On Backward-Style Anonymity Verification

Many Internet services and protocols should guarantee anonymity; for example, an electronic voting system should guarantee to prevent the disclosure of who voted for which candidate. To prove trace anonymity, which is an extension of the formulation of anonymity by Schneider and Sidiropoulos, this paper presents an inductive method based on backward anonymous simulations. We show that the existence of an image-finite backward anonymous simulation implies trace anonymity. We also demonstrate the anonymity verification of an e-voting protocol (the FOO protocol) with our backward anonymous simulation technique. When proving the trace anonymity, this paper employs a computer-assisted verification tool based on a theorem prover.

[1]  Steve A. Schneider,et al.  CSP and Anonymity , 1996, ESORICS.

[2]  Nancy A. Lynch,et al.  Computer-Assisted Simulation Proofs , 1993, CAV.

[3]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[4]  Mark Ryan,et al.  Analysis of an Electronic Voting Protocol in the Applied Pi Calculus , 2005, ESOP.

[5]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.

[6]  Hideki Sakurada,et al.  An Adversary Model for Simulation-Based Anonymity Proof , 2008, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[7]  Mark Ryan,et al.  Coercion-resistance and receipt-freeness in electronic voting , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[8]  Martín Abadi,et al.  Private authentication , 2004, Theor. Comput. Sci..

[9]  Vitaly Shmatikov,et al.  Information Hiding, Anonymity and Privacy: a Modular Approach , 2004, J. Comput. Secur..

[10]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[11]  Nancy A. Lynch,et al.  Forward and Backward Simulations: I. Untimed Systems , 1995, Inf. Comput..

[12]  Stephen J. Garland,et al.  An Overview of Larch , 1993, Functional Programming, Concurrency, Simulation and Automated Reasoning.

[13]  Ken Mano,et al.  Theorem-proving anonymity of infinite-state systems , 2007, Inf. Process. Lett..

[14]  Joseph Y. Halpern,et al.  Anonymity and information hiding in multiagent systems , 2005 .