Remote Prêt à Voter 1.0 (FPTP): a voter-verifiable and receipt-free remote voting Zhe Xia (Joson) July 19, 2012.

Slides:



Advertisements
Similar presentations
Research & Development Workshop on e-Voting and e-Government in the UK - February 27, 2006 Votinbox - a voting system based on smart cards Sébastien Canard.
Advertisements

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *
Pretty Good Democracy James Heather, University of Surrey
Secure Multiparty Computations on Bitcoin
RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 e-voting (requirements & protocols) 1) Aggelos Kiayias, Moti Yung: Self-tallying Elections and Perfect Ballot Secrecy 2) Jens Groth: Efficient Maximal.
Math for Liberal Studies.  In many voting systems, the voters are not treated equally  Juries: If one voter votes “not guilty,” then the result is “not.
Civitas Verifiability and Coercion Resistance for Remote Voting University of South Alabama August 15, 2012 Michael Clarkson The George Washington University.
Civitas Security and Transparency for Remote Voting Swiss E-Voting Workshop September 6, 2010 Michael Clarkson Cornell University with Stephen Chong (Harvard)
A Supervised Verifiable Voting Protocol for the Victorian Electoral Commission Craig Burton 1 Chris Culnane 2 James Heather 2 Thea Peacock 3 Peter Y. A.
ThreeBallot, VAV, and Twin Ronald L. Rivest – MIT CSAIL Warren D. Smith - CRV Talk at EVT’07 (Boston) August 6, 2007 Ballot Box Ballot Mixer Receipt G.
James Heather, University of Surrey Peter Y A Ryan, University of Luxembourg Vanessa Teague, University of Melbourne.
Mental Poker The SRA Protocol. What is Mental Poker? Playing poker without cards (ie over telephone or internet). No Trusted Third Party or source of.
1 Receipt-freedom in voting Pieter van Ede. 2 Important properties of voting  Authority: only authorized persons can vote  One vote  Secrecy: nobody.
Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Receipt-Free Universally-Verifiable Voting With Everlasting Privacy Tal Moran Joint work with Moni Naor.
A. Haeberlen Having your Cake and Eating it too: Routing Security with Privacy Protections 1 HotNets-X (November 15, 2011) Alexander Gurney * Andreas Haeberlen.
Vanessa Teague Department of Computer Science and Software Engineering University of Melbourne Australia.
Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.
Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)
Modelling and Analysing of Security Protocol: Lecture 3 Protocol Goals Tom Chothia CWI.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Quantum Key Distribution Yet another method of generating a key.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Receipt-freeness and coercion-resistance: formal definitions and fault attacks Stéphanie Delaune / Steve Kremer / Mark D. Ryan.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
PRESENTED BY CHRIS ANDERSON JULY 29, 2009 Using Zero Knowledge Proofs to Validate Electronic Votes.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Civitas Toward a Secure Voting System AFRL Information Management Workshop October 22, 2010 Michael Clarkson Cornell University.
Cryptographic Voting Protocols: A Systems Perspective By Chris Karlof, Naveen Sastry, and David Wagner University of California, Berkely Proceedings of.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
An Internet Voting System Manager Yonghua Li Kansas State University October 19, 2001 MSE Project - Phase I.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Masked Ballot Voting for Receipt-Free Online Elections Sam Heinith, David Humphrey, and Maggie Watkins.
Secret Ballot Receipts True Voter-Verifiable Elections Richard Carback Kevin Fisher Sandi Lwin CMSC 691v April 3, 2005.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Andreas Steffen, , LinuxTag2009.ppt 1 LinuxTag 2009 Berlin Verifiable E-Voting with Open Source Prof. Dr. Andreas Steffen Hochschule für Technik.
July 30 - August 3, 2000 / N=500 registered “likely” voters daily A Tracking Survey of National Voter Attitudes for the Republican National Convention.
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.
A remote voting system based on Prêt à Voter coded by David Lundin Johannes Clos.
Implementation Requirements for UK General Elections TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A A A Chris.
“The right of citizens of the United States to vote shall not be denied or abridged by the United States or by any state on account of [race, color, or.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
BY: CHRIS GROVES Privacy in the Voting Booth. Reason for Privacy Voters worry that their vote may be held against them in the future  People shouldn’t.
First Past the Post How representative is it?. What is FPTP  It is a, simple, voting system used in the UK general elections  The voter puts an X next.
SA1: Living in a Democracy Electoral Systems. Proportional Representation Aims: Define Proportional Representation (PR) Examine different types of PR.
Electronic Voting R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.
WHY THE vvpat has failed
1 Conference key-agreement and secret sharing through noisy GHZ states Kai Chen and Hoi-Kwong Lo Center for Quantum Information and Quantum Control, Dept.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Key Exchange in Systems VPN usually has two phases –Handshake protocol: key exchange between parties sets symmetric keys –Traffic protocol: communication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
On the (im)possibility of perennial message recognition protocols without public-key cryptography Peeter Laud Cybernetica AS & University of Tartu
TBAS: Enhancing Wi-Fi Authentication by Actively Eliciting Channel State Information Muye Liu, Avishek Mukherjee, Zhenghao Zhang, and Xiuwen Liu Florida.
Recipt-free Voting Through Distributed Blinding
ThreeBallot, VAV, and Twin
Cryptographic Hash Function
CPS 512 midterm exam #1, 10/5/17 Your name please: NetID:_______ Sign for your honor:____________________________.
Topic 14: Random Oracle Model, Hashing Applications
CAE: A Collusion Attack against Privacy-preserving Data Aggregation Schemes Wei Yang University of Science and Technology of China (USTC) Contact Me.
Beyond Proof-of-compliance: Security Analysis in Trust Management
Basic of Modern Cryptography
Presentation transcript:

