Automated Analysis of Accountability

@inproceedings{Bruni2017AutomatedAO,
  title={Automated Analysis of Accountability},
  author={Alessandro Maria Bruni and Rosario Giustolisi and Carsten Sch{\"u}rmann},
  booktitle={ISC},
  year={2017}
}
A recent trend in the construction of security protocols such as voting and certificate management systems is to make principals accountable for their actions. Whenever some principals deviate from the protocol’s prescription and cause the failure of a goal of the system, accountability ensures that the system can detect the misbehaving parties who caused that failure. Accountability is an intuitively stronger property than verifiability as the latter only rests on the possibility of detecting… 

Automated Verification of Accountability in Security Protocols

TLDR
This work provides a mechanized method for the verification of accountability and demonstrates its use for verification and attack finding on various examples from the accountability and causality literature, including Certificate Transparency and Kroll^{\prime}s Accountable Algorithms protocol.

M ay 2 01 9 Automated Verification of Accountability in Security Protocols

TLDR
This work provides a mechanized method for the verification of accountability and demonstrates its use for verification and attack finding on various examples from the accountability and causality literature, including Certificate Transparency and Kroll’s Accountable Algorithms protocol.

Verifying Accountability for Unbounded Sets of Participants

TLDR
This work combines the accountability definition of Künnemann, Esiyok, and Backes with the notion of case tests to extend its applicability to protocols with unbounded sets of participants and proposes a general construction of verdict functions and a set of verification conditions that achieve soundness and completeness.

Security Protocols as Choreographies

TLDR
A choreographic language for describing security protocols and a property language for expressing non-trivial security properties of such protocols are introduced and illustrated how the protocol and property descriptions can be translated into multiset rewrite rules and metric first order logic respectively, in order to check if auditable transfer holds.

Dispute Resolution in Voting

TLDR
This work systematically characterize all relevant disputes for a generic, practically relevant, class of voting protocols and proposes a new definition of dispute resolution for voting that accounts for the possibility that both voters and the voting authority can make false claims and that voters may abstain from voting.

Electronic Voting: 5th International Joint Conference, E-Vote-ID 2020, Bregenz, Austria, October 6–9, 2020, Proceedings

TLDR
This paper construct manipulations of the ballots in order to change the overall balance of power in an Australian Federal Senate election – the upper house of Parliament.

Privacy-Preserving Dispute Resolution in the Improved Bingo Voting

TLDR
This work advances the formal analysis in the symbolic model of an improved version of the Bingo Voting scheme, whose enhancements include privacy-preserving dispute resolution mechanisms, and finds that the scheme meets some properties only if one makes additional trust assumptions to those stated in [6].

Three Branches of Accountability

References

SHOWING 1-10 OF 24 REFERENCES

Accountability protocols: Formalized and verified

TLDR
This paper provides a comparative, formal analysis of the nonrepudiation protocol of Zhou and Gollmann and the certified email protocol of Abadi et al, and confirms that they reach their goals under realistic conditions.

Accountability: definition and relationship to verifiability

TLDR
A new, widely applicable definition of accountability is proposed, revealing that accountability is closely related to verifiability, for which a new definition is proposed and it is proved that verifiable can be interpreted as a weak form of accountability.

Towards a Theory of Accountability and Audit

TLDR
This study provides formal foundations to explore the tradeoffs underlying the design of accountability systems including: the power of the auditor, the efficiency of the audit protocol, the requirementsplaced on the agents, and the requirements placed on the communication infrastructure.

SoK: Verifiability Notions for E-Voting Protocols

TLDR
This paper reviews all formal definitions of verifiability proposed in the literature and cast them in a framework proposed by Kuesters, Truderung, and Vogt (the KTV framework), yielding a uniform treatment of verIFiability.

Reliable Evidence: Auditability by Typing

TLDR
A precise definition of auditability is given and it is shown how typechecking can be used to statically verify that a protocol always logs enough evidence.

Towards Automatic Analysis of Election Verifiability Properties

TLDR
This work presents a symbolic definition that captures some cases of election verifiability for electronic voting protocols in terms of reachability assertions in the applied pi calculus and is amenable to automated reasoning using the software tool ProVerif.

Election Verifiability in Electronic Voting Protocols

TLDR
A formal, symbolic definition of election verifiability for electronic voting protocols in the context of the applied pi calculus is presented, given in terms of boolean tests which can be performed on the data produced by an election.

Automatically Detecting the Misuse of Secrets: Foundations, Design Principles, and Applications

TLDR
The foundations and several constructions for security protocols that can automatically detect, without false positives, if a secret has been misused are developed, e.g., to automatically shut down compromised services, or to automatically revoke misused secrets to minimize the effects of compromise.

Computer-assisted verification of a protocol for certified email

TLDR
This case study explores the use of general correspondence assertions in automatic proofs, and aims to demonstrate the considerable power of the tool and its applicability to non-trivial, interesting protocols.

Trustworthy exams without trusted parties