Formal verification of secure framework for digital exams

Abstract

The digital exam might come in the near future at the Norwegian University of Science and technology. As a replacement for tradition paper exam, digital exams will bring, along the old threats, some new challenges coming from the electronic format. Only a few research has been done in the development of secure framework and only four of them have been created. From them only two have been proven, Remark! and Huszti. Huszti has been proven insecure while Remark! withstood the attack. This thesis has made the test for another one, Castella-Roca, and it was revealed that it also has some security flaws. It is possible for an attacker to know which examiner has marked which exam if the manager is dishonest.