Caveat Coercitor: Coercion-Evidence in Electronic Voting

Grewal, Gurchetan S.; Ryan, Mark; Bursuc, Sergiu; Ryan, Peter Y. A.

doi:10.1109/sp.2013.32

Cited by 37 publications

(37 citation statements)

References 19 publications

(23 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, we would like to include new cryptographic primitives such as XOR, blind signature and re-encryption used in very interesting protocols e.g. Caveat Coercitor [11].…”

Section: Fig 1 Experimental Resultsmentioning

confidence: 99%

APTE: An Algorithm for Proving Trace Equivalence

Cheval

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. This paper presents APTE, a new tool for automatically proving the security of cryptographic protocols. It focuses on proving trace equivalence between processes, which is crucial for specifying privacy type properties such as anonymity and unlinkability. The tool can handle protocols expressed in a calculus similar to the applied-pi calculus, which allows us to capture most existing protocols that rely on classical cryptographic primitives. In particular, APTE handles private channels and else branches in protocols with bounded number of sessions. Unlike most equivalence verifier tools, APTE is guaranteed to terminate. Moreover, APTE is the only tool that extends the usual notion of trace equivalence by considering "side-channel" information leaked to the attacker such as the length of messages and the execution times. We illustrate APTE on different case studies which allowed us to automatically (re)-discover attacks on protocols such as the Private Authentication protocol or the protocols of the electronic passports.

show abstract

“…Moreover, we would like to include new cryptographic primitives such as XOR, blind signature and re-encryption used in very interesting protocols e.g. Caveat Coercitor [11].…”

Section: Fig 1 Experimental Resultsmentioning

confidence: 99%

APTE: An Algorithm for Proving Trace Equivalence

Cheval

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…This process includes following buyers' instructions and communicating with buyers during the voting process [25]. Traditionally, vote-selling is considered illegal and is prohibited in elections.…”

Section: Vote-selling Resistancementioning

confidence: 99%

“…Instead of considering voter-coercion resistance, Caveat Coercitor [25] proposed a protocol which satisfies coercion-evidence. Unlike voter-coercion resistant systems, Caveat Coercitor tolerates coercions but records unforgeable evidence for voter-coercions.…”

Section: Caveat Coercitor [25]mentioning

confidence: 99%

Receipt-freeness and coercion resistance in remote E-voting systems

Ruan

Zou

2017

IJSN

View full text Add to dashboard Cite

Remote Electronic Voting (E-voting) is a more convenient and efficient methodology when compared with traditional voting systems. It allows voters to vote for candidates remotely, however, remote E-voting systems have not yet been widely deployed in practical elections due to several potential security issues, such as vote-privacy, robustness and verifiability. Attackers' targets can be either voting machines or voters. In this paper, we mainly focus on three important security properties related to voters: receipt-freeness, voteselling resistance, and voter-coercion resistance. In such scenarios, voters are willing or forced to cooperate with attackers. We provide a survey of existing remote E-voting systems, to see whether or not they are able to satisfy these three properties to avoid corresponding attacks. Furthermore, we identify and summarize what mechanisms they use in order to satisfy these three security properties.

show abstract

“…Formal methods have proved to be effective in highlighting weaknesses of protocols and hence enabling designers and programmers to patch them and strengthen their security guarantees, as well as in giving strong assurance on the properties a protocol achieves by proving the absence of attacks undermining the stated security properties. For example, conference management [1], electronic voting [2][3][4], single-sign-on [5,6], cloud storage [7], RFID [8], TPM [9,10] and mobile telephony protocols [11] have been scrutinized using manual and automatic verification techniques. Manual proof methods are lengthy and error prone, while automatic verification tools have to compromise in order to achieve decidability (at least for some subclass of processes) by bounding the number of agents and sessions and/or restricting the considered class of cryptographic functions.…”

Section: Introductionmentioning

confidence: 99%

Analysis of privacy in mobile telephony systems

Arapinis

Mancini

Ritter

et al. 2016

Int. J. Inf. Secur.

View full text Add to dashboard Cite

We present a thorough experimental and formal analysis of users' privacy in mobile telephony systems. In particular, we experimentally analyse the use of pseudonyms and point out weak deployed policies leading to some critical scenarios which make it possible to violate a user's privacy. We also expose some protocol's vulnerabilities resulting in breaches of the anonymity and/or user unlinkability. We show these breaches translate in actual attacks which are feasible to implement on real networks and discuss our prototype implementation. In order to countermeasure these attacks, we propose realistic solutions. Finally, we provide the theoretical framework for the automatic verification of the unlinkability and anonymity of the fixed 2G/3G procedures and automatically verify them using the ProVerif tool.

show abstract

Caveat Coercitor: Coercion-Evidence in Electronic Voting

Cited by 37 publications

References 19 publications

APTE: An Algorithm for Proving Trace Equivalence

APTE: An Algorithm for Proving Trace Equivalence

Receipt-freeness and coercion resistance in remote E-voting systems

Analysis of privacy in mobile telephony systems

Contact Info

Product

Resources

About