50 research outputs found
Accuracy: The fundamental requirement for voting systems
There have been several attempts to develop a comprehensive account of the requirements for voting systems, particularly for public elections. Typically, these approaches identify a number of "high level" principals which are then refined either into more detailed statements or more formal constructs. Unfortunately, these approaches do not acknowledge the complexity and diversity of the contexts in which voting takes place. This paper takes a different approach by arguing that the only requirement for a voting system is that it is accurate. More detailed requirements can then be derived from this high level requirement for the particular context in which the system is implemented and deployed. A general, formal high level model for voting systems and their context is proposed. Several related definitions of accuracy for voting systems are then developed, illustrating how the term "accuracy" is in interpreted in different contexts. Finally, a context based requirement for voting system privacy is investigated as an example of deriving a subsidiary requirement from the high level requirement for accuracy
Fully Collision-Resistant Chameleon-Hashes from Simpler and Post-Quantum Assumptions
Chameleon-hashes are collision-resistant hash-functions parametrized
by a public key. If the corresponding secret key is known, arbitrary collisions for the hash can be found.
Recently, Derler et al. (PKC \u2720) introduced the notion of fully collision-resistant chameleon-hashes.
Full collision-resistance requires the intractability of finding collisions,
even with full-adaptive access to a collision-finding oracle. Their construction combines simulation-sound extractable (SSE)
NIZKs with perfectly correct IND-CPA secure public-key encryption (PKE) schemes.
We show that, instead of perfectly correct PKE, non-interactive commitment schemes are sufficient. For the first time, this gives rise to efficient instantiations from plausible post-quantum assumptions and thus candidates of chameleon-hashes with strong collision-resistance guarantees and long-term security guarantees. On the more theoretical side, our results relax the requirement to not being dependent on public-key encryption
Fully Invisible Protean Signatures Schemes
Protean Signatures (PS), recently introduced by Krenn et al. (CANS \u2718), allow a semi-trusted third party, named the sanitizer, to modify a signed message in a controlled way.
The sanitizer can
edit signer-chosen parts to arbitrary bitstrings, while the sanitizer can also redact
admissible parts, which are also chosen by the signer. Thus, PSs generalize both redactable signature (RSS) and sanitizable signature (SSS)
into a single notion.
However, the current definition of invisibility does not prohibit that an outsider can decide which
parts of a message are redactable - only which parts can be edited are hidden. This negatively
impacts on the privacy guarantees provided by the state-of-the-art definition.
We extend PSs to be fully invisible.
This strengthened notion guarantees that an outsider can neither decide which parts of a message can be edited nor which
parts can be redacted. To achieve our goal, we introduce the new notions of Invisible RSSs and Invisible Non-Accountable SSSs (SSS\u27), along with a consolidated framework for aggregate signatures.
Using those building blocks, our resulting construction is significantly
more efficient than the original scheme by Krenn et al., which we demonstrate in a prototypical implementation
Log Auditing for Trust Assessment in Peer-to-Peer Collaboration
International audienceIn order to overcome the disadvantages of a central authority, a tendency is to move towards a peer-to-peer collaboration where control over data is given to users who can decide with whom they want to share their private data. In this peer-to-peer collaboration it is very difficult to ensure that after data is shared with other peers, these peers will not misbehave and violate data privacy. In this paper, we propose a mechanism that addresses the issue of data privacy violation by auditing the collaboration logs. In our approach, trust values between users are adjusted according to their previous activities on the shared data. Users share their private data by specifying some obligations the receivers are expected to follow. We log modifications done by users as well as the obligations and use a log-auditing mechanism to detect users who misbehaved. We adjust their associated trust values by using any existing decentralized trust model
DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees
This paper presents the current state of the art on attack and defense
modeling approaches that are based on directed acyclic graphs (DAGs). DAGs
allow for a hierarchical decomposition of complex scenarios into simple, easily
understandable and quantifiable actions. Methods based on threat trees and
Bayesian networks are two well-known approaches to security modeling. However
there exist more than 30 DAG-based methodologies, each having different
features and goals. The objective of this survey is to present a complete
overview of graphical attack and defense modeling techniques based on DAGs.
This consists of summarizing the existing methodologies, comparing their
features and proposing a taxonomy of the described formalisms. This article
also supports the selection of an adequate modeling technique depending on user
requirements
E-democracy Implementation: The Imperative of Agenda Setting
Decline in the level of citizens’ participation due to disconnect between citizens and their
representatives has been identified as one of the prominent challenges facing most democratic societies in the
world today. E-democracy has been identified to have the potentials to reduce the contemporary
estrangement between the democratic actors by creating new forms of engagement, deliberation, and
collaboration in polity to make the democratic processes more inclusive and transparent. However, edemocracy
initiatives in many countries have had mixed success as most e-democracy implementations have
been unable to justify the essence of huge investments made into it. This research paper reviews existing edemocracy
development processes and agenda of nations among the top twenty countries in e-participation
implementation as rated in the UN Global E-Government Evaluation, 2010. The sample composed of secondary
data sourced from information system centric academic journals, book chapters, conference proceedings,
database of international development organisations (OECD, UN, EU) on e-democracy implementation reports
and database of research institutions and centres that focus on e-government and e-democracy
implementation. Findings revealed that most countries do not have well established framework and agenda
setting for e-democracy implementation, but only based their e-democracy implementation on one of the
objectives of their e-government implementation. As a result, policy content is largely missing in most edemocracy
strategies at both conceptual and implementation stage. This paper therefore, presents a guideline
for e-democracy agenda setting and discusses issues germane to establishing e-democracy agenda. It submits
that for a successful e-democracy implementation, the agenda-setting phase should capture the legal and
political processes of the country. In addition, e-democracy strategic vision, strategic aim and objectives,
strategic policy, mode of implementation and overseeing body should be well articulated in the agenda setting
phase of e-democracy implementation plan. The discussion will benefit both researchers, government and
practitioners on successful e-democracy implementation as basis for societal development