Presentation is loading. Please wait.

Presentation is loading. Please wait.

eVoting System Proposal

Published byΖεβεδαῖος Κασιδιάρης Modified over 5 years ago

Similar presentations

Presentation on theme: "eVoting System Proposal"— Presentation transcript:

1 eVoting System Proposal
Michael Baswell, Chris Cabuzzi, Grant Cahill, Beaux Sharifi, Donovan Thorpe

2 Introduction Overview Pre-Election Election Post-Election Analysis
Other Issues For the introduction, I’d like to give a quick overview of what we’ll be talking about…. - Pre-Election: Eligibility, non-repudiation, and ballot creation and validation - Election: The steps taken to ensure each vote is valid and securely accounted for - Post-Election: Auditing, intrusion detection and verification of data - Analysis: Ensure the design meets criteria of a safe and effective eVoting system - Other issues: …such as server overload and any other technical difficulties

3 Pre-Election Process Definitions: Validator = Authenticator
Tallier = Counter Certificates Digital certificates for servers and the voters Certificates will be distributed through web page or manually (via walk-up or mail). In any case you must ensure each voter gets only one certificate. Registered voters A list of registered voters is compiled and stored on the validator. This list is used to check the credentials of users attempting to vote. This ensures only voters who are eligible and who have not voted can proceed to vote. Ballot An electronic ballot is created and digitally signed by the tallier. The tallier hands out the ballot during the election process. Certificate (both clients, possibly attribute certificate) Ballot creation Roles that can vote Must show up in person to present ID or call. to prevent multiples Definitions: Validator = Authenticator Tallier = Counter Ballot creation (signed by tallier) Both validator and tallier must have server certificates Validator has a database of eligible registered voters.

4 Election Process Blind Signature Voting Protocol
(Source: Electronic Voting by Lorrie Cranor [3]) Step 1: Voter receives and authenticates signed official ballot. Voter fills in ballot. Voter encrypts (with a special one-time private key), blinds, and signs ballot. Voter sends encrypted, blinded, signed ballot to validator. Step 2: Validator and voter perform mutual authentication. Validator verifies that voter has not already voted. Validator authenticates voter-signed ballot. Validator marks the voter as having voted. Step 3: Validator signs the encrypted and blinded ballot and returns to voter. Step 4: Validator authenticates validator signed ballot. Voter removes blinding layer revealing encrypted ballot with validator’s signature. Voter authenticates tallier (but not vice-versa). Voter sends validator signed and encrypted ballot to tallier. Step 5: Tallier authenticates validator signed encrypted ballot. Tallier places encrypted ballot on list to be published at end of election. Tallier signs encrypted ballot and returns to voter as receipt. Step 6: Voter authenticates tallier signed encrypted ballot and saves it as a receipt. Voter can use receipt later to prove he voted. Voter sends tallier special public key used to decrypt ballot. Step 7: Tallier decrypts ballot using special public key from voter. Tallier adds vote to the tally. After the election, the tallier publishes the entire list of encrypted ballots along with corresponding keys to the public. Public can verify that their votes were counted and dispute any discrepancies. Tallier publishes final tally and announces winners.

5 Post-Election Process
Audit Occurs during election and post-election IDS (intrusion detection system) Tripwire Auditor monitors software running and verifies hash Audit voter signatures

6 Post-Election Process
Publish all encrypted ballots with keys Tally up votes Publish decrypted ballots Publish results Web

7 Analysis of Design Criteria from EVS2004 presentation
Requirements of a secure election: Completeness: All voters are counted correctly. Soundness: A dishonest voter cannot disrupt voting Privacy: All votes must be secret Unreusability: no voter can vote twice Eligibility: no one who isn’t allowed to vote can vote Fairness: nothing must affect the voting (DDoS?) Verifiability: no one can falsify the result of voting. ADDED: Ease of Implementation Validator and Counter

8 Analysis

9 Other Issues Overloading server
Too much legitimate traffic to a server can cause an overload. Distributing the load across multiple servers DNS Round Robin A traffic manager that redirects or rewrites the request A traffic shaper can be used in front or on the server A simple a quick response like "server is busy, please try again later" could be used.

10 Conclusion Summary Pre-Election: Ensuring the system is available to eligible voters Election: Collecting votes in the most valid and secure way Post-Election: Tallying the results and checking for tampering Analysis: Ensuring system meets a pre-defined standard Other Issues: Possibility of server overload, etc To summarize, we talked about the e-voting process, through all it’s stages. We talked about methods required to ensure the process is confidential, secure and only available to eligible voters. We also considered the possibility of technical issues such as server overload and auditing. We hope you enjoyed our presentation… don’t forget to vote!

11 References [1] Jujioka, A, Okamoto, T., and Ohta, K. A practical secret voting scheme for large scale elections. In Advances in Cryptology - AUSCRYPT ’92, Springer-Verlag, Berlin. 1993, pp [2] Cranor, L. Design and Implementation of a Practical Security-Conscious Electronic Polling System. [3] Cranor, L. Electronic Voting. To summarize, we talked about the e-voting process, through all it’s stages. We talked about methods required to ensure the process is confidential, secure and only available to eligible voters. We also considered the possibility of technical issues such as server overload and auditing. We hope you enjoyed our presentation… don’t forget to vote!

12 Questions?

Download ppt "eVoting System Proposal"

Similar presentations

Research & Development Workshop on e-Voting and e-Government in the UK - February 27, 2006 Votinbox - a voting system based on smart cards Sébastien Canard.

Research & Development Workshop on e-Voting and e-Government in the UK - February 27, 2006 Votinbox - a voting system based on smart cards Sébastien Canard.
Analysis of an Internet Voting Protocol Dale Neal Garrett Smith.

Analysis of an Internet Voting Protocol Dale Neal Garrett Smith.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
A Pairing-Based Blind Signature

A Pairing-Based Blind Signature
ETen E-Poll ID – Strasbourg COE meeting 23-24 November, 2006 Slide 1 E-TEN 29332 E-POLL Project Electronic Polling System for Remote Operation Strasbourg.

ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.

1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.

Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.
1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service.

1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service.
Static Validation of a Voting ProtocolSlide 1 Static Validation of a Voting Protocol Christoffer Rosenkilde Nielsen with Esben Heltoft Andersen and Hanne.

Static Validation of a Voting ProtocolSlide 1 Static Validation of a Voting Protocol Christoffer Rosenkilde Nielsen with Esben Heltoft Andersen and Hanne.
Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.

Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
An Internet Voting System Manager Yonghua Li Kansas State University October 19, 2001 MSE Project - Phase I.

An Internet Voting System Manager Yonghua Li Kansas State University October 19, 2001 MSE Project - Phase I.

Similar presentations

Ads by Google