Remote Prêt à Voter 1.0 (FPTP): a voter-verifiable and receipt-free remote voting Zhe Xia (Joson) July 19, 2012

Objectives As secure as the supervised verifiable voting schemes As practical as well And remote voting

Properties Privacy Receipt-freeness Coercion resistance Voter verifiability Universal verifiability Easy to understand Simple to use Remote No scheme can do this at the moment

Receipt-freeness and vote-buying Receipt-freeness prevents coercion and vote-buying False sense of security on this Without the receipt-freeness protection, vote-buying is financially feasible in many cases The recent Greek election actually decided whether to repay the country’s €360bn debt. It has around 7 million voters. If some party (e.g. HSBC) pays each voter €10,000 to buy her vote, this party only pays €35bn to buy half of the votes. US has around 200 million voters. If some party (e.g. Chinese government) pays each voter $10,000 to buy her vote, this party only pays $1tn to buy half of the votes. China has a currency reserve of $3.2tn.

Receipt-freeness is not free {vote} pk Code voting style schemes suffers this as well …

Receipt-freeness needs untappable channel Authentication channel b Untappable channel {a} pk {vote} pk = {a + b} pk

Voting Ceremony

Registration Phase 3 2 {3} pk {2} pk

Voting Phase 32 Alice 1 Bob 3 Charlie 0 David 2 Echo 4 3 Bare hand, most vulnerabilities at the voting client no longer exist !

Tallying Phase {3} pk {2} pk 3 {3} pk 3 * {2} pk = {3*3 + 2} pk Bob

Prêt à Voter  Remote Prêt à Voter Charlie Alice David Bob X Echo {3} pk {2} pk Index = 3 [Ryan & Teague 2009] Permutations in Prêt à Voter

Florentine Square k/ik/i Suppose k is the row index and i is the column index, v = k * i (mod 5) We can also permute any row by s, so that v = k * i + s (mod 5) k/ik/i i.e. s = 2 Property: the distance of any two values are uniformly distributed in different rows.

Election Book Generation CandidateCode Alice0 Bob1 Charlie2 David3 Echo4 k/ik/i k = 3, s = 2 v = k * i + s (mod 5) { Charlie :, Alice :, David :, Bob :, Echo : } { Alice : 1, Bob : 3, Charlie : 0, David : 2, Echo : 4 } 32 Alice 1 Bob 3 Charlie 0 David 2 Echo

Discussions Our aim is to provide a voter-verifiable and receipt-free remote voting Bare hand voting, the information sent remotely tells nothing Remote and supervised Prêt à Voter can be tallied together All building blocks are well analysed, e.g. Prêt à Voter, Florentine Square The voter may be forced to change her choice index, but this is similar as the randomisation attack Restrictions: cannot handle 10+ candidates, nor STV, dummy candidates may need to be added to the candidate list Note: the slides only demonstrate the basic ideas, please do not use them for security analysis

Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.