Cast-as-Intended Mechanism with Return Codes Based on PETs

We propose a method providing cast-as-intended verifiability for remote electronic voting. The method is based on plaintext equivalence tests (PETs), used to match the cast ballots against the pre-generated encrypted code tables. Our solution provides an attractive balance of security and functional properties. It is based on well-known cryptographic building blocks and relies on standard cryptographic assumptions, which allows for relatively simple security analysis. Our scheme is designed with a built-in fine-grained distributed trust mechanism based on threshold decryption. It, finally, imposes only very little additional computational burden on the voting platform, which is especially important when voters use devices of restricted computational power such as mobile phones. At the same time, the computational cost on the server side is very reasonable and scales well with the increasing ballot size

Risks and opportunities in arbitrage and market-making in blockchain-based currency markets. Part 1 : Risks

This study provides a practical introduction to high-frequency trading in blockchain-based currency markets. These types of markets have some specific characteristics that differentiate them from the stock markets, such as a large number of trading exchanges (centralized and decentralized), relative simplicity in moving funds from one exchange to another, and the large number of new currencies that have very little liquidity. This study analyzes the possible risks that specifically characterize this type of trading operation, the potential opportunities, and the algorithms that are mostly used, providing information that can be useful for practitioners who intend to operate in these markets by providing (and risking) liquidity

Nonce-based Kerberos is a Secure Delegated AKE Protocol

Kerberos is one of the most important cryptographic protocols, first because it is the basisc authentication protocol in Microsoft\u27s Active Directory and shipped with every major operating system, and second because it served as a model for all Single-Sign-On protocols (e.g. SAML, OpenID, MS Cardspace, OpenID Connect). Its security has been confirmed with several Dolev-Yao style proofs, and attacks on certain versions of the protocol have been described. However despite its importance, despite its longevity, and despite the wealth of Dolev-Yao-style security proofs, no reduction based security proof has been published until now. This has two reasons: (1) All widely accepted formal models either deal with two-party protocols, or group key agreement protocols (where all entities have the same role), but not with 3-party protocols where each party has a different role. (2) Kerberos uses timestamps and nonces, and formal security models for timestamps are not well understood up to now. As a step towards a full security proof of Kerberos, we target problem (1) here: We propose a variant of the Kerberos protocol, where nonces are used instead of timestamps. This requires one additional protocol message, but enables a proof in the standard Bellare-Rogaway (BR) model. The key setup and the roles of the different parties are identical to the original Kerberos protocol. For our proof, we only require that the authenticated encryption and the message authentication code (MAC) schemes are secure. Under these assumptions we show that the probability that a client or server process oracle accepts maliciously, and the advantage of an adversary trying to distinguish a real Kerberos session key from a random value, are both negligible. One main idea in the proof is to model the Kerberos server a a public oracle, so that we do not have to consider the security of the connection client--Kerberos. This idea is only applicable to the communication pattern adapted by Kerberos, and not to other 3-party patterns (e.g. EAP protocols)

How to Construct Rational Protocols with Nash Equilibrium Consistency in the UC framework

The inconsistency of Nash equilibrium of rational delegated computation scheme in the UC framework will lead to the lack of strict security proof of the protocols fundamentally. The consistency proof of Nash equilibrium between the ideal world and the real world has always been a challenge in the research field. In this paper, we analyze the Nash equilibrium according to the game model of rational delegated computation, and the ideal functionality for rational delegation of computation based on incentive-driven adversary is proposed, then we construct a rational delegated computation protocol for UC-realizing the ideal functionality. In a word, the proposed rational delegated computing protocol based on incentive-driven adversary has been proven to be secure in the universally composable framework, furthermore, we effectively solve the inconsistency problem of Nash equilibrium between the real world and the ideal world

A Petri Nets Model for Blockchain Analysis

A Blockchain is a global shared infrastructure where cryptocurrency transactions among addresses are recorded, validated and made publicly available in a peer- to-peer network. To date the best known and important cryptocurrency is the bitcoin. In this paper we focus on this cryptocurrency and in particular on the modeling of the Bitcoin Blockchain by using the Petri Nets formalism. The proposed model allows us to quickly collect information about identities owning Bitcoin addresses and to recover measures and statistics on the Bitcoin network. By exploiting algebraic formalism, we reconstructed an Entities network associated to Blockchain transactions gathering together Bitcoin addresses into the single entity holding permits to manage Bitcoins held by those addresses. The model allows also to identify a set of behaviours typical of Bitcoin owners, like that of using an address only once, and to reconstruct chains for this behaviour together with the rate of firing. Our model is highly flexible and can easily be adapted to include different features of the Bitcoin crypto-currency system

Private votes on untrusted platforms: models, attacks and provable scheme

International audienceModern e-voting systems deploy cryptographic protocols on a complex infrastructure involving different computing platforms and agents. It is crucial to have appropriate specification and evaluation methods to perform rigorous analysis of such systems, taking into account the corruption and computational capabilities of a potential attacker. In particular, the platform used for voting may be corrupted, e.g. infected by malware, and we need to ensure privacy and integrity of votes even in that case. We propose a new definition of vote privacy, formalized as a computational indistinguishability game, that allows to take into account such refined attacker models; we show that the definition captures both known and novel attacks against several voting schemes; and we propose a scheme that is provably secure in this setting. We moreover formalize and machine-check the proof in the EasyCrypt theorem prover