Receipt-free secret-ballot elections (extended abstract)
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Practical Secret Voting Scheme for Large Scale Elections
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Receipt-Free Electronic Voting Schemes for Large Scale Elections
Proceedings of the 5th International Workshop on Security Protocols
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Automated Verification of Selected Equivalences for Security Protocols
LICS '05 Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science
Hiding names: private authentication in the applied pi calculus
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Decidability of Equivalence of Symbolic Derivations
Journal of Automated Reasoning
Vote-independence: a powerful privacy notion for voting protocols
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Attacking and fixing Helios: An analysis of ballot secrecy
Journal of Computer Security
| Hi-index | 0.00 |
While electronic elections promise the possibility of convenient, efficient and secure facilities for recording and tallying votes, recent studies have highlighted inadequacies in implemented systems. These inadequacies provide additional motivation for applying formal methods to the validation of electronic voting protocols. In this paper we report on some of our recent efforts in using the applied pi calculus to model and analyse properties of electronic elections. We particularly focus on anonymity properties, namely vote-privacy and receipt-freeness. These properties are expressed using observational equivalence and we show in accordance with intuition that receipt-freeness implies vote-privacy. We illustrate our definitions on two electronic voting protocols from the literature. Ideally, these properties should hold even if the election officials are corrupt. However, protocols that were designed to satisfy privacy or receipt-freeness may not do so in the presence of corrupt officials. Our model and definitions allow us to specify and easily change which authorities are supposed to be trustworthy.