Vote buying revisited: implications for receipt-freeness

In this paper, we analyse the concept of vote buying based on examples that try to stretch the meaning of the concept. Which ex- amples can still be called vote buying, and which cannot? We propose several dimensions that are relevant to qualifying an action as vote buy- ing or not. As a means of protection against vote buying and coercion, the concept of receipt-freeness has been proposed. We argue that, in or- der to protect against a larger set of vote buying activities, the concept of receipt-freeness should be interpreted probabilistically. We propose a general definition of probabilistic receipt-freeness by adapting existing definitions of probabilistic anonymity to voting

How to Work with Honest but Curious Judges? (Preliminary Report)

The three-judges protocol, recently advocated by Mclver and Morgan as an example of stepwise refinement of security protocols, studies how to securely compute the majority function to reach a final verdict without revealing each individual judge's decision. We extend their protocol in two different ways for an arbitrary number of 2n+1 judges. The first generalisation is inherently centralised, in the sense that it requires a judge as a leader who collects information from others, computes the majority function, and announces the final result. A different approach can be obtained by slightly modifying the well-known dining cryptographers protocol, however it reveals the number of votes rather than the final verdict. We define a notion of conditional anonymity in order to analyse these two solutions. Both of them have been checked in the model checker MCMAS

A framework for automatically checking anonymity with μ CRL

We present a powerful and flexible method for automatically checking anonymity in a possibilistic general-purpose process algebraic verification toolset. We propose new definitions of a choice anonymity degree and a player anonymity degree, to quantify the precision with which an intruder is able to single out the true originator of a given event or to associate the right event to a given protocol participant. We show how these measures of anonymity can be automatically calculated from a protocol specification in µCRL, by using a combination of dedicated tools and existing state-of-the-art µCRL tools. To illustrate the flexibility of our method we test the Dining Cryptographers problem and the FOO 92 voting protocol. Our definitions of anonymity provide an accurate picture of the different ways that anonymity can break down, due for instance to coallitions of inside intruders. Our calculations can be performed on a cluster of machines, allowing us to check protocols for large numbers of participants

Generalized bisimulation metrics

International audienceThe pseudometric based on the Kantorovich lifting is one of the most popular notion of distance between probabilistic processes proposed in the literature. However, its application in verification is limited to linear properties. We propose a generalization which allows to deal with a wider class of properties, such as those used in security and privacy. More precisely, we propose a family of pseudometrics, parametrized on a notion of distance which depends on the property we want to verify. Furthermore, we show that the members of this family still characterize bisimilarity in terms of their kernel, and provide a bound on the corresponding distance between trace distributions. Finally, we study the instance corresponding to differential privacy, and we show that it has a dual form, easier to compute. We also prove that the typical process-algebra constructs are non-expansive, thus paving the way to a modular approach to verification

Anonymity Protocols as Noisy Channels

International audienceWe consider a framework in which anonymity protocols are interpreted as noisy channels in the information-theoretic sense, and we explore the idea of using the notion of capacity as a measure of the loss of anonymity. Such idea was already suggested by Moskowitz, Newman and Syverson, in their analysis of the covert channel that can be created as a result of non-perfect anonymity. We consider the case in which some leak of information is intended by design, and we introduce the notion of conditional capacity to rule out this factor, thus retrieving a natural correspondence with the notion of anonymity. Furthermore, we show how to compute the capacity and the conditional capacity when the anonymity protocol satisfies certain symmetries. We also investigate how the adversary can test the system to try to infer the user's identity, and we study how his probability of success depends on the characteristics of the channel. We then illustrate how various notions of anonymity can be expressed in this framework, and show the relation with some definitions of probabilistic anonymity in literature. Finally, we show how to compute the matrix of the channel (and hence the capacity and conditional capacity) using model checking

Probable Innocence Revisited

International audienceOften we wish to ensure that the identity of the user performing a certain action is maintained secret. This property is called anonymity. Examples of situations in which we may wish to provide anonymity include: publishing on the web, retrieving information from the web, sending a message, etc. Many protocols have been designed for this purpose, for example, Crowds [15], Onion Routing [23], the Free Haven [7], Web MIX [1] and Freenet [4]

Estimating the Maximum Information Leakage

none2noopenAldini, Alessandro; DI PIERRO, A.Aldini, Alessandro; DI PIERRO, A

La volonté machinale: understanding the electronic voting controversy

Contains fulltext : 32048_voloma.pdf (publisher's version ) (Open Access)Radboud Universiteit Nijmegen, 21 januari 2008Promotor : Jacobs, B.P.F. Co-promotores : Poll, E., Becker, M.226 p

Sobre la verificación automática de autómatas probabilistas distribuidos con información parcial /

Tesis (Doctor en Ciencias de la Computación)--Universidad Nacional de Córdoba, Facultad de Matemática, Astronomía y Física, 2010.En esta tesis desarrollamos algoritmos y técnicas de análisis basadas en model checking para analizar la corrección de sistemas distribuidos con características aleatorias y no deterministas. Una contribución importante es la demostración de que no existe un algoritmo que resuelva el problema de verificación de forma totalmente automática. A pesar de este resultado, presentamos algoritmos que, si bien no pueden determinar la corrección para todos los sistemas y propiedades, sirven para detectar que ciertos sistemas son correctos o incorrectos. Uno de los impedimentos más frecuentes a la hora de verificar PDMs es el problema de la explosión de estado. Este problema, bien conocido y atacado en model checking, se agrava en el ámbito de model checking cuantitativo. Existen trabajos previos que, con el fin de atacar este problema, presentan adaptaciones de las técnicas de reducción orden parcial para model checking cualitativo al caso cuantitativo. Presentamos una nueva adaptación de la técnica de reducción de orden parcial. Nuestra adaptación aprovecha el hecho de que las componentes de un sistema concurrente tienen acceso limitado a la información sobre el estado global del sistema. Concluímos con casos de estudio que muestran las mejoras de nuestros algoritmos y nuestra técnica de orden parcial.Sergio Giro ; dirigido por Pedro R. D'Argenio