Security gets formal at workshop
Friday 15 August 2008
David Lundin, a PhD student in the Department, and colleagues have two papers on formal aspects of security accepted for presentation at the 13th European Symposium on Research in Computer Security (ESORICS 2008) in Malaga in September, one of these papers at the satellite 5th International Workshop on Formal Aspects in Security and Trust (FAST2008).
Lundin, D. & Ryan, P.Y.A. (2008). Human Readable Paper Verification of Prêt à Voter, (ESORICS 2008)
The Prêt à Voter election scheme provides high assurance of accuracy and secrecy, due to the high degree of transparency and auditability. However, the assurance arguments are subtle and involve some understanding of the role of cryptography. As a result, establishing public understanding and trust in such systems remains a challenge. It is essential that a voting system be not only trustworthy but also widely trusted.
In response to this concern, we propose to add a mechanism to Prêt à Voter to generate a conventional (i.e. human readable) paper audit trail that can be invoked should the outcome of the cryptographic count be called into question. It is hoped that having such a familiar mechanism as a safety net will encourage public confidence. Care has to be taken to ensure that the mechanism does not undermine the carefully crafted integrity and privacy assurances of the original scheme.
We show that, besides providing a confidence building measure, this mechanism brings with it a number of interesting technical features: it allows extra audits of mechanisms that capture and process the votes to be performed. The mechanism proposed also has the benefit of providing a robust counter to the danger of voters undermining the receipt-freeness of property by trying to retain the candidate list.
Heather, J. & Lundin, D. (2008). The Append-only Web Bulletin Board, (FAST2008)
A large number of papers on verifiable electronic voting that have appeared in the literature in recent years have relied heavily on the availability of an append only web bulletin board. Despite this widespread requirement, however, the notion of an append-only web bulletin board remains somewhat vague, and no method of constructing such a bulletin board has been proposed. This paper fills the gap. We identify the required properties of an append-only web bulletin board, and introduce the concept of certified publishing of messages to the board. We show how such a board can be constructed in order to satisfy the properties we have identified.
Finally, we consider how to extend the scheme to make the web bulletin board robust and able to offer assurance to writers of the inclusion of their messages. Although the work presented here has been inspired and motivated by the requirements of electronic voting systems, the web bulletin board is sufficiently general to allow use in other contexts.