Skip to main content
SpringerLink
Log in

Towards Model Checking of Voting Protocols in Uppaal

  • Conference paper
  • First Online:
Electronic Voting (E-Vote-ID 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12455))

Included in the following conference series:

Abstract

The design and implementation of a trustworthy e-voting system is a challenging task. Formal analysis can be of great help here. In particular, it can lead to a better understanding of how the voting system works, and what requirements on the system are relevant. In this paper, we propose that the state-of-art model checker Uppaal provides a good environment for modelling and preliminary verification of voting protocols. To illustrate this, we demonstrate how to model a version of Prêt à Voter in Uppaal, together with some natural extensions. We also show how to verify a variant of receipt-freeness, despite the severe limitations of the property specification language in the model checker.

The aim of this work is to open a new path, rather then deliver the ultimate outcome of formal analysis. A comprehensive model of Prêt à Voter, more accurate specification of requirements, and exhaustive verification are planned for the future.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    I.e., infinite or ending in a state with no outgoing transitions.

  2. 2.

    Without the explicit bounds, the range of values would be [−32768,32768].

References

  1. Adida, B.: Helios: web-based open-audit voting. In: Proceedings of the 17th Conference on Security Symposium, SS 2008, USENIX Association, Berkeley, CA, USA, pp. 335–348 (2008)

    Google Scholar 

  2. Arapinis, M., Cortier, V., Kremer, S.: When are three voters enough for privacy properties? In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 241–260. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_13

    Chapter  Google Scholar 

  3. Beckert, B., Goré, R., Schürmann, C.: Analysing vote counting algorithms via logic. In: Bonacina, M.P. (ed.) CADE 2013. LNCS (LNAI), vol. 7898, pp. 135–144. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38574-2_9

    Chapter  MATH  Google Scholar 

  4. Beckert, B., Kirsten, M., Klebanov, V., Schürmann., C.: Automatic margin computation for risk-limiting audits. In: Krimmer, R. et al. (eds.) Electronic Voting. Proceedings of E-Vote-ID, Lecture Notes in Computer Science, vol. 10141, pp. 18–35. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-52240-1_2

  5. Behrmann, G., David, A., Larsen, K.G.: A tutorial on UPPAAL. In: Bernardo, M., Corradini, F. (eds.) Formal Methods for the Design of Real-Time Systems: SFM-RT. LNCS, vol. 3185, pp. 200–236. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30080-9_7

    Chapter  Google Scholar 

  6. Bertot, Y., Casteran, P., Huet, G., Paulin-Mohring, C.: Interactive Theorem Proving and Program Development. Coq’Art: The Calculus of Inductive Constructions. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-662-07964-5

    Book  MATH  Google Scholar 

  7. Boureanu, I., Kouvaros, P., Lomuscio, A.: Verifying security properties in unbounded multiagent systems. In: Proceedings of International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS), pp. 1209–1217 (2016)

    Google Scholar 

  8. Bruni, A., Drewsen, E., Schürmann, C.: Towards a mechanized proof of selene receipt-freeness and vote-privacy. In: Krimmer, R., Volkamer, M., Braun Binder, N., Kersting, N., Pereira, O., Schürmann, C. (eds.) E-Vote-ID 2017. LNCS, vol. 10615, pp. 110–126. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68687-5_7

    Chapter  Google Scholar 

  9. Burton, C., et al.: Using Prêt à Voter in Victoria state elections. In: Proceedings of EVT/WOTE. USENIX (2012)

    Google Scholar 

  10. Chaum, D., et al.: Scantegrity II: end-to-end verifiability by voters of optical scan elections through confirmation codes. IEEE Trans. Inf. Forensics Secur. 4(4), 611–627 (2009)

    Article  Google Scholar 

  11. Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24730-2_15

    Chapter  MATH  Google Scholar 

  12. Cortier, V., Galindo, D., Küsters, R., Müller, J., Truderung, T.: SoK: verifiability notions for e-voting protocols. In: IEEE Symposium on Security and Privacy, pp. 779–798 (2016)

    Google Scholar 

  13. Czerwiński, W., Lasota, S., Lazić, R., Leroux, J., Mazowiecki, F.: The reachability problem for petri nets is not elementary. In: Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing STOC, pp. 24–33. Association for Computing Machinery (2019)

    Google Scholar 

  14. Emerson, E.A.: Temporal and modal logic. In: van Leeuwen, J. (ed.) Handbook of Theoretical Computer Science, vol. B, pp. 995–1072. Elsevier, Amsterdam (1990)

    Google Scholar 

  15. German, S.M., Sistla, A.P.: Reasoning about systems with many processes. J. ACM 39(3), 675–735 (1992)

    Article  MathSciNet  Google Scholar 

  16. Ghale, M.K., Goré, R., Pattinson, D., Tiwari, M.: Modular formalisation and verification of STV algorithms. In: Krimmer, R., et al. (eds.) E-Vote-ID 2018. LNCS, vol. 11143, pp. 51–66. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00419-4_4

    Chapter  Google Scholar 

  17. Goranko, V., Jamroga, W.: Comparing semantics of logics for multi-agent systems. Synthese 139(2), 241–280 (2004)

    Article  MathSciNet  Google Scholar 

  18. Haines, T., Goré, R., Tiwari, M.: Verified verifiers for verifying elections. In: Proceedings of CCS, pp. 685–702. ACM (2019)

    Google Scholar 

  19. Hao, F., Ryan, P.Y.A.: Real-World Electronic Voting: Design, Analysis and Deployment, 1st edn. Auerbach Publications, Boca Raton (2016)

