Ben Smyth

Ben Smyth

The Internet delivered in excess of forty terabytes per second in 2017 (Cisco, 2018), and over half of today's Internet traffic is encrypted (Sandvine, 2018); enabling trade worth trillions of dollars (Statista, 2017). Yet, the underlying encryption technology is only understood by a select few. This manuscript broadens understanding by exploring TLS, an encryption technology used to protect application layer communication (including HTTP, FTP and SMTP traffic), and by examining Oracle's Java implementation. We focus on the most recent TLS release, namely, version 1.3, which is defined by RFC 8446.

Elizabeth A. Quaglia, Ben Smyth

We explore the fundamental properties that are necessary to ensure that election schemes behave as expected. The exploration reveals how our understanding of those expectations has evolved, culminating in the emergence of formal definitions of properties necessary to fulfil expectations. We provide insights into definitions of secrecy and verifiability, allowing us to learn and appreciate the underlying intuition and technical details of these notions. Equipped with definitions, we can build election schemes that can be proven to behave as expected. And, as an illustrative example, we review a variant of the Helios election system that was built and proven secure, in this way. Furthermore, the definitions can be used to analyse existing election schemes, and vulnerabilities have been uncovered. Indeed, we describe a series of vulnerabilities that were discovered during the analysis of the original Helios system, which advanced our understanding of system behaviour and prompted the design of the aforementioned variant. Thus, this article contributes to the science of security by sharing valuable insights into elections, and demonstrating the value that formal definitions and analysis have in building schemes guaranteed to behave as expected.

Maxime Meyer, Ben Smyth

Election systems must ensure that representatives are chosen by voters. Moreover, each voter should have equal influence. Traditionally, this has been achieved by permitting voters to cast at most one ballot. More recently, this has been achieved by tallying the last ballot cast by each voter. We show this is not achieved by the Helios election system, because an adversary can cause a ballot other than a voter's last to be tallied. Moreover, we show how the adversary can choose the contents of such a ballot, thus the adversary can unduly influence the selection of representatives.