On the Security of Cryptographic Protocols Using the Little Theorem of Witness Functions

In this paper, we show how practical the little theorem of witness functions is in detecting security flaws in some category of cryptographic protocols. We convey a formal analysis of the Needham-Schroeder symmetric-key protocol in the theory of witness functions. We show how it helps to teach about a security vulnerability in a given step of this protocol where the value of security of a particular sensitive ticket in a sent message unexpectedly plummets compared with its value when received. This vulnerability may be exploited by an intruder to mount a replay attack as described by Denning and Sacco.Comment: Accepted at the 2019 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE) on March 1, 201

Development of Direct Democracy in Swiss Cantons between 1997 and 2003

This paper describes institutions of direct democracy between 1997 and 2003 in 26 Swiss cantons (states), specifically the statutory initiative and referendum, the constitutional initiative, and the fiscal referendum. In particular, it discusses their applications, but also the legal requirements for making use of them, including the signature requirements, the time available for their collection, and the financial thresholds. Optional and mandatory forms of these direct-legislative institutions are distinguished. This paper also provides calculations of the index and sub-indices of direct democracy for the additional years 1997 to 2003, in continuation of Stutzer (1999), using the identical methodology. Extending Trechsel and Serdült (1999) and Stutzer (1999) this paper includes the political institutions of the so-called Landsgemeinde cantons. Description of these institutions is based on the author’s reading of 26 cantonal constitutions in their versions between 1997 and 2003.institutions; direct democracy; direct legislation; initiative; referendum; fiscal referendum; constitution; Switzerland: culture

A formal analysis of the Neuchâtel e-voting protocol

Remote electronic voting is used in several countries for legally binding elections. Unlike academic voting protocols, these systems are not always documented and their security is rarely analysed rigorously. In this paper, we study a voting system that has been used for electing political representatives and in citizen-driven referenda in the Swiss canton of Neuchâtel. We design a detailed model of the protocol in ProVerif for both privacy and veri-fiability properties. Our analysis mostly confirms the security of the underlying protocol: we show that the Neuchâtel protocol guarantees ballot privacy, even against a corrupted server; it also ensures cast-as-intended and recorded-as-cast verifiability, even if the voter's device is compromised. To our knowledge, this is the first time a full-fledged automatic symbolic analysis of an e-voting system used for politically-binding elections has been realized

Improved Verifiability for BeleniosVS

The BeleniosVS electronic voting scheme offers an attractive mix of verifiability and privacy properties. Moreover, using the ProVerif protocol-verification tool, BeleniosVS has automatic machine-aided analysis of (end-to-end) verifiability in 96 different threat models with the machine-aided analysis finding proofs in 22 cases and finding attacks in the remaining 74 cases. The high number of threat models covered by ProVerif delivers a much richer security analysis than the norm. We revisit the BeleniosVS scheme and propose several refinements to the ProVerif security model and scheme which increase the number of threat models in which the scheme has verifiability from 22 to 28. Our new ProVerif security model also implies end-to-end verifiability but the requirements are easier to satisfy. Interestingly, in all six improvements, both the changes to the security model and one or more changes to the scheme are necessary to prove verifiability

The Transformation of World Trade

This Article contests the traditional view of the evolution of the world trade system. Rather than a unidirectional process of legalization focused exclusively on the system\u27s normative structure, Part I of the Article, The Explosion of the GATT Club, recounts the transformation from GATT to WTO as a bidirectional interaction between law and politics; in particular, between the system\u27s legal-normative structure and its political, decision making branch Part II of this Article, The Threat of a WTO Fortress, challenges the view that a choice must be made between politics and law or, put differently, between, on the one hand, democratic representation, participation, contestation, and the inherent flexibility that comes with it and, on the other hand, discipline, pre-commitment, and some degree of government by experts or export driven interests shielded from capture and popular ignorance. On the contrary, my claim is that a legitimate and efficient trading system requires both politics and law, or more particularly, appropriate balances between participation and discipline, flexibility and pre-commitment, accountability and insulation, popular support and expertise, and input and output legitimacy

Development of Direct Democracy in Swiss Cantons between 1997 and 2003

This paper describes institutions of direct democracy between 1997 and 2003 in 26 Swiss cantons (states), specifically the statutory initiative and referendum, the constitutional initiative, and the fiscal referendum. In particular, it discusses their applications, but also the legal requirements for making use of them, including the signature requirements, the time available for their collection, and the financial thresholds. Optional and mandatory forms of these direct-legislative institutions are distinguished. This paper also provides calculations of the index and sub-indices of direct democracy for the additional years 1997 to 2003, in continuation of Stutzer (1999), using the identical methodology. Extending Trechsel and Serdült (1999) and Stutzer (1999) this paper includes the political institutions of the so-called Landsgemeinde cantons. Description of these institutions is based on the author’s reading of 26 cantonal constitutions in their versions between 1997 and 2003

Development of Direct Democracy in Swiss Cantons between 1997 and 2003

This paper describes institutions of direct democracy between 1997 and 2003 in 26 Swiss cantons (states), specifically the statutory initiative and referendum, the constitutional initiative, and the fiscal referendum. In particular, it discusses their applications, but also the legal requirements for making use of them, including the signature requirements, the time available for their collection, and the financial thresholds. Optional and mandatory forms of these direct-legislative institutions are distinguished. This paper also provides calculations of the index and sub-indices of direct democracy for the additional years 1997 to 2003, in continuation of Stutzer (1999), using the identical methodology. Extending Trechsel and Serdült (1999) and Stutzer (1999) this paper includes the political institutions of the so-called Landsgemeinde cantons. Description of these institutions is based on the author’s reading of 26 cantonal constitutions in their versions between 1997 and 2003

A formal analysis of the Neuchâtel e-voting protocol

International audienceRemote electronic voting is used in several countries for legally binding elections. Unlike academic voting protocols, these systems are not always documented and their security is rarely analysed rigorously. In this paper, we study a voting system that has been used for electing political representatives and in citizen-driven referenda in the Swiss canton of Neuchâtel. We design a detailed model of the protocol in ProVerif for both privacy and verifiability properties. Our analysis mostly confirms the security of the underlying protocol: we show that the Neuchâtel protocol guarantees ballot privacy, even against a corrupted server; it also ensures cast-as-intended and recorded-as-cast verifiability, even if the voter's device is compromised. To our knowledge, this is the first time a full-fledged automatic symbolic analysis of an e-voting system used for politically-binding elections has been realized

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India