User Tools

Site Tools

Accountabiliy: Definition and Relationship to Verifiability (BibTeX)

  author    = {Ralf K{\"u}sters and Tomasz Truderung and Andreas Vogt},
  title     = {{Accountabiliy: Definition and Relationship to Verifiability}},
  institution = {University of Trier},
  year = {2010},
  howpublished = {Cryptology ePrint Archive, Report 2010/236},
  note = {\url{}},
  abstract = { Many cryptographic tasks and protocols, such as non-repudiation, contract-signing, voting, auction, identity-based encryption, and certain forms of secure multi-party computation, involve the use of \mbox{(semi-)trusted} parties, such as notaries and authorities.  It is crucial that such parties can be held accountable in case they misbehave as this is a strong incentive for such parties to follow the protocol.  Unfortunately, there does not exist a general and convincing definition of accountability that would allow to assess the level of accountability a protocol provides.   In this paper, we therefore propose a new, widely applicable definition of accountability, with interpretations both in symbolic and computational models. Our definition reveals that accountability is closely related to verifiability, for which we also propose a new definition. We prove that verifiability can be interpreted as a restricted form of accountability.  Our findings on verifiability are of independent interest.   As a proof of concept, we apply our definitions to the analysis of protocols for three different tasks: contract-signing, voting, and auctions.  Our analysis unveils some subtleties and unexpected weaknesses, showing in one case that the protocol is unusable in practice.  However, for this protocol we propose a fix to establish a reasonable level of accountability.}