Reference : Trustworthy exams without trusted parties
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
Trustworthy exams without trusted parties
Bella, Giampaolo [University of Catania > Mathematics and Informatics]
Giustolisi, Rosario [Swedish Institute of Computer Science]
Lenzini, Gabriele mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Ryan, Peter [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Computer and Security
Yes (verified by ORBilu)
[en] Assessment ; Proverif ; Formal Methods ; Security Protocols
[en] Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction of computers into the different phases of an exam, such as candidate registration, brings new security issues that should be addressed with the care normally devoted to security protocols.

This paper proposes a protocol that meets a wide set of security requirements and resists threats that may originate from candidates as well as from exam administrators. By relying on a combination of oblivious transfer and visual cryptography schemes, the protocol does not need to rely on any trusted third party. We analyse the protocol formally in ProVerif and prove that it verifies all the stated security requirements.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)

File(s) associated to this reference

Fulltext file(s):

Limited access
1-s2.0-S0167404816301766-main.pdfPublisher postprint1.38 MBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.