Kickoff Meeting „E-Voting Seminar“

Slides:

Advertisements

Similar presentations

Trusting the Vote Ben Adida - Cryptography and Information Security Group MIT Computer Science and Artificial.

Advertisements

Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony.

Electronic Voting Systems

RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.

Talk by Vanessa Teague, University of Melbourne Joint work with Chris Culnane, James Heather & Steve Schneider at University of.

Electronic Voting System Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin Dan S. Wallach IEEE Symp. On Security and Privacy 2004 VoteHere System Analysis,

Electronic Voting Ronald L. Rivest MIT CSAIL Norway June 14, 2004.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Can voters check that their e-vote is cast as they intended and properly included in an accurate count? Vanessa Teague University of Melbourne

ThreeBallot, VAV, and Twin Ronald L. Rivest – MIT CSAIL Warren D. Smith - CRV Talk at EVT’07 (Boston) August 6, 2007 Ballot Box Ballot Mixer Receipt G.

On the Security of Ballot Receipts in E2E Voting Systems Jeremy Clark, Aleks Essex, and Carlisle Adams Presented by Jeremy Clark.

ICT IN THE ELECTORAL PROCESS: LESSONS LEARNED Susanne Caarls International Electoral Affairs Symposium May 2012.

Cryptographic Voting Protocols: A Systems Perspective Chris Karlof Naveen Sastry David Wagner UC-Berkeley Direct Recording Electronic voting machines (DREs)

Wombat Voting Alon Rosen IDC Herzliya July 20, 2012.

By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.

A method for electronic voting with Coercion-free receipt David J. Reynolds (unaffiliated)

Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.

Self-Enforcing E-Voting (SEEV) Feng Hao Newcastle University, UK CryptoForma’13, Egham.

Josh Benaloh Senior Cryptographer Microsoft Research.

10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

Trustworthy Elections without Paper Ballots Why vote receipts deserve consideration May 26, 2004 C. Andrew Neff, Ph.D. Chief Scientist VoteHere, Inc.

CMSC 414 Computer and Network Security Lecture 8 Jonathan Katz.

Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.

A (Brief) Comparison of Cryptographic Schemes for Electronic Voting

PRESENTED BY CHRIS ANDERSON JULY 29, 2009 Using Zero Knowledge Proofs to Validate Electronic Votes.

Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.

Informatics Online Voting Opportunities and Risks STOA Workshop at the European Parliament Brussels, 17 March 2011 Prof. Dr. Rüdiger Grimm IT Risk Management.

Author: Michał Rajkowski Tutor: prof. dr hab. inż. Zbigniew Kotulski.

Civitas Toward a Secure Voting System AFRL Information Management Workshop October 22, 2010 Michael Clarkson Cornell University.

An Architecture For Electronic Voting Master Thesis Presentation Clifford Allen McCullough Department of Computer Science University of Colorado at Colorado.

Cryptographic Voting Protocols: A Systems Perspective By Chris Karlof, Naveen Sastry, and David Wagner University of California, Berkely Proceedings of.

Security of Voting Systems Ronald L. Rivest MIT CSAIL Given at: GWU Computer Science Dept. November 9, 2009.

Perspectives on “End-to-End” Voting Systems Ronald L. Rivest MIT CSAIL NIST E2E Workshop George Washington University October 13, 2009 Ballot Bob Ballot.

Chapter 7: The Electoral Process Section 2

TOWARDS OPEN VOTE VERIFICATION METHOD IN E-VOTING Ali Fawzi Najm Al-Shammari17’th July2012 Sec Vote 2012.

Cryptographic Voting Systems (Ben Adida) Jimin Park Carleton University COMP 4109 Seminar 15 February 2011.

An Architecture For Electronic Voting Master Thesis Presentation Clifford Allen McCullough Department of Computer Science University of Colorado at Colorado.

6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick.

SEMINAR TOPIC ON GLOBAL WIRELESS E-VOTING

Andreas Steffen, , LinuxTag2009.ppt 1 LinuxTag 2009 Berlin Verifiable E-Voting with Open Source Prof. Dr. Andreas Steffen Hochschule für Technik.

Nathanael Paul CRyptography Applications Bistro February 3, 2004.

A. Steffen, , Kickoff.pptx 1 Kickoff Meeting „E-Voting Seminar“ An Introduction to Cryptographic Voting Systems Andreas Steffen Hochschule für.

Electronic Voting: The 2004 Election and Beyond Prof. David L. Dill Department of Computer Science Stanford University

Strasbourg – How to create trust-1 © G. Skagestein November 2006 How to create trust in electronic voting over an untrusted platform A possible solution.

A remote voting system based on Prêt à Voter coded by David Lundin Johannes Clos.

The Paillier Cryptosystem

“The right of citizens of the United States to vote shall not be denied or abridged by the United States or by any state on account of [race, color, or.

Electronic Voting R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.

WHY THE vvpat has failed

Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton.

Auditability and Verifiability of Elections Ronald L. Rivest MIT ACM-IEEE talk March 16, 2016.

What is electronic voting An electronic voting (e-voting) system is a voting system in which the election data is recorded, stored and processed primarily.

Secure, verifiable online voting 29 th June 2016.

Security of Voting Systems

Perspectives on “End-to-End” Voting Systems

ThreeBallot, VAV, and Twin

E-voting …and why it’s good..

Ronald L. Rivest MIT NASEM Future of Voting December 7, 2017

Practical Aspects of Modern Cryptography

ISI Day – 20th Anniversary

Auditability and Verifiability of Elections

eVoting System Proposal

Chapter 7: The Electoral Process Section 2

Chapter 7: The Electoral Process Section 2

Chapter 7: The Electoral Process Section 2

Chapter 7: The Electoral Process Section 2

Ronald L. Rivest MIT ShafiFest January 13, 2019

Presentation transcript:

Kickoff Meeting „E-Voting Seminar“ An Introduction to Cryptographic Voting Systems Prof. Andreas Steffen Hochschule für Technik Rapperswil andreas.steffen@hsr.ch

Cryptographic Voting Systems Summary of my talk: Due to repeated failures and detected vulnerabilities in both electro-mechanical and electronic voting machines, voters have somehow lost faith that the outcome of a poll always represents the true will of the electorate. Even more uncertain is electronic voting over the Internet which is potentially prone to coercion and vote-selling (this doesn‘t seem to be an issue in Switzerland). Manual counting of paper ballots is not really an option in the 21st century and is not free from tampering either. Modern cryptographic voting systems allow true end-to-end verification of the complete voting process by any individual voter, without sacrificing secrecy and privacy.

Losing Trust in Electronic Voting Systems 2006 - The Morning Call: Voter smashes DRE in Allentown with metal cat 2006 - Princeton study on Diebold DRE: Hack the vote? No problem March 3 2009 - Germany: Bundesverfassungsgericht bans unverifiable E-voting 2006 - Dutch ES3B voting machines: Hacked to play chess

E-Voting in my home town Schlieren Hidden PIN „Internet-based voting does not have to be more secure as voting per snail mail“ Justice Department of the Canton of Zurich

[In]Security Features Protection from Man-in-the-Middle attacks ???

E-Voting Website

Voter Login

Ballot (PHP Form)

E-Voting in my home town Schlieren PIN

Voter Authentication

Transmission Receipt

Conclusion So what? „You are not allowed to know. The exact transaction processing is kept secret due to security reasons“ Justice Department of the Canton of Zurich

Traditional Chain-of-Custody Security Software Verification Sealing Tallying Verification by proxy only Source: Ben Adida, Ph.D. Thesis 2006

Desirable: End-to-End Verification by Voter Secrecy? Privacy? Source: Ben Adida, Ph.D. Thesis 2006

End-to-End Auditable Voting System (E2E) Any voter can verify that his or her ballot is included unmodified in a collection of ballots. Any voter (and typically any independent party additionally) can verify [with high probability] that the collection of ballots produces the correct final tally. No voter can demonstrate how he or she voted to any third party (thus preventing vote-selling and coercion). Source: Wikipedia

Solution: Cryptographic Voting Systems Threshold Decryption Mixnet A B C A B C ElGamal / Paillier Tamper-Proof Bulletin Board Homomorphic Tallying Source: Ben Adida, Ph.D. Thesis 2006

Proposed E2E Systems Punchscan by David Chaum. Prêt à Voter by Peter Ryan. Scratch & Vote by Ben Adida and Ron Rivest. ThreeBallot by Ron Rivest (paper-based without cryptography) Scantegrity II by David Chaum, Ron Rivest, Peter Ryan et al. (add-on to optical scan voting systems using Invisible Ink) Helios by Ben Adida (http://www.heliosvoting.org/)

Scratch & Vote Ballot Perforation Encryptpk(256, r1) Obama Randomized candidate list None McCain 2D barcode ElGamal or Paillier Public Key Encryption r1 r2 r3 Random Key Scratch surface Source: Ben Adida, Ph.D. Thesis 2006

Homomorphic Counters 256 00...01 00...00 00...00 One vote for Obama 228 00...00 00...01 00...00 One vote for McCain 20 00...00 00...00 00...01 One vote for None Obama McCain None 00...10 00...01 00...00 Tallying Counter Multiplication of all encrypted votes with Tallying Counter accumulates votes in the candidates‘ counters in encrypted form. Total number of registered U.S. voters < 228 (28 bits) 1024 bit Paillier Public Key Cryptosystem could handle 35 candidates Source: Ben Adida, Ph.D. Thesis 2006

Pre-Voting Verification I McCain None Obama Obama None McCain Vote Audit Valerie the Voter Source: Ben Adida, Ph.D. Thesis 2006

Pre-Voting Verification II None McCain Obama McCain None Obama Obama None McCain Vote Audit r1 r2 r3 Valerie the Voter Source: Ben Adida, Ph.D. Thesis 2006

 Casting the Ballot I McCain Obama None Valerie the Voter Source: Ben Adida, Ph.D. Thesis 2006

 Casting the Ballot II McCain Obama Ed the None Election Official Valerie the Voter Source: Ben Adida, Ph.D. Thesis 2006

 Casting the Ballot III Optical Scanner Ed the Election Official Keep as a receipt Valerie the Voter Source: Ben Adida, Ph.D. Thesis 2006

Post-Voting Verification Web Bulletin Board Valerie Vanessa Victor     Valerie the Voter Source: Ben Adida, Ph.D. Thesis 2006

Tally and Decryption of Final Result Web Bulletin Board 00...10 00...01 00...00 Obama McCain None Democrats Threshold decryption with shared private key Republicans Independents Valerie Vanessa Victor    0101101...11100100011 Homomorphic Addition Encrypted tallying counter Source: Ben Adida, Ph.D. Thesis 2006

Conclusion Modern Cryptographic Voting Systems allow true end-to-end verification of the whole voting process by anyone while maintaining a very high level of secrecy. Due to the advanced mathematical principles they are based on, Cryptographic Voting Systems are not easy to understand and are therefore not readily accepted by authorities and the electorate. But let‘s give Cryptographic Voting Systems a chance! They can give democracy a new meaning in the 21st century!