% Publications of Ben Smyth -- https://publications.bensmyth.com/ @unpublished{2024-annotated-biography, author = {Ben Smyth}, title = {{Annotated biography: Free \& fair elections}}, year = {2025} } @unpublished{2025-implementing-Fiat-Shamir, author = {Ben Smyth}, title = {{Hooking up with Fiat-Shamir}}, year = {2025} } @unpublished{2025-influence-freedom-legitimacy, author = {Ben Smyth}, title = {{Score-based decisions: Influence, freedom, legitimacy}}, year = {2025} } @misc{2024-tally-then-decrypt, author = {Ben Smyth}, title = {{Championing tally-then-decrypt secrecy}}, year = {2024} } @unpublished{2022-sidestepping-arrow-impossibility, author = {Ben Smyth}, title = {{Overcoming Arrow's impossibility: Honeybee sidestep}}, year = {2022} } @article{2022-surveying-election-verifiability, author = {Ben Smyth and Michael R. Clarkson}, title = {{Surveying definitions of election verifiability}}, journal = {Information Processing Letters}, year = {2022}, volume = {177}, doi = {10.1016/j.ipl.2022.106267} } @techreport{2014-election-verifiability, author = {Ben Smyth and Steven Frink and Michael R. Clarkson}, title = {{Election Verifiability: Cryptographic Definitions and an Analysis of Helios, Helios-C, and JCJ}}, year = {2021}, month = {April}, number = {2015/233}, institution = {Cryptology ePrint Archive} } @article{2015-ballot-secrecy, author = {Ben Smyth}, title = {{Ballot secrecy: Security definition, sufficient conditions, and analysis of Helios}}, journal = {Journal of Computer Security}, year = {2021}, volume = {29}, number = {6}, pages = {551-611}, doi = {10.3233/JCS-191415} } @inproceedings{2021-cast-as-intended, author = {Peter B. Rønne and Peter Y. A. Ryan and Ben Smyth}, title = {{Cast-as-Intended: A Formal Definition and Case Studies}}, booktitle = {FC'21: 25th International Conference on Financial Cryptography and Data Security}, year = {2021}, volume = {12676}, pages = {251--262}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-662-63958-0\_22} } @techreport{2019-surveying-coercion-resistance, author = {Thomas Haines and Ben Smyth}, title = {{Surveying definitions of coercion resistance}}, year = {2020}, month = {July}, number = {2019/822}, institution = {Cryptology ePrint Archive} } @article{2019-surveying-global-verifiability, author = {Ben Smyth}, title = {{Surveying global verifiability}}, journal = {Information Processing Letters}, year = {2020}, volume = {163}, doi = {10.1016/j.ipl.2020.106000} } @techreport{2020-mind-the-gap, author = {Ben Smyth}, title = {{Mind the Gap: Individual- and universal-verifiability plus cast-as-intended don't yield verifiable voting systems}}, year = {2020}, number = {2020/1054}, institution = {Cryptology ePrint Archive} } @article{2016-attacking-eligibility-in-Helios, author = {Maxime Meyer and Ben Smyth}, title = {{Exploiting re-voting in the Helios election system}}, journal = {Information Processing Letters}, year = {2019}, volume = {143}, pages = {14--19}, doi = {10.1016/j.ipl.2018.11.001} } @techreport{2017-eUICC-overview, author = {Maxime Meyer and Elizabeth A. Quaglia and Ben Smyth}, title = {{An Overview of GSMA's M2M Remote Provisioning Specification}}, year = {2019}, month = {June}, number = {1906.02254}, institution = {arXiv} } @article{2018-ballot-secrecy-from-NM-CPA, author = {Ben Smyth and Yoshikazu Hanatani}, title = {{Non-malleable encryption with proofs of plaintext knowledge and applications to voting}}, journal = {International Journal of Security and Networks}, year = {2019}, month = {December}, volume = {14}, number = {4}, pages = {191--204} } @techreport{2019-Athena-voting-system, author = {Ben Smyth}, title = {{Athena: A verifiable, coercion-resistant voting system with linear complexity}}, year = {2019}, month = {July}, number = {2019/761}, institution = {Cryptology ePrint Archive} } @unpublished{2019-TLS-tutorial, author = {Ben Smyth}, title = {{TLS 1.3 for engineers: An exploration of the TLS 1.3 specification and OpenJDK's Java implementation}}, year = {2019}, number = {1904.02148}, institution = {arXiv} } @inproceedings{2019-surveying-receipt-freeness, author = {Ashley Fraser and Elizabeth A. Quaglia and Ben Smyth}, title = {{A critique of game-based definitions of receipt-freeness for voting}}, booktitle = {ProvSec'19: 13th International Conference on Provable and Practical Security}, year = {2019}, volume = {11821}, pages = {189--205}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-030-31919-9\_11} } @manual{2010-ProVerif-manual-version-2.00, author = {Bruno Blanchet and Ben Smyth and Vincent Cheval and Marc Sylvestre}, title = {{ProVerif 2.00: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial}}, year = {2018}, month = {May}, note = {Originally appeared as Bruno Blanchet and Ben Smyth (2011) ProVerif 1.85: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial.