Trustworthy exams without trusted parties

Giampaolo Bella, Rosario Giustolisi, Gabriele Lenzini, Peter Yvain Anthony Ryan

Publikation: Artikel i tidsskrift og konference artikel i tidsskriftTidsskriftartikelForskningpeer review


Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction of computers into the different phases of an exam, such as candidate registration, brings new security issues that should be addressed with the care normally devoted to security protocols.

This paper proposes a protocol that meets a wide set of security requirements and resists threats that may originate from candidates as well as from exam administrators. By relying on a combination of oblivious transfer and visual cryptography schemes, the protocol does not need to rely on any trusted third party. We analyse the protocol formally in ProVerif and prove that it verifies all the stated security requirements.
TidsskriftComputers & Security
Sider (fra-til)291-307
StatusUdgivet - 2017
Udgivet eksterntJa


Dyk ned i forskningsemnerne om 'Trustworthy exams without trusted parties'. Sammen danner de et unikt fingeraftryk.