Analysing Privacy Analyses

The debate on people’s right to privacy and on its meaning is ongoing worldwide, for example in Europe with the newly adopted General Data Protection Regulation. By contrast, works in the area of formal e-voting privacy analysis, which aim at assessing the privacy preservation of a target e-voting system by means of mathematical rigour, appear to have reached a well-known plateau. This plateau is called indistinguishability. However, also other works look at privacy from a formal standpoint, though on different grounds. Notable ones are unlinkability and minimal information disclosure. This paper provides a contrastive argument about the three mentioned approaches by discussing the intuition behind each of them and by assessing their respective pros and cons with the ultimate aim of revamping the privacy debate also at the level of formal analysis.

[1]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[2]  Jun Pang,et al.  Bulletin Boards in Voting Systems: Modelling and Measuring Privacy , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[3]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[4]  Giampaolo Bella,et al.  Formal Correctness of Security Protocols (Information Security and Cryptography) , 2007 .

[5]  Dear Mr Sotiropoulos ARTICLE 29 Data Protection Working Party , 2013 .

[6]  Giampaolo Bella,et al.  Towards Verifying Voter Privacy through Unlinkability , 2013, ESSoS.

[7]  Birgit Pfitzmann,et al.  Formal Methods and Cryptography , 2006, FM.

[8]  Bruno Blanchet,et al.  A Computationally Sound Mechanized Prover for Security Protocols , 2008, IEEE Transactions on Dependable and Secure Computing.

[9]  Jun Pang,et al.  A formal framework for quantifying voter-controlled privacy , 2009, J. Algorithms.

[10]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.

[11]  Giampaolo Bella,et al.  Formal Correctness of Security Protocols , 2007 .

[12]  Steve A. Schneider,et al.  CSP and Anonymity , 1996, ESORICS.

[13]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[14]  Tobias Nipkow,et al.  The Isabelle Framework , 2008, TPHOLs.

[15]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[16]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[17]  Mark Ryan,et al.  Analysis of an Electronic Voting Protocol in the Applied Pi Calculus , 2005, ESOP.

[18]  Mark Ryan,et al.  Verifying Privacy-Type Properties of Electronic Voting Protocols: A Taster , 2010, Towards Trustworthy Elections.

[19]  Byoungcheon Lee,et al.  Providing Receipt-Freeness in Mixnet-Based Voting Protocols , 2003, ICISC.

[20]  Wolter Pieters,et al.  Anonymity and Verifiability in Voting: Understanding (Un)Linkability , 2010, ICICS.

[21]  Tatsuaki Okamoto,et al.  An electronic voting scheme , 1996, IFIP World Conference on IT Tools.

[22]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[23]  Ben Smyth,et al.  Automated Reasoning for Equivalences in the Applied Pi Calculus with Barriers , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).