Design and Analysis of Secure Exam Protocols

Except for the traditional threat that candidates may want to cheat, exams have historically not been seen as a serious security problem. That threat is routinely thwarted by having invigilators ensure that candidates do not misbehave during testing. However, as recent exam scandals confirm, also invigilators and exam authorities may have interest in frauds, hence they may pose security threats as well. Moreover, new security issues arise from the recent use of computers, which can facilitate the exam experience for example by allowing candidates to register from home. Thus, exams must be designed with the care normally devoted to security protocols. This dissertation studies exam protocol security and provides an in-depth understanding that can be also useful for the study of the security of similar systems, such as personnel selections, project reviews, and conference management systems. It introduces an unambiguous terminology that leads to the specification of a taxonomy of various exam types, depending on the level of computer assistance. It then establishes a theoretical framework for the formal analysis of exams. The framework defines several authentication, privacy, and verifiability requirements that modern exams should meet, and enables the security of exam protocols to be studied. Using the framework, we formally analyse traditional, computer-assisted, and Internet-based exam protocols. We find some security issues and propose modifications to partially achieve the desired requirements. This dissertation also designs three novel exam protocols that guarantee a wide set of security requirements. Finally, this dissertation looks at exams as carried out through modern browsers. We advance a formal analysis of requirements that are not only logically conditioned on the technology but also on user actions. We conclude with best-practice recommendations to browser vendors.