Verifying System-Level Security of a Smart Ballot Box

The Security Power of the Ballot Box

We show that any function f can be securely evaluated by a protocol with ballots and a ballot box. That is, n mutually suspicious players, each player i possessing a secret input xi, can use ballots and ballot boxes to jointly evaluate f(x1, . . . , xn) = (y1, . . . , yn), so that (no matter how many players may collude and deviate from their prescribed instructions, and no matter how long they...

Verifying Second-Level Security Protocols

A second-level security protocol is defined as a security protocol that relies on an underlying security protocol in order to achieve its goals. The verification of classical authentication protocols has become routine, but second-level protocols raise new challenges. These include the formalisation of appeals to the underlying protocols, the modification of the threat model, and the formalisat...

Bigger than a Ballot Box

Verifying Operating System Security

A confined program is one which is unable to leak information to an unauthorized party or modify unauthorized resources. Confinement is an essential feature of any secure component-based system. This paper presents a proof of correctness of the EROS operating system architecture with respect to confinement. We give a formal statement of the requirements, construct a model of the architecture’s ...

A Digital Electronic Ballot Counter Box

Little or no technological advancement, geometric increase in population, and manual counting process has made a democratic system practiced by developing countries of the world inefficient, slow and unattractive. To move away from this system, technology must be adopted to automate democratic process of voting. This paper describes the design and implementation of a digital electronic ballot c...