Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Election Verifiability Revisited: Automated Security Proofs and Attacks on Helios and Belenios
Baloglu, Sevdenur; Bursuc, Sergiu; Mauw, Sjouke et al.
2021In IEEE 34th Computer Security Foundations Symposium, Dubrovnik 21-25 June 2021
Peer reviewed
 

Files


Full Text
main.pdf
Publisher postprint (370.89 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
foundations / applications; electronic voting; formal verification
Abstract :
[en] Election verifiability aims to ensure that the outcome produced by electronic voting systems correctly reflects the intentions of eligible voters, even in the presence of an adversary that may corrupt various parts of the voting infrastructure. Protecting such systems from manipulation is challenging because of their distributed nature involving voters, election authorities, voting servers and voting platforms. An adversary corrupting any of these can make changes that, individually, would go unnoticed, yet in the end will affect the outcome of the election. It is, therefore, important to rigorously evaluate whether the measures prescribed by election verifiability achieve their goals. We propose a formal framework that allows such an evaluation in a systematic and automated way. We demonstrate its application to the verification of various scenarios in Helios and Belenios, two prominent internet voting systems, for which we capture features and corruption models previously outside the scope of formal verification. Relying on the Tamarin protocol prover for automation, we derive new security proofs and attacks on deployed versions of these protocols, illustrating trade-offs between usability and security.
Disciplines :
Computer science
Author, co-author :
Baloglu, Sevdenur ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Mauw
Bursuc, Sergiu ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Mauw
Mauw, Sjouke ;  University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Pang, Jun  ;  University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
External co-authors :
no
Language :
English
Title :
Election Verifiability Revisited: Automated Security Proofs and Attacks on Helios and Belenios
Publication date :
June 2021
Event name :
IEEE 34th Computer Security Foundations Symposium (CSF)
Event date :
from 21-06-2021 to 25-06-2021
Main work title :
IEEE 34th Computer Security Foundations Symposium, Dubrovnik 21-25 June 2021
Publisher :
IEEE Computer Society, Los Alamitos, CA, United States
ISBN/EAN :
978-1-7281-7607-9
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
Name of the research project :
R-AGR-3433-11
Available on ORBilu :
since 17 January 2021

Statistics


Number of views
308 (27 by Unilu)
Number of downloads
244 (16 by Unilu)

Scopus citations®
 
6
Scopus citations®
without self-citations
4

Bibliography


Similar publications



Contact ORBilu