Towards Verifying Voter Privacy through Unlinkability

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7781)


The increasing official use of security protocols for electronic voting deepens the need for their trustworthiness, hence for their formal verification. The impossibility of linking a voter to her vote, often called voter privacy or ballot secrecy, is the core property of many such protocols. Most existing work relies on equivalence statements in cryptographic extensions of process calculi. This paper provides the first theorem-proving based verification of voter privacy and overcomes some of the limitations inherent to process calculi-based analysis. Unlinkability between two pieces of information is specified as an extension to the Inductive Method for security protocol verification in Isabelle/HOL. New message operators for association extraction and synthesis are defined. Proving voter privacy demanded substantial effort and provided novel insights into both electronic voting protocols themselves and the analysed security goals. The central proof elements are described and shown to be reusable for different protocols with minimal interaction.


E-voting Trustworthy Voting System Privacy Security Protocols Formal Methods 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Klein, G., Nipkow, T., Paulson, L. (eds.): The Archive of Formal Proofs,
  2. 2.
    Abadi, M., Fournet, C.: Mobile Values, New Names, and Secure Communication. In: Proc. of the 28th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL 2001), pp. 104–115. ACM Press (2001)Google Scholar
  3. 3.
    Bella, G.: Formal Correctness of Security Protocols. Information Security and Cryptography. Springer (2007)Google Scholar
  4. 4.
    Bella, G.: Inductive study of confidentiality: for everyone. Formal Aspects of Computing, 1–34 (2012)Google Scholar
  5. 5.
    Bella, G., Massacci, F., Paulson, L.C., Tramontano, P.: Formal Verification of Cardholder Registration in SET. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 159–174. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Bella, G., Paulson, L.C.: Mechanical Proofs about a Non-Repudiation Protocol. In: Boulton, R.J., Jackson, P.B. (eds.) TPHOLs 2001. LNCS, vol. 2152, pp. 91–104. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: Proc. of the 14th IEEE Computer Security Foundations Workshop (CSFW 2001), pp. 82–96. IEEE Press (1998)Google Scholar
  8. 8.
    Butin, D., Bella, G.: Verifying Privacy by Little Interaction and No Process Equivalence. In: SECRYPT, pp. 251–256. SciTePress (2012)Google Scholar
  9. 9.
    Chadha, R., Ciobâcă, Ş., Kremer, S.: Automated Verification of Equivalence Properties of Cryptographic Protocols. In: Seidl, H. (ed.) ESOP 2012. LNCS, vol. 7211, pp. 108–127. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Delaune, S., Kremer, S., Ryan, M.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security 17(4), 435–487 (2009)Google Scholar
  11. 11.
    Delaune, S., Ryan, M., Smyth, B.: Automatic Verification of Privacy Properties in the Applied pi Calculus. In: Karabulut, Y., Mitchell, J., Herrmann, P., Jensen, C.D. (eds.) Trust Management II. IFIP, vol. 263, pp. 263–278. Springer, Boston (2008)CrossRefGoogle Scholar
  12. 12.
    Fujioka, A., Okamoto, T., Ohta, K.: A Practical Secret Voting Scheme for Large Scale Elections. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 244–251. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  13. 13.
    Kremer, S., Ryan, M.: Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Martina, J.E., Paulson, L.C.: Verifying Multicast-Based Security Protocols Using the Inductive Method. In: Workshop on Formal Methods and Cryptography (CryptoForma 2011) (2011)Google Scholar
  15. 15.
    Paulson, L.C.: Isabelle. LNCS, vol. 828. Springer, Heidelberg (1994)zbMATHCrossRefGoogle Scholar
  16. 16.
    Paulson, L.C.: The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security 6, 85–128 (1998)Google Scholar
  17. 17.
    Ryan, M.: Keynote: Analysing security properties of electronic voting systems. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS. LNCS, vol. 6542, pp. 1–14. Springer (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Inria, Université de Lyon, INSA-Lyon, CITI-InriaVilleurbanneFrance
  2. 2.School of ComputingDublin City UniversityDublinIreland
  3. 3.Dipartimento di Matematica e InformaticaUniversità di CataniaItaly
  4. 4.Software Technology Research LaboratoryDe Montfort UniversityUK

Personalised recommendations