Verifying Privacy by Little Interaction and No Process Equivalence

Denis Butin, Giampaolo Bella

Abstract

While machine-assisted verification of classical security goals such as confidentiality and authentication is well-established, it is less mature for recent ones. Electronic voting protocols claim properties such as voter privacy. The most common modelling involves indistinguishability, and is specified via trace equivalence in cryptographic extensions of process calculi. However, it has shown restrictions. We describe a novel model, based on unlinkability between two pieces of information. Specifying it as an extension to the Inductive Method allows us to establish voter privacy without the need for approximation or session bounding. The two models and their latest specifications are contrasted.

References

  1. Bella, G. (2007). Formal Correctness of Security Protocols. Information Security and Cryptography. Springer.
  2. Blanchet, B. (1998). An efficient cryptographic protocol verifier based on Prolog rules. In Proc. of the 14th IEEE Computer Security Foundations Workshop (CSFW'01), pages 82-96. IEEE Press.
  3. Blanchet, B., Abadi, M., and Fournet, C. (2008). Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming, 75(1):3-51.
  4. Blanchet, B. and Podelski, A. (2005). Verification of cryptographic protocols: tagging enforces termination. Theoretical Computer Science, 333(1-2):67-90. Special issue FoSSaCS'03.
  5. Chadha, R., Ciobaˆca?, S¸ ., and Kremer, S. (2012). Automated verification of equivalence properties of cryptographic protocols. In Programming Languages and Systems -Proceedings of the 21th European Symposium on Programming (ESOP'12), Lecture Notes in Computer Science. Springer. To appear.
  6. Delaune, S., Kremer, S., and Ryan, M. (2009). Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security, 17(4):435-487.
  7. Delaune, S., Kremer, S., and Ryan, M. D. (2010). Verifying privacy-type properties of electronic voting protocols: A taster. In Towards Trustworthy Elections - New Directions in Electronic Voting, volume 6000 of Lecture Notes in Computer Science, pages 289-309. Springer.
  8. Delaune, S., Ryan, M., and Smyth, B. (2008). Automatic verification of privacy properties in the applied pi calculus. Syntax, 263/2008:263278.
  9. Fujioka, A., Okamoto, T., and Ohta, K. (1993). A practical secret voting scheme for large scale elections. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, ASIACRYPT 'a92, pages 244-251. SpringerVerlag.
  10. Kremer, S. and Ryan, M. (2005). Analysis of an electronic voting protocol in the applied pi calculus. In In Proc. 14th European Symposium On Programming (ESOP05), volume 3444 of LNCS, pages 186-200. Springer.
  11. Martina, J. E. and Paulson, L. C. (2011). Verifying multicast-based security protocols using the inductive method. In Workshop on Formal Methods and Cryptography (CryptoForma 2011).
  12. Paulson, L. C. (1998). The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85-128.
  13. Schneider, S. and Sidiropoulos, A. (1996). CSP and anonymity. In In European Symposium on Research in Computer Security, pages 198-218. Springer-Verlag.
Download


Paper Citation


in Harvard Style

Butin D. and Bella G. (2012). Verifying Privacy by Little Interaction and No Process Equivalence . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 251-256. DOI: 10.5220/0004043502510256


in Bibtex Style

@conference{secrypt12,
author={Denis Butin and Giampaolo Bella},
title={Verifying Privacy by Little Interaction and No Process Equivalence},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={251-256},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004043502510256},
isbn={978-989-8565-24-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - Verifying Privacy by Little Interaction and No Process Equivalence
SN - 978-989-8565-24-2
AU - Butin D.
AU - Bella G.
PY - 2012
SP - 251
EP - 256
DO - 10.5220/0004043502510256