} } @article{2015-election-to-auction-transform, author = {Elizabeth A. Quaglia and Ben Smyth}, title = {{Secret, verifiable auctions from elections}}, journal = {Theoretical Computer Science}, year = {2018}, month = {March}, volume = {730}, pages = {44--92}, doi = {10.1016/j.tcs.2018.03.022} } @misc{2017-FPTP-suffices-for-ranked-voting, author = {Ben Smyth}, title = {{First-past-the-post suffices for ranked voting}}, year = {2018}, month = {September} } @inproceedings{2017-attacks-against-eUICC, author = {Maxime Meyer and Elizabeth A. Quaglia and Ben Smyth}, title = {{Attacks against GSMA's M2M Remote Provisioning}}, booktitle = {FC'18: 22nd International Conference on Financial Cryptography and Data Security}, year = {2018}, volume = {10957}, pages = {243--252}, series = {LNCS}, publisher = {Springer}, note = {(First appeared at Black Hat Europe 2017.)} } @techreport{2017-secrecy-verifiability-elections-tutorial, author = {Elizabeth A. Quaglia and Ben Smyth}, title = {{A short introduction to secrecy and verifiability for elections}}, year = {2018}, month = {September}, number = {1702.03168}, institution = {arXiv} } @inproceedings{2017-verifiability-Helios-mixnet, author = {Ben Smyth}, title = {{Verifiability of Helios Mixnet}}, booktitle = {Voting'18: 3rd Workshop on Advances in Secure Electronic Voting}, year = {2018}, volume = {10958}, pages = {247--261}, series = {LNCS}, publisher = {Springer} } @article{2017-verifying-observational-equivalence, author = {Bruno Blanchet and Ben Smyth}, title = {{Automated reasoning for equivalences in the applied pi calculus with barriers}}, journal = {Journal of Computer Security}, year = {2018}, volume = {26}, number = {3}, pages = {367--422}, doi = {10.3233/JCS-171013} } @inproceedings{2018-distance-bounding-protocols, author = {Tom Chothia and Joeri de Ruiter and Ben Smyth}, title = {{Modelling and Analysis of a Hierarchy of Distance Bounding Attacks}}, booktitle = {USENIX Security'18: 27th USENIX Security Symposium}, year = {2018}, publisher = {USENIX Association} } @techreport{2018-secrecy-verifiability-elections-tutorial, author = {Ben Smyth}, title = {{A foundation for secret, verifiable elections}}, year = {2018}, month = {January}, number = {2018/225}, institution = {Cryptology ePrint Archive} } @inproceedings{2018-voting-authentication, author = {Elizabeth A. Quaglia and Ben Smyth}, title = {{Authentication with weaker trust assumptions for voting systems}}, booktitle = {AFRICACRYPT'18: 10th International Conference on Cryptology in Africa}, year = {2018}, volume = {10831}, pages = {322--343}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-319-89339-6\_18} } @inproceedings{2017-caching-encrypted-content, author = {Jérémie Leguay and Georgios S. Paschos and Elizabeth A. Quaglia and Ben Smyth}, title = {{CryptoCache: Network Caching with Confidentiality}}, booktitle = {ICC'17: IEEE International Conference on Communications}, year = {2017}, month = {May}, publisher = {IEEE Computer Society}, doi = {10.1109/ICC.2017.7996866} } @inproceedings{2016-verifying-observational-equivalence, author = {Bruno Blanchet and Ben Smyth}, title = {{Automated reasoning for equivalences in the applied pi calculus with barriers}}, booktitle = {CSF'16: 29th Computer Security Foundations Symposium}, year = {2016}, month = {April}, pages = {310--324}, publisher = {IEEE Computer Society}, doi = {10.1109/CSF.2016.29} } @article{2012-Direct-Anonymous-Attestation-privacy-definition, author = {Ben Smyth and Mark D. Ryan and Liqun Chen}, title = {{Formal analysis of privacy in Direct Anonymous Attestation schemes}}, journal = {Science of Computer Programming}, year = {2015}, month = {April}, volume = {111}, number = {2}, doi = {10.1016/j.scico.2015.04.004} } @techreport{2014-truncation-attacks-to-violate-beliefs, author = {Ben Smyth and Alfredo Pironti}, title = {{Truncating TLS Connections to Violate Beliefs in Web