    Book  Google Scholar 

  20. Jakobsson, M., Juels, A., Rivest, R.L.: Making mix nets robust for electronic voting by randomized partial checking. In: USENIX Security Symposium, pp. 339–353 (2002)

    Google Scholar 

  21. Jamroga, W.: Knowledge and strategic ability for model checking: a refined approach. In: Bergmann, R., Lindemann, G., Kirn, S., Pěchouček, M. (eds.) MATES 2008. LNCS (LNAI), vol. 5244, pp. 99–110. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87805-6_10

    Chapter  Google Scholar 

  22. Jamroga, W., Knapik, M., Kurpiewski, D.: Model checking the SELENE e-voting protocol in multi-agent logics. In: Krimmer, R., et al. (eds.) E-Vote-ID 2018. LNCS, vol. 11143, pp. 100–116. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00419-4_7

    Chapter  Google Scholar 

  23. Kant, G., Laarman, A., Meijer, J., van de Pol, J., Blom, S., van Dijk, T.: LTSmin: high-performance language-independent model checking. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 692–707. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46681-0_61

    Chapter  Google Scholar 

  24. Kelsey, J., Regenscheid, A., Moran, T., Chaum, D.: Attacking Paper-Based E2E Voting Systems, pp. 370–387. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12980-3_23

    Book  Google Scholar 

  25. Khazaei, S., Wikström, D.: Randomized partial checking revisited. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 115–128. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36095-4_8

    Chapter  Google Scholar 

  26. Lomuscio, A., Penczek, W.: LDYIS: a framework for model checking security protocols. Fundamenta Informaticae 85(1–4), 359–375 (2008)

    MathSciNet  MATH  Google Scholar 

  27. Lomuscio, A., Qu, H., Raimondi, F.: MCMAS: an open-source model checker for the verification of multi-agent systems. Int. J. Softw. Tools Technol. Transfer. 19(1), 9–30 (2017)

    Article  Google Scholar 

  28. Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48

    Chapter  Google Scholar 

  29. Meng, B.: A critical review of receipt-freeness and coercion-resistance. Inf. Technol. J. 8(7), 934–964 (2009)

    Article  Google Scholar 

  30. Pattinson, D., Schürmann, C.: Vote counting as mathematical proof. In: Pfahringer, B., Renz, J. (eds.) AI 2015. LNCS (LNAI), vol. 9457, pp. 464–475. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26350-2_41

    Chapter  Google Scholar 

  31. Ryan, P.Y.A., Schneider, S.A., Teague, V.: End-to-end verifiability in voting systems, from theory to practice. IEEE Secur. Priv. 13(3), 59–62 (2015)

    Article  Google Scholar 

  32. Ryan, P.Y.A.: The computer ate my vote. In: Boca, P., Bowen, J., Siddiqi, J. (eds.) Formal Methods: State of the Art and New Directions, pp. 147–184. Springer, London (2010). https://doi.org/10.1007/978-1-84882-736-3_5

    Chapter  Google Scholar 

  33. Ryan, P.Y.A., Rønne, P.B., Iovino, V.: Selene: voting with transparent verifiability and coercion-mitigation. In: Clark, J., et al. (eds.) Financial Cryptography and Data Security. Lecture Notes in Computer Science, vol. 9604, pp. 176–192. Springer, Heidelberg (2016)

    Chapter  Google Scholar 

  34. Ryan, P.Y.A., Teague, V.: Pretty good democracy. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 111–130. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36213-2_15

    Chapter  Google Scholar 

  35. Zollinger, M.-L., Roenne, P., Ryan, P.Y.A.: Mechanized proofs of verifiability and privacy in a paper-based e-voting scheme. In: Proceedings of 5th Workshop on Advances in Secure Electronic Voting (2020)

    Google Scholar 

Download references

Acknowledgements

The authors acknowledge the support of the Luxembourg National Research Fund (FNR) and the National Centre for Research and Development Poland (NCBiR) under the INTER/PolLux projects VoteVerif (POLLUX-IV/1/2016) and STV (POLLUX-VII/1/2019).

Author information

Authors and Affiliations

  1. Interdisciplinary Centre for Security, Reliability, and Trust, SnT, University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Wojciech Jamroga, Yan Kim & Peter Y. A. Ryan

  2. Institute of Computer Science, Polish Academy of Sciences, Warsaw, Poland

    Wojciech Jamroga & Damian Kurpiewski

Authors
  1. Wojciech Jamroga
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yan Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Damian Kurpiewski
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peter Y. A. Ryan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wojciech Jamroga .

Editor information

Editors and Affiliations

  1. Tallinn University of Technology, Tallinn, Estonia

    Robert Krimmer

  2. Karlsruhe Institute of Technology, Karlsruhe, Baden-Württemberg, Germany

    Melanie Volkamer

  3. Karlsruhe Institute of Technology (KIT), Karlsruhe, Baden-Württemberg, Germany

    Bernhard Beckert

  4. University of Stuttgart, Stuttgart, Germany

    Ralf Küsters

  5. University of Copenhagen, Copenhagen, Denmark

    Oksana Kulyk

  6. Tallinn University of Technology, Tallinn, Estonia

    David Duenas-Cid

  7. University of Tartu, Tartu, Estonia

    Mihkel Solvak

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jamroga, W., Kim, Y., Kurpiewski, D., Ryan, P.Y.A. (2020). Towards Model Checking of Voting Protocols in Uppaal. In: Krimmer, R., et al. Electronic Voting. E-Vote-ID 2020. Lecture Notes in Computer Science(), vol 12455. Springer, Cham. https://doi.org/10.1007/978-3-030-60347-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-60347-2_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-60346-5

  • Online ISBN: 978-3-030-60347-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation