Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote.

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

A Pairing-Based Blind Signature
1 Receipt-freedom in voting Pieter van Ede. 2 Important properties of voting  Authority: only authorized persons can vote  One vote  Secrecy: nobody.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
RSA cryptosystem 1 q The most important public-key cryptosystem is the RSA cryptosystem on which one can also illustrate a variety of important ideas of.
Digital Signatures and Hash Functions. Digital Signatures.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.
Zero-Knowledge Proofs J.W. Pope M.S. – Mathematics May 2004.
1/11/2007 bswilson/eVote-PTCWS 1 Paillier Threshold Cryptography Web Service by Brett Wilson.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Improving Privacy and Security in Multi- Authority Attribute-Based Encryption Advanced Information Security April 6, 2010 Presenter: Semin Kim.
Proactive Secure Mobile Digital Signatures Work in progress. Ivan Damgård and Gert Læssøe Mikkelsen University of Aarhus.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.
Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote.
The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Paillier Threshold Encryption WebService by Brett Wilson.
Electronic Voting Schemes and Other stuff. Requirements Only eligible voters can vote (once only) No one can tell how voter voted Publish who voted (?)
Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
PRESENTED BY CHRIS ANDERSON JULY 29, 2009 Using Zero Knowledge Proofs to Validate Electronic Votes.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Static Validation of a Voting ProtocolSlide 1 Static Validation of a Voting Protocol Christoffer Rosenkilde Nielsen with Esben Heltoft Andersen and Hanne.
ASYMMETRIC CIPHERS.
Computer Science Public Key Management Lecture 5.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
An Architecture For Electronic Voting Master Thesis Presentation Clifford Allen McCullough Department of Computer Science University of Colorado at Colorado.
Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
The RSA Algorithm Rocky K. C. Chang, March
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
KYUSHUUNIVERSITYKYUSHUUNIVERSITY SAKURAILABORATORYSAKURAILABORATORY Sakurai Lab. Kyushu University Dr-course HER, Yong-Sork E-voting VS. E-auction.
RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.
RSA Ramki Thurimella.
Optimistic Mixing for Exit-Polls Philippe Golle, Stanford Sheng Zhong, Yale Dan Boneh, Stanford Markus Jakobsson, RSA Labs Ari Juels, RSA Labs.
An Architecture For Electronic Voting Master Thesis Presentation Clifford Allen McCullough Department of Computer Science University of Colorado at Colorado.
Cryptography Dec 29. This Lecture In this last lecture for number theory, we will see probably the most important application of number theory in computer.
Cryptography, Authentication and Digital Signatures
Topic 22: Digital Schemes (2)
On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.
6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
MA/CSSE 473 Day 10 Primality testing summary Data Encryption RSA.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
The Paillier Cryptosystem
1 Network and Computer Security (CS 475) Modular Arithmetic and the RSA Public Key Cryptosystem Jeremy R. Johnson.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Almost Entirely Correct Mixing With Applications to Voting Philippe Golle Dan Boneh Stanford University.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
1 The RSA Algorithm Rocky K. C. Chang February 23, 2007.
Security Outline Encryption Algorithms Authentication Protocols
Efficient CRT-Based RSA Cryptosystems
ISI Day – 20th Anniversary
eVoting System Proposal
Presentation transcript:

Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote

Outline of the Talk Introduction Document overview prepared for this project. Related Work Paillier Threshold Cryptography (PTC) PTC Web Services Suggested Improvement ◦ Encryption/Decryption Optimization ◦ User Interface Online E-Voting System Future Directions Conclusion 2 5/29/2007Hakan Evecek/SE2Evote

Introduction General idea behind Electronic Voting: ◦ Similar to the manual voting - only much faster and cheaper, however  Is the voter confident with the process?  Can Administrators monitoring verify that one vote is recorded for each voter?  How trustable the tally process?  Is it socially acceptable? Many countries are looking for E-Voting solutions. In other words, what are the e-voting requirements: 3 5/29/2007Hakan Evecek/SE2Evote

