24 research outputs found

    A study of statistical zero-knowledge proofs

    Get PDF
    Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Mathematics, 1999.Includes bibliographical references (p. 181-190).by Salil Pravin Vadhan.Ph.D

    Advances in cryptographic voting systems

    Get PDF
    Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 241-254).Democracy depends on the proper administration of popular elections. Voters should receive assurance that their intent was correctly captured and that all eligible votes were correctly tallied. The election system as a whole should ensure that voter coercion is unlikely, even when voters are willing to be influenced. These conflicting requirements present a significant challenge: how can voters receive enough assurance to trust the election result, but not so much that they can prove to a potential coercer how they voted? This dissertation explores cryptographic techniques for implementing verifiable, secret-ballot elections. We present the power of cryptographic voting, in particular its ability to successfully achieve both verifiability and ballot secrecy, a combination that cannot be achieved by other means. We review a large portion of the literature on cryptographic voting. We propose three novel technical ideas: 1. a simple and inexpensive paper-base cryptographic voting system with some interesting advantages over existing techniques, 2. a theoretical model of incoercibility for human voters with their inherent limited computational ability, and a new ballot casting system that fits the new definition, and 3. a new theoretical construct for shuffling encrypted votes in full view of public observers.by Ben Adida.Ph.D

    Efficient threshold cryptosystems

    Get PDF
    Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2001.Includes bibliographical references (p. 181-189).A threshold signature or decryption scheme is a distributed implementation of a cryptosystem, in which the secret key is secret-shared among a group of servers. These servers can then sign or decrypt messages by following a distributed protocol. The goal of a threshold scheme is to protect the secret key in a highly fault-tolerant way. Namely, the key remains secret, and correct signatures or decryptions are always computed, even if the adversary corrupts less than a fixed threshold of the participating servers. We show that threshold schemes can be constructed by putting together several simple distributed protocols that implement arithmetic operations, like multiplication or exponentiation, in a threshold setting. We exemplify this approach with two discrete-log based threshold schemes, a threshold DSS signature scheme and a threshold Cramer-Shoup cryptosystem. Our methodology leads to threshold schemes which are more efficient than those implied by general secure multi-party computation protocols. Our schemes take a constant number of communication rounds, and the computation cost per server grows by a factor linear in the number of the participating servers compared to the cost of the underlying secret-key operation. We consider three adversarial models of increasing strength. We first present distributed protocols for constructing threshold cryptosystems secure in the static adversarial model, where the players are corrupted before the protocol starts. Then, under the assumption that the servers can reliably erase their local data, we show how to modify these protocols to extend the security of threshold schemes to an adaptive adversarial model,(cont.) where the adversary is allowed to choose which servers to corrupt during the protocol execution. Finally we show how to remove the reliable erasure assumption. All our schemes withstand optimal thresholds of a minority of malicious faults in a realistic partially-synchronous insecure-channels communication model with broadcast. Our work introduces several techniques that can be of interest to other research on secure multi-party protocols, e.g. the inconsistent player simulation technique which we use to construct efficient schemes secure in the adaptive model, and the novel primitive of a simultaneously secure encryption which provides an efficient implementation of private channels in an adaptive and erasure-free model for a wide class of multi-party protocols. We include extensions of the above results to: (1) RSA-based threshold cryptosystems; and (2) stronger adversarial models than a threshold adversary, namely to proactive and creeping adversaries, who, under certain assumptions regarding the speed and detectability of corruptions, are allowed to compromise all or almost all of the participating servers.by StanisĂ…aw Jarecki.Ph.D

    Extracting proofs from documents

    Get PDF
    Often, theorem checkers like PVS are used to check an existing proof, which is part of some document. Since there is a large difference between the notations used in the documents and the notations used in the theorem checkers, it is usually a laborious task to convert an existing proof into a format which can be checked by a machine. In the system that we propose, the author is assisted in the process of converting an existing proof into the PVS language and having it checked by PVS. 1 Introduction The now-classic ALGOL 60 report [5] recognized three different levels of language: a reference language, a publication language and several hardware representations, whereby the publication language was intended to admit variations on the reference language and was to be used for stating and communicating processes. The importance of publication language ---often referred to nowadays as "pseudo-code"--- is difficult to exaggerate since a publication language is the most effective way..

    Investigation, Development, and Evaluation of Performance Proving for Fault-tolerant Computers

    Get PDF
    A number of methodologies for verifying systems and computer based tools that assist users in verifying their systems were developed. These tools were applied to verify in part the SIFT ultrareliable aircraft computer. Topics covered included: STP theorem prover; design verification of SIFT; high level language code verification; assembly language level verification; numerical algorithm verification; verification of flight control programs; and verification of hardware logic

    Verification of full functional correctness for imperative linked data structures

    Get PDF
    Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2010.Cataloged from PDF version of thesis.Includes bibliographical references (p. 207-222).We present the verification of full functional correctness for a collection of imperative linked data structures implemented in Java. A key technique that makes this verification possible is a novel, integrated proof language that we have developed within the context of the Jahob program verification system. Our proof language allows us to embed proof commands directly within the program, making it possible to reason about the behavior of the program in its original context. It also allows us to effectively leverage Jahob's integrated reasoning system. Unlike conventional program verification systems that rely on a single monolithic prover, Jahob includes interfaces to a diverse collection of specialized automated reasoning systems-automated theorem provers, decision procedures, and program analyses-that work together to prove the verification conditions that the system automatically generates. Our proof language enables the developer to direct the efforts of these automated reasoning systems to successfully verify properties that the system is unable to verify without guidance. Our specifications characterize the behavior of the data structures in terms of their abstract state, resulting in verified interfaces that can be used to reason about the behavior of the data structures without revealing the underlying representation. The results demonstrate the effectiveness of our proof language and integrated reasoning approach, and provide valuable insight into the specification and verification of imperative linked data structures.by Karen K. Zee.Ph.D

    Acquiring data designs from existing data-intensive programs

    Get PDF
    The problem area addressed in this thesis is extraction of a data design from existing data intensive program code. The purpose of this is to help a software maintainer to understand a software system more easily because a view of a software system at a high abstraction level can be obtained. Acquiring a data design from existing data intensive program code is an important part of reverse engineering in software maintenance. A large proportion of software systems currently needing maintenance is data intensive. The research results in this thesis can be directly used in a reverse engineering tool. A method has been developed for acquiring data designs from existing data intensive programs, COBOL programs in particular. Program transformation is used as the main tool. Abstraction techniques and the method of crossing levels of abstraction are also studied for acquiring data designs. A prototype system has been implemented based on the method developed. This involved implementing a number of program transformations for data abstraction, and thus contributing to the production of a tool. Several case studies, including one case study using a real program with 7000 Hues of source code, are presented. The experiment results show that the Entity-Relationship Attribute Diagrams derived from the prototype can represent the data designs of the original data intensive programs. The original contribution of the thesis is that the approach presented in this thesis can identify and extract data relationships from the existing code by combining analysis of data with analysis of code. The approach is believed to be able to provide better capabilities than other work in the field. The method has indicated that acquiring a data design from existing data intensive program code by program transformation with human assistance is an effective method in software maintenance. Future work is suggested at the end of the thesis including extending the method to build an industrial strength tool
    corecore