Ali Kassem

Formal analysis of electronic exams

Universities and other educational organizations are adopting computer and Internet-based assessment tools (herein called e-exams) to reach widespread audiences. While this makes examination tests more accessible, it exposes them to new threats. At present, there are very few strategies to check such systems for security, also there is a lack of formal security definitions in this domain. This paper fills this gap: in the formal framework of the applied n-calculus, we define several fundamental authentication and privacy properties and establish the first theoretical framework for the security analysis of e-exam protocols. As proof of concept we analyze two of such protocols with ProVerif. The first “secure electronic exam system” proposed in the literature turns out to have several severe problems. The second protocol, called Remark!, is proved to satisfy all the security properties assuming access control on the bulletin board. We propose a simple protocol modification that removes the need of such assumption though guaranteeing all the security properties.

A Framework for Analyzing Verifiability in Traditional and Electronic Exams

The main concern for institutions that organize exams is to detect when students cheat. Actually more frauds are possible and even authorities can be dishonest. If institutions wish to keep exams a trustworthy business, anyone and not only the authorities should be allowed to look into an exam’s records and verify the presence or the absence of frauds. In short, exams should be verifiable. However, what verifiability means for exams is unclear and no tool to analyze an exam’s verifiability is available. In this paper we address both issues: we formalize several individual and universal verifiability properties for traditional and electronic exams, so proposing a set of verifiability properties and clarifying their meaning, then we implement our framework in ProVerif, so making it a tool to analyze exam verifiability. We validate our framework by analyzing the verifiability of two existing exam systems – an electronic and a paper-and-pencil system.

Monitoring Electronic Exams

Universities and other educational organizations are adopting computer-based assessment tools (herein called e-exams) to reach larger and ubiquitous audiences. While this makes examination tests more accessible, it exposes them to unprecedented threats not only from candidates but also from authorities, which organize exams and deliver marks. Thus, e-exams must be checked to detect potential irregularities. In this paper, we propose several monitors, expressed as Quantified Event Automata (QEA), to monitor the main properties of e-exams. Then, we implement the monitors using MarQ, a recent Java tool designed to support QEAs. Finally, we apply our monitors to logged data from real e-exams conducted by Universite Joseph Fourier at pharmacy faculty, as a part of Epreuves Classantes Nationales informatisees, a pioneering project which aims to realize all french medicine exams electronically by 2016. Our monitors found discrepancies between the specification and the implementation.

Formal analysis of e-cash protocols

Electronic cash (e-cash) aims at achieving client privacy at payment, similar to real cash. Several security protocols have been proposed to ensure privacy in e-cash, as well as the necessary unforgery properties. In this paper, we propose a formal framework to define, analyze, and verify security properties of e-cash systems. To this end, we model e-cash systems in the applied p-calculus, and we define two client privacy properties and three properties to prevent forgery. Finally, we apply our definitions to an e-cash protocol from the literature proposed by Chaum et al., which has two variants and a real implementation based on it. Using ProVerif, we demonstrate that our framework is suitable for an automated analysis of this protocol.

Formal analysis and offline monitoring of electronic exams

More and more universities are moving toward electronic exams (in short e-exams). This migration exposes exams to additional threats, which may come from the use of the information and communication technology. In this paper, we identify and define several security properties for e-exam systems. Then, we show how to use these properties in two complementary approaches: model-checking and monitoring. We illustrate the validity of our definitions by analyzing a real e-exam used at the pharmacy faculty of University Grenoble Alpes (UGA ) to assess students. On the one hand, we instantiate our properties as queries for ProVerif, an automatic verifier of cryptographic protocols, and we use it to check our modeling of UGA exam specifications. ProVerif found some attacks. On the other hand, we express our properties as Quantified Event Automata (QEAs), and we synthesize them into monitors using MarQ , a Java tool designed to implement QEAs. Then, we use these monitors to verify real exam executions conducted by UGA. Our monitors found fraudulent students and discrepancies between the specifications of UGA exam and its implementation.

Formal Verification of e-Reputation Protocols

Reputation systems are often useful in large online communities in which most of the users are unknown to each other. They are good tools to force the users to act in truthfulness way. However, for a reputation system to work effectively users have to be willing to provide rates. In order to incentivize the users to provide honest rates, a reputation system have to ensure their privacy and anonymity. Users are also concerned about verifying the correctness of the reputation score. In the applied pi-calculus, we define a formal framework and several fundamental privacy, authentication, and verifiability properties suitable for the security analysis of e-reputation protocols. As proof of concept, using ProVerif, we analyze a simple additive decentralized reputation protocol proposed to ensure rate privacy if all users are honest.

A More Realistic Model for Verifying Route Validity in Ad-Hoc Networks

Many cryptographic protocols aim at ensuring the route validity in ad-hoc networks, i.e. the established route representing an exists path in the network . However, flaws have been found in some protocols that are claimed secure (e.g. the attack on SRP applied to DSR). Some formal models and reduction proofs have been proposed to give more guarantees when verifying route validity and facilitate verification process. The existing approaches assume the cooperative attacker model. In this paper, we consider the non-cooperative attacker model, and we show that verifying the route validity under the non-cooperative model requires to verify only five topologies, each containing four nodes, and to consider only three malicious (compromised) nodes. Furthermore, we prove that a protocol is secure for any topology under the non-cooperative model, if and only if, it is secure for any topology under the cooperative model.

Formal Security Analysis of Traditional and Electronic Exams

Nowadays, students can be assessed not only by means of pencil-and-paper tests, but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they can reach larger audiences, but they are exposed to new threats that can potentially ruin the whole exam business. These threats are amplified by two issues: the lack of understanding of what security means for electronic exams (except the old concern about students cheating), and the absence of tools to verify whether an exam process is secure. This paper addresses both issues by introducing a formal description of several fundamental authentication and privacy properties, and by establishing the first theoretical framework for an automatic analysis of exam security. It uses the applied \(\pi \)-calculus as a framework and ProVerif as a tool. Three exam protocols are checked in depth: two Internet exam protocols of recent design, and the pencil-and-paper exam used by the University of Grenoble. The analysis highlights several weaknesses. Some invalidate authentication and privacy even when all parties are honest; others show that security depends on the honesty of parties, an often unjustified assumption in modern exams.