E-Voting Requirements 4 Basic requirements for electronic voting Privacy – All votes should be kept secret Completeness – All valid votes should be counted correctly Soundness – Any invalid vote should not be counted Unreusability – No voter can vote twice Eligibility – Only authorized voters can cast a vote Fairness – Nothing can affect the voting 5/29/2007Hakan Evecek/SE2Evote

E-Voting Requirements 5 Extended Requirements for electronic voting Robustness – faulty behavior of any reasonably sized coalition of participants can be tolerated. In other words, the system must be able to tolerate to certain faulty conditions and must be able to manage these situations. Universal Verifiability – any party can verify the result of the voting Receipt-freeness – Voters are unable to prove the content of his/her vote Incoercibility – Voter cannot be coerced into casting a particular vote by a coercer. 5/29/2007Hakan Evecek/SE2Evote

The categorization of voting system 6 5/29/2007Hakan Evecek/SE2Evote

MESE Processes Applied for Online E- Voting System Project Proposal and Plan Software Requirements Document (SRS) Software Design Specification (SDS) Testing Document Defects List Project Report 7 5/29/2007Hakan Evecek/SE2Evote

Related Work Other Techniques Used In E-voting Protocols ◦ A Secure and Optimally Efficient Multi-Authority Election Scheme (Cramer, Gennaro, Schoenmakers)  Receipt-free: protocols where vote-buying or coercing is not possible because voters cannot prove to others how they voted. ◦ Non-Interactive Zero Knowledge Proofs  Proof does not require interaction  Proof does not reveal any other information  Prove vote is valid without revealing content of vote  Prove two encryptions encrypt the same message without revealing message 8 5/29/2007Hakan Evecek/SE2Evote

Cryptographic Techniques Implemented by Bret Wilson Paillier CryptoSystem [15] ◦ Trapdoor Discrete Logarithm Scheme ◦ c = g M r n mod n 2  n is an RSA modulus (modulus of 2 safe primes)  Safe prime - p = 2q + 1 where q is also prime  g is an integer of order n α mod n 2  r is a random number in Z n * ◦ M = L(c λ (n) mod n 2 )/L(g λ (n) mod n 2 ) mod n ◦ L(u) = (u-1)/n, λ (n)=lcm((p-1)(q-1)) ◦ Important Properties  Probabilistic (randomness of E(M))  Homomorphic  E(M 1 + M 2 ) = E(M 1 ) x E(M 2 ), E(k x M) = E(M) k  Self-blinding  D(E(M) r n mod n 2 ) = m 9 5/29/2007Hakan Evecek/SE2Evote

Cryptographic Techniques Implemented Threshold Encryption [15] ◦ Public key encryption as usual ◦ Distribute secret key “shares” among i participants ◦ Decryption can only be accomplished if a threshold number t of the i participants cooperate  No information about m can be obtained with less than t participants cooperating Shamir Secret Sharing ◦ Lagrange Interpolation formula ◦ f(X) = Σ ti=0 aiXi ◦ a0 is secret, ai are random, f(X) are “secret shares”  X is share index (1 to number of servers) ◦ If enough f(X) available it is possible to recover a0 10 5/29/2007Hakan Evecek/SE2Evote

11 5/29/2007Hakan Evecek/SE2Evote

12 5/29/2007Hakan Evecek/SE2Evote

User Login Page Assumed that users has registered previously and has secure login credentials provided. Admin Users Voters Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) 13 5/29/2007Hakan Evecek/SE2Evote

Admin Page Election Creation Encryption/Decryption Tally Vote Generate Safe Prime Numbers Ballot Creation 14 5/29/2007Hakan Evecek/SE2Evote

Voter Page Voter can access to the elections and complete the voting process. Automatically loads the voting page. ◦ Allows vote, then doesn’t allow user to vote again 15 5/29/2007Hakan Evecek/SE2Evote

Database Schema 16 5/29/2007Hakan Evecek/SE2Evote

Suggested Key Generation, Encryption/Decryption Optimization 17 Safe Prime Numbers Pre-Computation Process. Chinese Remainder Theorem to calculate p,q separately and then multiply for n. Paillier Scheme Pre-Computation for decryption. 5/29/2007Hakan Evecek/SE2Evote

