• Publications
  • Influence
ProVerif 1.85: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial
The aim of this beta is to extend the class of equivalences that ProVerif handles, so this beta can only take input file with an equivalence query, and any other query has been disabled.
Attacking and Fixing Helios: An Analysis of Ballot Secrecy
  • V. Cortier, B. Smyth
  • Computer Science, Mathematics
    IEEE 24th Computer Security Foundations Symposium
  • 27 June 2011
This paper analyzes ballot secrecy and discovers a vulnerability which allows an adversary to compromise the privacy of voters and presents a fix, which satisfies a formal definition of ballot secrecy using the applied pi calculus.
Election Verifiability in Electronic Voting Protocols
A formal, symbolic definition of election verifiability for electronic voting protocols in the context of the applied pi calculus is presented, given in terms of boolean tests which can be performed on the data produced by an election.
Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators
It is shown DAA places an unnecessarily large burden on the TPM host and it is demonstrated how corrupt administrators can exploit this weakness to violate privacy.
Automated Reasoning for Equivalences in the Applied Pi Calculus with Barriers
  • B. Blanchet, B. Smyth
  • Computer Science
    IEEE 29th Computer Security Foundations Symposium…
  • 1 June 2016
The class of equivalences that can be proved automatically by ProVerif are extended, including privacy in election schemes by Fujioka, Okamoto & Ohta and Lee et al., and in the vehicular ad-hoc network by Freudiger et al.
Automatic Verification of Privacy Properties in the Applied pi Calculus
We develop a formal method verification technique for cryptographic protocols. We focus on proving observational equivalences of the kind P ∼ Q, where the processes P and Q have the same structure
A Fair and Robust Voting System by Broadcast
A recovery round is proposed to enable the election result to be announced if voters abort and a commitment round is added to ensure fairness and a computational security proof of ballot secrecy is provided.
Ballot secrecy with malicious bulletin boards
  • B. Smyth
  • Mathematics
    IACR Cryptol. ePrint Arch.
  • 10 October 2014
The new definition is intended to ensure that ballot secrecy is preserved in the presence of malicious bulletin boards, whereas earlier definitions by Bernhard et al. only consider honest bulletin boards.
Automatically Checking Commitment Protocols in ProVerif without False Attacks
A method to reduce false attacks when analysing secrecy is introduced, showing how inserting phases into non-replicated processes enables a more accurate translation to Horn clauses which avoids some false attacks.