Verifying a Mix Net in CSP

A Mix Net is a cryptographic protocol that tries to unlink the correspondence between its inputs and its outputs. In this paper, we formally analyse a Mix Net using the process algebra CSP and its associated model checker FDR. The protocol that we verify removes the reliance on a Web Bulletin Board during the mixing process: rather than communicating via a Web Bulletin Board, the protocol allows the mix servers to communicate directly, exchanging signed messages and maintaining their own records of the messages they have received. Mix Net analyses in the literature are invariably focused on safety properties; important liveness properties, such as deadlock freedom, are wholly neglected. This is an unhappy omission, however, since a Mix Net that produces no results is of little use. Here we verify that the Mix Net is guaranteed to terminate, outputting a provably valid mix agreed upon by a majority of mix servers, under the assumption that a majority of them act according to the protocol

A Cut Principle for Information Flow

We view a distributed system as a graph of active locations with unidirectional channels between them, through which they pass messages. In this context, the graph structure of a system constrains the propagation of information through it. Suppose a set of channels is a cut set between an information source and a potential sink. We prove that, if there is no disclosure from the source to the cut set, then there can be no disclosure to the sink. We introduce a new formalization of partial disclosure, called *blur operators*, and show that the same cut property is preserved for disclosure to within a blur operator. This cut-blur property also implies a compositional principle, which ensures limited disclosure for a class of systems that differ only beyond the cut.Comment: 31 page

Seve: Automatic tool for verification of security protocols

Master'sMASTER OF SCIENC

Probabilistic Anonymity

The concept of anonymity comes into play in a wide range of situations, varying from voting and anonymous donations to postings on bulletin boards and sending mails. A formal definition of this concept has been given in literature in terms of nondeterminism. In this paper, we investigate a notion of anonymity based on probability theory, and we we discuss the relation with the nondeterministic one. We then formulate this definition in terms of observables for processes in the probabilistic $pi$-calculus, and propose a method to verify automatically the anonymity property. We illustrate the method by using the example of the dining cryptographers

Secure Dynamic Groups Auditing Service with Group Signature for Cloud Storage

Cloud storage has become a commonplace of storing and sharing data across multiple users. It is a challenge to preserve confidentiality and maintain identity privacy while sharing data within multiple dynamic groups, due to frequent change in the membership. Also, maintaining data integrity is an issue as data is stored and audited by untrusted cloud service provider (CSP). In this paper, we propose, third party auditor (TPA) auditing scheme to maintain data integrity and enabling TPA to perform audits for multiple users efficiently and simultaneously. By exploiting group signature scheme any member can anonymously share data within the group. The efficiency and the computation cost of the proposed system are independent with the number of users revoked and the data stored on the cloud. DOI: 10.17762/ijritcc2321-8169.150612