Applications}}, year = {2015}, number = {hal-01102013}, institution = {INRIA} } @inproceedings{2015-automated-verification-of-secrecy-using-phases, author = {Tom Chothia and Ben Smyth and Chris Staite}, title = {{Automatically Checking Commitment Protocols in ProVerif without False Attacks}}, booktitle = {POST'15: 4th Conference on Principles of Security and Trust}, year = {2015}, month = {January}, volume = {9036}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-662-46666-7\_8} } @inproceedings{2015-ciphertext-plus-proof-of-knowledge-is-NM-CPA, author = {Ben Smyth and Yoshikazu Hanatani and Hirofumi Muratani}, title = {{NM-CPA secure encryption with proofs of plaintext knowledge}}, booktitle = {IWSEC'15: 10th International Workshop on Security}, year = {2015}, month = {June}, volume = {9241}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-319-22425-1\_8} } @inproceedings{2014-Hawk-and-Aucitas-auction-schemes, author = {Adam McCarthy and Ben Smyth and Elizabeth A. Quaglia}, title = {{Hawk and Aucitas: e-auction schemes from the Helios and Civitas e-voting schemes}}, booktitle = {FC'14: 18th International Conference on Financial Cryptography and Data Security}, year = {2014}, month = {January}, volume = {8437}, pages = {51--63}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-662-45472-5\_4} } @techreport{2014-ballot-independence-for-election-schemes, author = {Ben Smyth and David Bernhard}, title = {{Ballot secrecy and ballot independence: definitions and relations}}, year = {2014}, month = {October}, number = {2013/235}, institution = {Cryptology ePrint Archive} } @techreport{2014-ballot-secrecy, author = {David Bernhard and Ben Smyth}, title = {{Ballot secrecy with malicious bulletin boards}}, year = {2014}, month = {October}, number = {2014/822}, institution = {Cryptology ePrint Archive} } @techreport{2014-privacy-on-social-network-sites, author = {Ben Smyth}, title = {{Forget Me Do: Empowering user privacy on social network sites}}, year = {2014}, month = {October}, number = {2014/10}, institution = {Forget Me Do Limited} } @article{2012-attacking-ballot-secrecy-in-Helios, author = {Véronique Cortier and Ben Smyth}, title = {{Attacking and fixing Helios: An analysis of ballot secrecy}}, journal = {Journal of Computer Security}, year = {2013}, month = {February}, volume = {21}, number = {1}, pages = {89--148}, doi = {10.3233/JCS-2012-0458} } @inproceedings{2013-ballot-independence-for-election-schemes, author = {Ben Smyth and David Bernhard}, title = {{Ballot secrecy and ballot independence coincide}}, booktitle = {ESORICS'13: 18th European Symposium on Research in Computer Security}, year = {2013}, month = {June}, volume = {8134}, pages = {463--480}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-642-40203-6\_26} } @inproceedings{2013-truncation-attacks-to-violate-beliefs, author = {Ben Smyth and Alfredo Pironti}, title = {{Truncating TLS Connections to Violate Beliefs in Web Applications}}, booktitle = {WOOT'13: 7th USENIX Workshop on Offensive Technologies}, year = {2013}, month = {June}, publisher = {USENIX Association}, note = {(First appeared at Black Hat USA 2013.)} } @proceedings{2012-ISPEC-proceedings, editor = {Mark D. Ryan and Ben Smyth and Guilin Wang}, title = {{Proceedings of the 8th International Conference on Information Security Practice and Experience (ISPEC'12)}}, year = {2012}, month = {March}, volume = {7232}, series = {LNCS}, publisher = {Springer} } @techreport{2012-further-ballot-secrecy-attacks-in-Helios, author = {Ben Smyth}, title = {{Replay attacks that violate ballot secrecy in Helios}}, year = {2012}, month = {January}, number = {2012/185}, institution = {Cryptology ePrint Archive} } @inproceedings{2012-internet-key-exchange, author = {Fangming Zhao and Yoshikazu Hanatani and Yuichi Komano and Ben Smyth and Satoshi Ito and Toru Kambayashi}, title = {{Secure Authenticated Key Exchange with Revocation for Smart Grid}}, booktitle = {ISGT'12: 3rd IEEE Power \& Energy Society Conference on Innovative Smart Grid Technologies}, year = {2012}, month = {February}, publisher = {IEEE Computer Society}, doi = {10.1109/ISGT.2012.6175530} } @manual{2010-ProVerif-manual-version-1.85, author = {Bruno Blanchet and Ben Smyth}, title = {{ProVerif 1.85: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial}}, year = {2011}, month = {March} } @incollection{2011-Applied-pi-calculus, author = {Mark D. Ryan and Ben Smyth}, editor = {Véronique Cortier and Steve Kremer}, title = {{Applied pi calculus}}, booktitle = {Formal Models and Techniques for Analyzing Security Protocols}, year = {2011}, month = {March}, chapter = {6}, publisher = {IOS Press}, doi = {10.3233/978-1-60750-714-7-112} } @phdthesis{2011-PhD-thesis, author = {Ben Smyth}, title = {{Formal verification of cryptographic protocols with automated reasoning}}, year = {2011}, month = {March}, school = {School of Computer Science}, address = {University of Birmingham} } @inproceedings{2011-anonymity-definition-for-Direct-Anonymous-Attestation, author = {Ben Smyth and Mark D. Ryan and Liqun Chen}, title = {{Formal analysis of anonymity in ECC-based Direct Anonymous Attestation schemes}}, booktitle = {FAST'11: 8th International Workshop on Formal Aspects of Security and Trust}, year = {2011}, month = {September}, volume = {7140}, pages = {245--262}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-642-29420-4\_16} } @inproceedings{2011-attacking-ballot-secrecy-in-Helios, author = {Véronique Cortier and Ben Smyth}, title = {{Attacking and fixing Helios: An analysis of ballot secrecy}}, booktitle = {CSF'11: 24th Computer Security Foundations Symposium}, year = {2011}, month = {June}, pages = {297--311}, publisher = {IEEE Computer Society}, doi = {10.1109/CSF.2011.27} } @techreport{2011-attacking-ballot-secrecy-in-electronic-voting, author = {Ben Smyth and Véronique Cortier}, title = {{A note on replay attacks that violate privacy in electronic voting schemes}}, year = {2011}, month = {June}, number = {RR-7643}, institution = {INRIA} } @inproceedings{2011-provably-secure-variant-of-Helios, author = {David Bernhard and Véronique Cortier and Olivier Pereira and Ben Smyth and Bogdan Warinschi}, title = {{Adapting Helios for provable ballot privacy}}, booktitle = {ESORICS'11: 16th European Symposium on Research in Computer Security}, year = {2011}, month = {September}, volume = {6879}, pages = {335-354}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-642-23822-2\_19} } @inproceedings{2010-towards-verifiability-definition-for-electronic-voting, author = {Ben Smyth and Mark D. Ryan and Steve Kremer and Mounira Kourjieh}, title = {{Towards automatic analysis of election verifiability properties}}, booktitle = {ARSPA-WITS'10: Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security}, year = {2010}, month = {March}, volume = {6186}, pages = {165--182}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-642-16074-5\_11} } @inproceedings{2010-verifiability-definition-for-electronic-voting, author = {Steve Kremer and Mark D. Ryan and Ben Smyth}, title = {{Election verifiability in electronic voting protocols}}, booktitle = {ESORICS'10: 15th European Symposium on Research in Computer Security}, year = {2010}, month = {September}, volume = {6345}, pages = {389--404}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-642-15497-3\_24} } @inproceedings{2008-towards-verification-of-observational-equivalence, author = {Delaune, Stéphanie and Ryan, Mark D. and Smyth, Ben}, title = {{Automatic verification of privacy properties in the applied pi-calculus}}, booktitle = {IFIPTM'08: 2nd Joint iTrust and PST Conferences on Privacy, Trust Management and Security}, year = {2008}, month = {June}, volume = {263}, pages = {263--278}, series = {International Federation for Information Processing (IFIP)}, publisher = {Springer}, doi = {10.1007/978-0-387-09428-1\_17} } @inproceedings{2007-attacking-anonymity-in-Direct-Anonymous-Attestation, author = {Ben Smyth and Mark D. Ryan and Liqun Chen}, title = {{Direct Anonymous Attestation (DAA): Ensuring privacy with corrupt administrators}}, booktitle = {ESAS'07: 4th European Workshop on Security and Privacy in Ad hoc and Sensor Networks}, year = {2007}, month = {July}, volume = {4572}, pages = {218--231}, series = {LNCS}, publisher = {Springer}, doi = {10.1007/978-3-540-73275-4\_16} } @inproceedings{2012-decentralised-voting-system, author = {Dalia Khader and Ben Smyth and Peter Y. A. Ryan and Feng Hao}, title = {{A Fair and Robust Voting System by Broadcast}}, booktitle = {EVOTE'12: 5th International Conference on Electronic Voting}, year = {{2012}}, month = {July}, volume = {205}, pages = {285-299}, series = {Lecture Notes in Informatics}, publisher = {Gesellschaft für Informatik} }