and coercion resistance are underpinned by existence (or nonexistence) of a suitable strategy for some participants of the voting process. In order to back the argument formally, we provide logical "transcriptions" of the informal intuitions behind coercion-related properties that can be found in the existing literature. The transcriptions are formulated in the modal game logic ATL * , well known in the area of multi-agent systems.
Computer Aided Security For Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks.
, 2013
"... Habilitation à diriger des recherches soutenue publiquement le 6 Novembre ..."
Abstract
- Add to MetaCart
Habilitation à diriger des recherches soutenue publiquement le 6 Novembre
For Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks.
"... Habilitation à diriger des recherches soutenue publiquement le 6 Novembre ..."
Abstract
- Add to MetaCart
Habilitation à diriger des recherches soutenue publiquement le 6 Novembre
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
, 2014
"... With the growing amount of personal information exchanged over the Internet, privacy is becoming more and more a concern for users. One of the key princi-ples in protecting privacy is data minimisation. This principle requires that only the minimum amount of information necessary to accomplish a cer ..."
Abstract
- Add to MetaCart
(Show Context)
With the growing amount of personal information exchanged over the Internet, privacy is becoming more and more a concern for users. One of the key princi-ples in protecting privacy is data minimisation. This principle requires that only the minimum amount of information necessary to accomplish a certain goal is col-lected and processed. “Privacy-enhancing ” communication protocols have been proposed to guarantee data minimisation in a wide range of applications. How-ever, currently there is no satisfactory way to assess and compare the privacy they offer in a precise way: existing analyses are either too informal and high-level, or specific for one particular system. In this work, we propose a general formal frame-work to analyse and compare communication protocols with respect to privacy by data minimisation. Privacy requirements are formalised independent of a particular protocol in terms of the knowledge of (coalitions of) actors in a three-layer model of personal information. These requirements are then verified automatically for particular protocols by computing this knowledge from a description of their com-munication. We validate our framework in an identity management (IdM) case study. As IdM systems are used more and more to satisfy the increasing need for reliable on-line identification and authentication, privacy is becoming an increas-ingly critical issue. We use our framework to analyse and compare four identity management systems. Finally, we discuss the completeness and (re)usability of the proposed framework. 1
