Paper 2010/236

Accountability: Definition and Relationship to Verifiability

Ralf Kuesters, Tomasz Truderung, and Andreas Vogt


Many cryptographic tasks and protocols, such as non-repudiation, contract-signing, voting, auction, identity-based encryption, and certain forms of secure multi-party computation, involve the use of (semi-)trusted parties, such as notaries and authorities. It is crucial that such parties can be held accountable in case they misbehave as this is a strong incentive for such parties to follow the protocol. Unfortunately, there does not exist a general and convincing definition of accountability that would allow to assess the level of accountability a protocol provides. In this paper, we therefore propose a new, widely applicable definition of accountability, with interpretations both in symbolic and computational models. Our definition reveals that accountability is closely related to verifiability, for which we also propose a new definition. We prove that verifiability can be interpreted as a restricted form of accountability. Our findings on verifiability are of independent interest. As a proof of concept, we apply our definitions to the analysis of protocols for three different tasks: contract-signing, voting, and auctions. Our analysis unveils some subtleties and unexpected weaknesses, showing in one case that the protocol is unusable in practice. However, for this protocol we propose a fix to establish a reasonable level of accountability.

Note: Added publication information as well as some explanation in Section 5.2.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.Proceedings of the 17th ACM Conference on Computer and Communications Security (ACM CCS 2010)
AccountabilityVerifiabilityProtocol AnalysisE-VotingAuctionContract Signing
Contact author(s)
kuesters @ uni-trier de
2015-02-02: revised
2010-04-28: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ralf Kuesters and Tomasz Truderung and Andreas Vogt},
      title = {Accountability: Definition and Relationship to Verifiability},
      howpublished = {Cryptology ePrint Archive, Paper 2010/236},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.