Improving Automated Symbolic Analysis of Ballot Secrecy for E-Voting Protocols: A Method Based on Sufficient Conditions

We advance the state-of-the-art in automated symbolic analysis of ballot secrecy for e-voting protocols by proposing a method based on analysing three conditions that together imply ballot secrecy. Our approach has two main advantages over existing automated approaches. The first is a substantial expansion of the class of protocols and threat models that can be automatically analysed: our approach can systematically deal with (a) honest authorities present in different phases, (b) threat models in which no dishonest voters occur, and (c) protocols whose ballot secrecy depends on fresh data coming from other phases. The second advantage is that our approach can significantly improve verification efficiency, as the individual conditions are often simpler to verify. E.g., for the LEE protocol, we obtain a speedup of over two orders of magnitude. We show the scope and effectiveness of our approach using ProVerif in several case studies, including the FOO, LEE, JCJ, and Belenios protocols.

[1]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.

[2]  Martín Abadi,et al.  Automated verification of selected equivalences for security protocols , 2005, 20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05).

[3]  Cas J. F. Cremers,et al.  The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.

[4]  Mark Ryan,et al.  Verifying privacy-type properties of electronic voting protocols , 2009, J. Comput. Secur..

[5]  Ralf Sasse,et al.  A Formal Analysis of 5G Authentication , 2018, CCS.

[6]  Michael Backes,et al.  Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[7]  Mark Ryan,et al.  Analysis of an Electronic Voting Protocol in the Applied Pi Calculus , 2005, ESOP.

[8]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[9]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[10]  Mark Ryan,et al.  Automatic Verification of Privacy Properties in the Applied pi Calculus , 2008, IFIPTM.

[11]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[12]  Tatsuaki Okamoto,et al.  An electronic voting scheme , 1996, IFIP World Conference on IT Tools.

[13]  Véronique Cortier,et al.  Machine-Checked Proofs of Privacy for Electronic Voting Protocols , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[14]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[15]  Sebastian Mödersheim,et al.  The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures , 2012, TACAS.

[16]  David Baelde,et al.  A Method for Verifying Privacy-Type Properties: The Unbounded Case , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[17]  Véronique Cortier,et al.  When Are Three Voters Enough for Privacy Properties? , 2016, ESORICS.

[18]  Peter B. Rønne,et al.  To Du or Not to Du: A Security Analysis of Du-Vote , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[19]  Karthikeyan Bhargavan,et al.  Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[20]  Cas J. F. Cremers,et al.  Improving Automated Symbolic Analysis for E-voting Protocols: A Method Based on Sufficient Conditions for Ballot Secrecy , 2017, ArXiv.

[21]  David A. Basin,et al.  The TAMARIN Prover for the Symbolic Analysis of Security Protocols , 2013, CAV.

[22]  Ben Smyth,et al.  Attacking and Fixing Helios: An Analysis of Ballot Secrecy , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[23]  Ben Smyth,et al.  Automated Reasoning for Equivalences in the Applied Pi Calculus with Barriers , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).

[24]  Ralf Sasse,et al.  Beyond Subterm-Convergent Equational Theories in Automated Verification of Stateful Protocols , 2017, POST.

[25]  Véronique Cortier,et al.  SoK: Verifiability Notions for E-Voting Protocols , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[26]  Ben Smyth,et al.  ProVerif 1.85: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial , 2011 .

[27]  David A. Basin,et al.  Alethea: A Provably Secure Random Sample Voting Protocol , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[28]  Véronique Cortier,et al.  Voting: You Can't Have Privacy without Individual Verifiability , 2018, CCS.

[29]  Véronique Cortier Electronic Voting: How Logic Can Help , 2017, CIAA.

[30]  Stéphanie Delaune,et al.  A survey of symbolic methods for establishing equivalence-based properties in cryptographic protocols , 2017, J. Log. Algebraic Methods Program..

[31]  David A. Basin,et al.  Know Your Enemy: Compromising Adversaries in Protocol Analysis , 2014, TSEC.

[32]  Markus Jakobsson,et al.  Coercion-resistant electronic elections , 2005, WPES '05.

[33]  Véronique Cortier,et al.  A Type System for Privacy Properties , 2017, CCS.

[34]  Véronique Cortier,et al.  SoK: A Comprehensive Analysis of Game-Based Ballot Privacy Definitions , 2015, 2015 IEEE Symposium on Security and Privacy.

[35]  Véronique Cortier,et al.  Election Verifiability for Helios under Weaker Trust Assumptions , 2014, ESORICS.