Pretty Good Voting (PGV) Christian Bell, Jason Duell, Amir Kamil Computer Security CS 261 Fall 2004.

Slides:

Advertisements

Similar presentations

RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.

Advertisements

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

Good or Bad?.  One of the closest contests in US history  Florida was the pivotal state  Neither Democrat Al Gore nor Republican George W. Bush had.

Internet Voting Technology and policy issues. Selective History of Voting (US) early 1800’s: public oral voting at County Hall 1800’s: free-form, non-secret.

Administration of Absentee Ballot Programs Barry C. Burden (University of Wisconsin) Brian J. Gaines (University of Illinois)

1 Receipt-freedom in voting Pieter van Ede. 2 Important properties of voting  Authority: only authorized persons can vote  One vote  Secrecy: nobody.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.

Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

© VoteHere, Inc. All rights reserved. November 2004 VHTi Data Demonstration Andrew Berg Director, Engineering.

Ronald L. Rivest MIT Laboratory for Computer Science

Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.

Internet Voting Technology and policy issues David Wagner UC Berkeley.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.

CRYPTOGRAPHY WHAT IS IT GOOD FOR? Andrej Bogdanov Chinese University of Hong Kong CMSC 5719 | 6 Feb 2012.

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Unit 28- Website Development Assignment 1- THEORY P3

Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Cryptographic Voting Protocols: A Systems Perspective By Chris Karlof, Naveen Sastry, and David Wagner University of California, Berkely Proceedings of.

Authentication Approaches over Internet Jia Li

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

An Internet Voting System Manager Yonghua Li Kansas State University October 19, 2001 MSE Project - Phase I.

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

KYUSHUUNIVERSITYKYUSHUUNIVERSITY SAKURAILABORATORYSAKURAILABORATORY Sakurai Lab. Kyushu University Dr-course HER, Yong-Sork E-voting VS. E-auction.

Towards a Safe Playground for HTTPS and Middle-Boxes with QoS2 Zhenyu Zhou CS Dept., Duke University.

Internet Security for Small & Medium Business Week 6

IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.

Electronic Voting Ronald L. Rivest MIT Laboratory for Computer Science.

Masked Ballot Voting for Receipt-Free Online Elections Sam Heinith, David Humphrey, and Maggie Watkins.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick.

Nathanael Paul CRyptography Applications Bistro February 3, 2004.

Evoting using collaborative clustering Justin Gray Osama Khaleel Joey LaConte Frank Watson.

A remote voting system based on Prêt à Voter coded by David Lundin Johannes Clos.

McLean HIGHER COMPUTER NETWORKING Lesson 8 E-Commerce Explanation of ISP Description of E-commerce Description of E-sales.

Privacy and Anonymity Using Mix Networks* Slides borrowed from Philippe Golle, Markus Jacobson.

CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.

William H. Bowers – Ethics for the Information Age Chapter 6.5 – Online Voting.

Internet Voting Ashok CS 395T. What is “E-voting” Thomas Edison received US patent number 90,646 for an electrographic vote recorder in Specific.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

E-voting Bringing the voting process to the technology age.

COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●

Identification Of Requirements From a Given Problem Statement.

Electronic Voting R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

The Administration of Elections Extent of Federal control Elections need to be free, honest, and accurate Most election law in the U.S. is State Law.

Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton.

@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

Secure, verifiable online voting 29 th June 2016.

Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.

An Introduction to Online Voting/ Surveys

ThreeBallot, VAV, and Twin

E-voting …and why it’s good..

eVoting System Proposal

The Italian Academic Community’s Electronic Voting System

Presentation transcript:

Pretty Good Voting (PGV) Christian Bell, Jason Duell, Amir Kamil Computer Security CS 261 Fall 2004

PGV Introduction According to the SERVE report, "there really is no good way to build [..] a voting system without a radical change in the overall architecture of the Internet and the PC, or some unforeseen security breakthrough“ PGV is an effort to provide a practical Internet voting solution What's the best we can do with current Internet technologies assuming we are not targeting the holy grail of elections, presidential elections? How and to whom can we provide 'Pretty Good Voting' ? –Elections possible for non-profit organizations, corporate shareholders –Potential for higher voter turnouts –Potential for higher voter convenience –Potential for higher confidence in results

Problem space Federal online elections “Impossible” E-commerce (HTTPS) Easy and well understood Application Level of difficulty PGV ? ? ?

Election Requirements “Must-haves” –Fair count: registered voters only, vote only once, counted accurately “Nice to Have” –“Strong” anonymity “weak”, ecommerce-style anonymity may be OK Not needed? –Preventing coercion, selling of votes –Receipt-free (receipts are good!) –Denial of Service (temporary DoS is OK)

Focus on Feasibility/Acceptance PGV Environment Registered voters only Collusion resistance: –Decentralized tabulation –Prevent ballot stuffing Robust: don’t lose votes Spyware detection E-commerce style availability (web server) and security (SSL and DNS): No better, no worse Open policy: open security and voting protocols Ease of Use Standard Web browser –Perhaps with applet, plugin No user key management Voters can see their ballots (in plain text) in the results

A AA OOOOV PGV “simple” solution 1.Voter sends ballot to all authentication servers: Ballot = {User, Pass, Vote, unique_id} Kas 2.Authentication servers validate user, then send ballot to Observers with voter obscured as MD5(user, password). 3.Observers check that authentication servers produce same results. Publish votes. Voters can find/check their ballot via their unique_id.

A AA OOOOV V1V1 V2V2 V3V3 V4V4 V5V5 V3V3 V1V1 V4V4 V5V5 V2V2 V2V2 V3V3 V1V1 V5V5 V4V4 M1M1 M2M2 M3M3 PGV Mix-net solution 1.Browser encrypts ballot with Mix-net public keys, and sends to authentication servers: (user, password, {{{vote, unique_id} M3 } M2 } M1 ) 2.Authentication servers validate user, sign {vote} and send to observers. 3.Observers check that authentication servers produce same ciphertexts; pass into mix-net. 4. Mix-net shuffles voters/votes. Each step stored with observers for verfiability, including final results. Voters can find/check their ballot via their unique_id.

Security guarantees Authentication servers –Must all produce same result, or flag raised, so all must collude to tamper with votes –Sign results, so fraud traceable Observers –Not trusted with any secrets. All inputs signed by source, so can’t tamper. Mix-Net –All servers would need to collude to compromise voter’s anonymity.

“Spyware” detection Use out-of-band channel to distribute per-voter permutations. Voters cast ballot for symbol corresponding to candidate. Spyware can’t predict symbol for a given candidate, so can’t swing election (at best can randomly misrepresent voter). = Kerry = Bush = Nader Mail ballot2. On-screen vote