Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Trustworthy exams without trusted parties
Università di Catania, Italy.
RISE - Research Institutes of Sweden, ICT, SICS.
University of Luxembourg, Luxembourg.
University of Luxembourg, Luxembourg.
2017 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 67, p. 291-307Article in journal (Refereed) Published
Abstract [en]

Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction of computers into the different phases of an exam, such as candidate registration, brings new security issues that should be addressed with the care normally devoted to security protocols. This paper proposes a protocol that meets a wide set of security requirements and resists threats that may originate from candidates as well as from exam administrators. By relying on a combination of oblivious transfer and visual cryptography schemes, the protocol does not need to rely on any trusted third party. We analyse the protocol formally in ProVerif and prove that it verifies all the stated security requirements.

Place, publisher, year, edition, pages
Elsevier , 2017. Vol. 67, p. 291-307
Keywords [en]
Cryptography; Formal methods, Assessment; Oblivious transfer; Proverif; Pseudonym; Security protocols; Security requirements; Trusted third parties; Visual cryptography schemes, Network security
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-30053DOI: 10.1016/j.cose.2016.12.005Scopus ID: 2-s2.0-85028234699OAI: oai:DiVA.org:ri-30053DiVA, id: diva2:1119465
Available from: 2017-07-04 Created: 2017-07-04 Last updated: 2019-03-25Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus
By organisation
SICS
In the same journal
Computers & security (Print)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 103 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf