The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Mechanical Proofs about a Non-repudiation Protocol
TPHOLs '01 Proceedings of the 14th International Conference on Theorem Proving in Higher Order Logics
Formal Verification of Cardholder Registration in SET
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
A Practical Secret Voting Scheme for Large Scale Elections
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Formal Correctness of Security Protocols (Information Security and Cryptography)
Formal Correctness of Security Protocols (Information Security and Cryptography)
Verifying privacy-type properties of electronic voting protocols
Journal of Computer Security
Analysis of an electronic voting protocol in the applied pi calculus
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Automated verification of equivalence properties of cryptographic protocols
ESOP'12 Proceedings of the 21st European conference on Programming Languages and Systems
Hi-index | 0.00 |
The increasing official use of security protocols for electronic voting deepens the need for their trustworthiness, hence for their formal verification. The impossibility of linking a voter to her vote, often called voter privacy or ballot secrecy, is the core property of many such protocols. Most existing work relies on equivalence statements in cryptographic extensions of process calculi. This paper provides the first theorem-proving based verification of voter privacy and overcomes some of the limitations inherent to process calculi-based analysis. Unlinkability between two pieces of information is specified as an extension to the Inductive Method for security protocol verification in Isabelle/HOL. New message operators for association extraction and synthesis are defined. Proving voter privacy demanded substantial effort and provided novel insights into both electronic voting protocols themselves and the analysed security goals. The central proof elements are described and shown to be reusable for different protocols with minimal interaction.