“Trust Engineering:” From Requirements to System Design and Maintenance – A Working National Lottery System Experience

  • Elisavet Konstantinou
  • Vasiliki Liagkou
  • Paul Spirakis
  • Yannis C. Stamatiou
  • Moti Yung
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3650)

Abstract

Based on our experience in designing, building and maintaining an information system for supporting a large scale electronic lottery, we present in this paper a unified approach to the design and implementation of electronic lotteries with the focus on pragmatic trust establishment. This approach follows closely the methodologies commonly employed in the development of general information systems. However, central to the proposed approach is the decomposition of a security critical system into layers containing basic trust components so as to facilitate the management of trust, first along the layers, and then as we move from layer to layer. We believe that such a structured approach, based on layers and trust components, can help designers of security critical applications produce demonstrably robust and verifiable systems that people will not hesitate to use.

Keywords

Electronic Lotteries Security Critical Applications Trust 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Alexi, W., Chor, B., Goldreich, O., Schnorr, C.: RSA and Rabin Functions: Certain Parts are as Hard as the Whole. SIAM J. Computing 17(2), 194–209 (1988)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Blum, L., Blum, M., Shub, M.: A Simple Unpredictable Pseudo-Random Generator. SIAM J. Computing 15(2), 364–383 (1986)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Fouque, P.A., Poupard, G., Stern, J.: Sharing Decryption in the Context of Voting or Lotteries. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 90–104. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Goldschlag, D.M., Stubblebine, S.G.: Publicly Verifiable Lotteries: Applications of Delaying Functions. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 214–226. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. 5.
    Gustafson, H., Dawson, E., Nielsen, L., Caelli, W.: A computer package for measuring the strength of encryption algorithms. Computers and Security 13, 687–697 (1994)CrossRefGoogle Scholar
  6. 6.
    Hall, C., Schneier, B.: Remote Electronic Gambling. In: Proc. 13th ACM Annual Computer Security Applications Conference, pp. 227–230 (1997)Google Scholar
  7. 7.
    Ham, W., Kim, K.: A Secure On-line Lottery Using Bank as a Notery. In: CISC 2002, pp. 121–124 (2002)Google Scholar
  8. 8.
    Knuth, D.E.: Seminumerical Algorithms, 3rd edn. Addison-Wesley, Reading (1997)Google Scholar
  9. 9.
    Kobayashi, K., Morita, H., Hakuta, M., Nakanowatari, T.: An Electronic Soccer Lottery System that Uses Bit Commitment. IEICE Trans. Inf. & Syst. E 83-D(5), 980–987 (2000)Google Scholar
  10. 10.
    Konstantinou, E., Liagkou, V., Spirakis, P., Stamatiou, Y.C., Yung, M.: Electronic National Lotteries. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 147–163. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Kushilevitz, E., Rabin, T.: Fair e-Lotteries and e-Casinos. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 100–109. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
  13. 13.
    Marsaglia, G.: Diehard: A Battery of Tests for Randomness (1996), Available at http://stat.fsu.edu/geo
  14. 14.
    Mcrypt cryptographic library, ftp://mcrypt.hellug.gr/pub/crypto/mcrypt
  15. 15.
    Micali, S., Rabin, M.O., Vadhan, S.P.: Verifiable Random Functions. In: Proc. 40th IEEE Symp. on Foundations of Computer Science, pp. 120–130 (1999)Google Scholar
  16. 16.
    Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudorandom functions. In: Proc. 38th IEEE Symp. on Found. of Computer Science (1997)Google Scholar
  17. 17.
    Neumann, P.G.: The Problems and Potentials of Voting Systems. Communications of the ACM 47(10) (2004)Google Scholar
  18. 18.
    Patel, S., Sundaram, G.: An Efficient Discrete Log Pseudo Random Generator. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 304–317. Springer, Heidelberg (1998)Google Scholar
  19. 19.
    Protego, product information, http://www.protego.se/sg100_en.htm
  20. 20.
    Rukhin, L., Soto, J., Nechvatal, J., Smid, M., Levenson, M., Banks, D., Vangel, M., Leigh, S., Vo, S., Dray, J.: A Statistical Test Suite for the Validation of Cryptographic Random Number Generators, Special NIST Publication, National Institute of Standards and Technology, Gaithersburg, MD (2000)Google Scholar
  21. 21.
    Sako, K.: Implementation of a digital lottery server on WWW. In: Baumgart, R. (ed.) CQRE 1999. LNCS, vol. 1740, pp. 101–108. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  22. 22.
    Syverson, P.: Weakly Secret Bit Commitment: Applications to Lotteries and Fair Exchange. In: Proc. IEEE Computer Security Foundations Workshop (CSFW11), pp. 2–13 (1998)Google Scholar
  23. 23.
    Westphal Electronics, product information, http://www.westphal-electronic.de
  24. 24.
    Zhou, J., Tan, C.: Playing Lottery on the Internet. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 189–201. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Elisavet Konstantinou
    • 1
    • 2
  • Vasiliki Liagkou
    • 1
    • 2
  • Paul Spirakis
    • 1
    • 2
  • Yannis C. Stamatiou
    • 1
    • 3
  • Moti Yung
    • 4
    • 5
  1. 1.Computer Technology InstitutePatrasGreece
  2. 2.Dept. of Comp. Eng. and InformaticsUniversity of PatrasPatrasGreece
  3. 3.Dept. of MathematicsUniversity of IoanninaIoanninaGreece
  4. 4.Computer ScienceColumbia UniversityNew YorkUSA
  5. 5.RSA LaboratoriesBedfordUSA

Personalised recommendations