References of "Bursuc, Sergiu 50037132"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailContingent payments from two-party signing and verification for abelian groups
Bursuc, Sergiu UL; Mauw, Sjouke UL

in Conference Proceedings 2022 IEEE 35th Computer Security Foundations Symposium (CSF) (2022)

The fair exchange problem has faced for a long time the bottleneck of a required trusted third party. The recent development of blockchains introduces a new type of party to this problem, whose ... [more ▼]

The fair exchange problem has faced for a long time the bottleneck of a required trusted third party. The recent development of blockchains introduces a new type of party to this problem, whose trustworthiness relies on a public ledger and distributed computation. The challenge in this setting is to reconcile the minimalistic and public nature of blockchains with elaborate fair exchange requirements, from functionality to privacy. Zero-knowledge contingent payments (ZKCP) are a class of protocols that are promising in this direction, allowing the fair exchange of data for payment. We propose a new ZKCP protocol that, when compared to others, requires less computation from the blockchain and less interaction between parties. The protocol is based on two-party (weak) adaptor signatures, which we show how to instantiate from state of the art multiparty sign- ing protocols. We improve the symbolic definition of ZKCP security and, for automated verification with Tamarin, we propose a general security reduction from the theory of abelian groups to the theory of exclusive or. [less ▲]

Detailed reference viewed: 22 (2 UL)
Full Text
Peer Reviewed
See detailProvably Improving Election Verifiability in Belenios
Baloglu, Sevdenur UL; Bursuc, Sergiu UL; Mauw, Sjouke UL et al

in Electronic Voting 6th International Joint Conference, E-Vote-ID 2021 Virtual Event, October 5–8, 2021, Proceedings (2021, October)

Belenios is an online voting system that provides a strong notion of election verifiability, where no single party has to be trusted, and security holds as soon as either the voting registrar or the ... [more ▼]

Belenios is an online voting system that provides a strong notion of election verifiability, where no single party has to be trusted, and security holds as soon as either the voting registrar or the voting server is honest. It was formally proved to be secure, making the assump- tion that no further ballots are cast on the bulletin board after voters verified their ballots. In practice, however, revoting is allowed and voters can verify their ballots anytime. This gap between formal proofs and use in practice leaves open space for attacks, as has been shown recently. In this paper we make two simple additions to Belenios and we formally prove that the new version satisfies the expected verifiability properties. Our proofs are automatically performed with the Tamarin prover, under the assumption that voters are allowed to vote at most four times. [less ▲]

Detailed reference viewed: 133 (23 UL)
Full Text
Peer Reviewed
See detailElection Verifiability Revisited: Automated Security Proofs and Attacks on Helios and Belenios
Baloglu, Sevdenur UL; Bursuc, Sergiu UL; Mauw, Sjouke UL et al

in IEEE 34th Computer Security Foundations Symposium, Dubrovnik 21-25 June 2021 (2021, June)

Election verifiability aims to ensure that the outcome produced by electronic voting systems correctly reflects the intentions of eligible voters, even in the presence of an adversary that may corrupt ... [more ▼]

Election verifiability aims to ensure that the outcome produced by electronic voting systems correctly reflects the intentions of eligible voters, even in the presence of an adversary that may corrupt various parts of the voting infrastructure. Protecting such systems from manipulation is challenging because of their distributed nature involving voters, election authorities, voting servers and voting platforms. An adversary corrupting any of these can make changes that, individually, would go unnoticed, yet in the end will affect the outcome of the election. It is, therefore, important to rigorously evaluate whether the measures prescribed by election verifiability achieve their goals. We propose a formal framework that allows such an evaluation in a systematic and automated way. We demonstrate its application to the verification of various scenarios in Helios and Belenios, two prominent internet voting systems, for which we capture features and corruption models previously outside the scope of formal verification. Relying on the Tamarin protocol prover for automation, we derive new security proofs and attacks on deployed versions of these protocols, illustrating trade-offs between usability and security. [less ▲]

Detailed reference viewed: 200 (16 UL)
Full Text
Peer Reviewed
See detailContingent Payments on a Public Ledger: Models and Reductions for Automated Verification.
Bursuc, Sergiu UL; Kremer, Steve

in Bursuc, Sergiu; Kremer, Steve (Eds.) Contingent Payments on a Public Ledger: Models and Reductions for Automated Verification. (2019, September)

Detailed reference viewed: 80 (2 UL)
Full Text
Peer Reviewed
See detailPrivate Votes on Untrusted Platforms: Models, Attacks and Provable Scheme
Bursuc, Sergiu UL; Dragan, Constantin-Catalin; Kremer, Steve

in Bursuc, Sergiu; Dragan, Constantin-Catalin; Kremer, Steve (Eds.) Private Votes on Untrusted Platforms: Models, Attacks and Provable Scheme (2019)

Detailed reference viewed: 60 (1 UL)