[en] We introduce the notion of privacy-preserving verifiability for security protocols. It holds when a protocol admits a verifiability test that does not reveal, to the verifier that runs it, more pieces of information about the protocol’s execution than those required to run the test. Our definition of privacy-preserving verifiability is general and applies to cryptographic protocols as well as to human security protocols. In this paper we exemplify it in the domain of e-exams. We prove that the notion is meaningful by studying an existing exam protocol that is verifiable but whose verifiability tests are not privacy-preserving. We prove that the notion is applicable: we review the protocol using functional encryption so that it admits a verifiability test that preserves privacy to our definition. We analyse, in ProVerif, that the verifiability holds despite malicious parties and that the new protocol maintains all the security properties of the original protocol, so proving that our privacy-preserving verifiability can be achieved starting from existing security.
Disciplines :
Computer science
Author, co-author :
Giustolisi, Rosario; IT University of Copenhagen
IOVINO, Vincenzo ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
LENZINI, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
yes
Language :
English
Title :
Privacy-Preserving Verifiability: A Case for an Electronic Exam Protocol
Publication date :
2017
Event name :
14th Conf. on Security and Cryptography
Event organizer :
ICEITE
Event place :
Madrid, Spain
Event date :
from 23-07-2017 to 26-07-2017
Audience :
International
Main work title :
Privacy-Preserving Verifiability: A Case for an Electronic Exam Protocol
Adida, B. and Neff, C. A. (2006). Ballot Casting Assurance. In Proc. of the USENIX/Accurate Electronic Voting Technology, EVT'06, p. 7-7. USENIX Association.
Benaloh, J. (1996). Verifiable Secret-Ballot Elections. PhD thesis, Yale University.
Benaloh, J. and Tuinstra, D. (1994). Receipt-free secretballot elections. In 26th Sym. on Theory of Computing, STOC'94, p. 544-553, New York, NY, USA. ACM.
Blanchet, B. (2014). Automatic Verification of Security Protocols in the Symbolic Model: the Verifier ProVerif. In Foundations of Security Analysis and Design VII, FOSAD Tutorial Lectures, volume 8604 of LNCS, p. 54-87. Springer.
Boneh, D., Sahai, A., and Waters, B. (2011). Functional encryption: Definitions and challenges. In 8th Theory of Cryptography Conf., TCC 11, volume 6597 of LNCS, p. 253-273. Springer.
Cohen, J. and Fischer, M. (1985). A robust and verifiable cryptographically secure election scheme. In 26th Ann. Sym. on Foundations of Computer Science, FOCS'85, p. 372-382, Portland, Oregon, USA. IEEE Computer Society.
Cuvelier, E., Pereira, O., and Peters, T. (2013). Election Verifiability or Ballot Privacy: Do We Need to Choose?, p. 481-498. Springer.
De Santis, A., Micali, S., and Persiano, G. (1988). Noninteractive zero-knowledge proof systems. In Advances in Cryptology, CRYPTO87, volume 293 of LNCS, p. 52-72. Springer.
Department of Defence (1987). DoD Personnel Security Program. DOD 5200.2 R.
Dreier, J., Giustolisi, R., Kassem, A., Lafourcade, P., and Lenzini, G. (2015). A Framework for Analyzing Verifiability in Traditional and Electronic Exams. In 11th Int. Conf. Information Security Practice and Experience, ISPEC 2015, volume 9065 of LNCS, p. 514-529, 2015. Springer.
Dreier, J., Giustolisi, R., Kassem, A., Lafourcade, P., Lenzini, G., and Ryan, P. Y. A. (2014). Formal analysis of electronic exams. In 11th Int. Conf. on Security and Cryptography, SECRYPT 14, August, p. 101-112. SciTePress.
Giustolisi, R., Lenzini, G., and Ryan, P. Y. A. (2014). Remark!: A Secure Protocol for Remote Exams, volume 8809 of LNCS, p. 38-48. Springer.
Hirt, M. and Sako, K. (2000). Efficient receipt-free voting based on homomorphic encryption. In 19th Ann. Conf. on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology (EUROCRYPT' 00), volume 1807 of LNCS, p. 539-556. Springer.
Jukna, S. (2012). Boolean Function Complexity -Advances and Frontiers, volume 27 of Algorithms and combinatorics. Springer.
Kremer, S., Ryan, M., and Smyth, B. (2010). Election verifiability in electronic voting protocols. In 15th Eur. Sym. on Research in Computer Security, ESORICS'10, volume 6345 of LNCS, p. 389-404. Springer.
Kusters, R., Truderung, T., and Vogt, A. (2010). Accountability: definition and relationship to verifiability. In 17th Conf. on Computer and Communications Security, CCS'10, p. 526-535. ACM.
Modersheim, S. A., Gro, T., and Vigano, L. (2013). Defining Privacy Is Supposed to Be Easy, p. 619-635. Springer.
Naveed, M., Kamara, S., and Wright, C. V. (2015). Inference Attacks on Property-Preserving Encrypted Databases. In 22nd ACM SIGSAC Conf. on Computer and Communications Security, CCS'15, p. 644-655, New York, NY, USA. ACM.
Smyth, B., Ryan, M., Kremer, S., and Mounira, K. (2010). Towards automatic analysis of election verifiability properties. In Work. on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, ARSPA-WITS'10, volume 6186 of LNCS, p. 146-163. Springer.