Results 128 bit Encryption 256 bit Encryption 18 5/29/2007Hakan Evecek/SE2Evote

Lessons Learned Add problems encountered and how you solve them. Mistakes made and how you discovered them. Tell story. 19 5/29/2007Hakan Evecek/SE2Evote

Future Direction Implement the suggested CRT improvement into the code. Implement constant value pre-computation for decryption process. Fix XML solution in the code. Add more web application security protocols and processes. Implement registration and voter identity verification process. ◦ Authenticity of election parameters/ballots not currently guaranteed  Implement signing of election parameters/ballots by admin 20 5/29/2007Hakan Evecek/SE2Evote

Conclusion 21 Summarize/itemize what you have achieved. 5/29/2007Hakan Evecek/SE2Evote

References [1] [1] Implementation issues in a secure e-voting schemes, Riza Aditya, Byoungcheon Lee, Colin Boyd and Ed Dawson. Implementation issues in a secure e-voting schemes, Riza Aditya, Byoungcheon Lee, Colin Boyd and Ed Dawson. [3] [3] Vote Early, Vote Often, and VoteHere: A Security Analysis of VoteHere, Philip E. Varner, May 11, Vote Early, Vote Often, and VoteHere: A Security Analysis of VoteHere, Philip E. Varner, May 11, [5] P. Fouque, G. Poupard, J.Stern, Sharing Decryption in the Context of Voting or Lotteries, Financial Cryptography 2000 Proceedings. [5] P. Fouque, G. Poupard, J.Stern, Sharing Decryption in the Context of Voting or Lotteries, Financial Cryptography 2000 Proceedings. [6] the Official CAPTCHA web site. [6] the Official CAPTCHA web site. [7] R. Michael Alvarez, Jonathan Nagler, The Likely consequences of Internet Voting for Political Representations. [7] R. Michael Alvarez, Jonathan Nagler, The Likely consequences of Internet Voting for Political Representations. [10] I. Damgard, M. Jurik, J. Nielson, A Generalization of Paillier’s Public-Key System with Applications to Electronic Voting, Aarhus University, Dept. of Computer Science. [10] I. Damgard, M. Jurik, J. Nielson, A Generalization of Paillier’s Public-Key System with Applications to Electronic Voting, Aarhus University, Dept. of Computer Science.A Generalization of Paillier’s Public-Key System with Applications to Electronic VotingA Generalization of Paillier’s Public-Key System with Applications to Electronic Voting [15] B. Wilson, C. E. Chow, Paillier Threshold Cryptography Web Service User’s Guide, University of Colorado – Colorado Springs Master’s Project, [15] B. Wilson, C. E. Chow, Paillier Threshold Cryptography Web Service User’s Guide, University of Colorado – Colorado Springs Master’s Project, [16] Progress on Probabilistic Encryption Schemes, Kert Richardson, July [16] Progress on Probabilistic Encryption Schemes, Kert Richardson, July [17] An Analysis of Chaum’s voter-verifiable election scheme, Julie Ann Staub, 2005 [17] An Analysis of Chaum’s voter-verifiable election scheme, Julie Ann Staub, 2005http:// [18] Ivan Damgard and Mads J. Jurik, A Generalization, a Simplification and Some Applications of Paillier’s Probabilistic Public-Key System, PKC [18] Ivan Damgard and Mads J. Jurik, A Generalization, a Simplification and Some Applications of Paillier’s Probabilistic Public-Key System, PKC [19] Implementing Perfect Questionable Encryptions, Adam L. Young and Moti M. Yung. [19] Implementing Perfect Questionable Encryptions, Adam L. Young and Moti M. Yung. [20] CryptoBytes, Dan Boneh, Hovav Shacham, Spring [20] CryptoBytes, Dan Boneh, Hovav Shacham, Spring [21] Public-Key CryptoSystems Based on Composite Degree Residuosity Classes, Pascal Paillier, 1999 [21] Public-Key CryptoSystems Based on Composite Degree Residuosity Classes, Pascal Paillier, 1999http:// [22] Paillier Crytosystem from Wikipedia, the free encyclopedia. [22] Paillier Crytosystem from Wikipedia, the free encyclopedia /29/2007Hakan Evecek/SE2Evote

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.