A formal framework for quantifying voter-controlled privacy

H.L. Jonker; S. Mauw; J. Pang

doi:10.1016/j.jalgor.2009.02.007

A formal framework for quantifying voter-controlled privacy

H.L. Jonker, S. Mauw, J. Pang

Research output: Contribution to journal › Article › Academic › peer-review

11 Citations (Scopus)

1 Downloads (Pure)

Abstract

Privacy is a necessary requirement for voting. Without privacy, voters can be forced to vote in specific ways, and the forcing party can check their compliance. But offering privacy does not suffice: if a voter can reduce her privacy, an attacker can force her to do so. In this paper, we distinguish various ways that a voter can communicate with the intruder to reduce her privacy and classify them according to their ability to reduce the privacy of a voter. We develop a framework combining knowledge reasoning and trace equivalences to formally model voting protocols and define voter-controlled privacy. Our framework is quantitative, in the sense that it defines a measure for the privacy of a voter. Therefore, the framework can precisely measure the level of privacy for a voter for each of the identified privacy-reduction classes. The quantification allows our framework to capture receipts that reduce, but not nullify, the privacy of the voter.

Original language	English
Pages (from-to)	89-105
Journal	Journal of Algorithms
Volume	64
Issue number	2-3
DOIs	https://doi.org/10.1016/j.jalgor.2009.02.007
Publication status	Published - 2009

Access to Document

10.1016/j.jalgor.2009.02.007

Cite this

@article{c034ec0471a84eccae7dc34cc1806ae5,

title = "A formal framework for quantifying voter-controlled privacy",

abstract = "Privacy is a necessary requirement for voting. Without privacy, voters can be forced to vote in specific ways, and the forcing party can check their compliance. But offering privacy does not suffice: if a voter can reduce her privacy, an attacker can force her to do so. In this paper, we distinguish various ways that a voter can communicate with the intruder to reduce her privacy and classify them according to their ability to reduce the privacy of a voter. We develop a framework combining knowledge reasoning and trace equivalences to formally model voting protocols and define voter-controlled privacy. Our framework is quantitative, in the sense that it defines a measure for the privacy of a voter. Therefore, the framework can precisely measure the level of privacy for a voter for each of the identified privacy-reduction classes. The quantification allows our framework to capture receipts that reduce, but not nullify, the privacy of the voter.",

author = "H.L. Jonker and S. Mauw and J. Pang",

year = "2009",

doi = "10.1016/j.jalgor.2009.02.007",

language = "English",

volume = "64",

pages = "89--105",

journal = "Journal of Algorithms",

issn = "0196-6774",

publisher = "Academic Press Inc.",

number = "2-3",

}

TY - JOUR

T1 - A formal framework for quantifying voter-controlled privacy

AU - Jonker, H.L.

AU - Mauw, S.

AU - Pang, J.

PY - 2009

Y1 - 2009

N2 - Privacy is a necessary requirement for voting. Without privacy, voters can be forced to vote in specific ways, and the forcing party can check their compliance. But offering privacy does not suffice: if a voter can reduce her privacy, an attacker can force her to do so. In this paper, we distinguish various ways that a voter can communicate with the intruder to reduce her privacy and classify them according to their ability to reduce the privacy of a voter. We develop a framework combining knowledge reasoning and trace equivalences to formally model voting protocols and define voter-controlled privacy. Our framework is quantitative, in the sense that it defines a measure for the privacy of a voter. Therefore, the framework can precisely measure the level of privacy for a voter for each of the identified privacy-reduction classes. The quantification allows our framework to capture receipts that reduce, but not nullify, the privacy of the voter.

AB - Privacy is a necessary requirement for voting. Without privacy, voters can be forced to vote in specific ways, and the forcing party can check their compliance. But offering privacy does not suffice: if a voter can reduce her privacy, an attacker can force her to do so. In this paper, we distinguish various ways that a voter can communicate with the intruder to reduce her privacy and classify them according to their ability to reduce the privacy of a voter. We develop a framework combining knowledge reasoning and trace equivalences to formally model voting protocols and define voter-controlled privacy. Our framework is quantitative, in the sense that it defines a measure for the privacy of a voter. Therefore, the framework can precisely measure the level of privacy for a voter for each of the identified privacy-reduction classes. The quantification allows our framework to capture receipts that reduce, but not nullify, the privacy of the voter.

U2 - 10.1016/j.jalgor.2009.02.007

DO - 10.1016/j.jalgor.2009.02.007

M3 - Article

SN - 0196-6774

VL - 64

SP - 89

EP - 105

JO - Journal of Algorithms

JF - Journal of Algorithms

IS - 2-3

ER -

A formal framework for quantifying voter-controlled privacy

Abstract

Access to Document

Fingerprint

Cite this