Presentation is loading. Please wait.

Presentation is loading. Please wait.

10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson."— Presentation transcript:

1 10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson

2 210/25/2006 Motivation Secure Electronic Voting Research Interest in improving current voting process is high Interest in improving current voting process is high 2000 Presidential election snafu Improved access/availability (voter turnout) Cryptographic research has led to new solutions to problems with electronic voting Cryptographic research has led to new solutions to problems with electronic voting Basic requirements for electronic voting Privacy – All votes should be kept secret Privacy – All votes should be kept secret Completeness – All valid votes should be counted correctly Completeness – All valid votes should be counted correctly Soundness – Any invalid vote should not be counted Soundness – Any invalid vote should not be counted Unreusability – No voter can vote twice Unreusability – No voter can vote twice Eligibility – Only authorized voters can cast a vote Eligibility – Only authorized voters can cast a vote Fairness – Nothing can affect the voting Fairness – Nothing can affect the voting Extended Requirements for electronic voting Robustness – faulty behavior of any reasonably sized coalition of participants can be tolerated Robustness – faulty behavior of any reasonably sized coalition of participants can be tolerated Universal Verifiability – any party can verify the result of the voting Universal Verifiability – any party can verify the result of the voting Recipt-freeness – Voters are unable to prove the content of his/her vote Recipt-freeness – Voters are unable to prove the content of his/her vote Incoercibility – Voter cannot be coerced into casting a particular vote by a coercer Incoercibility – Voter cannot be coerced into casting a particular vote by a coercer

3 310/25/2006 Motivation Many of the proposed electronic voting protocols utilize threshold homomorhpic encryption schemes as part of the protocol Protects voter privacy Protects voter privacy Individual vote can not be decrypted without cooperation of t of l “authorities” Efficient, universally verifiable vote tallying Efficient, universally verifiable vote tallying Only sum of votes is decrypted Individuals can compute encrypted sum, verify proof of correct decryption of sum Implementations of threshold homomorphic encryption algorithms are not freely available

4 410/25/2006 Threshold Encryption Public key encryption as usual Distribute secret key “shares” among l participants Decryption can only be accomplished if a threshold number t of the l participants cooperate No information about m can be obtained with less than t participants cooperating No information about m can be obtained with less than t participants cooperating Proof of valid decryption is provided Proof of valid decryption is provided

5 510/25/2006 Paillier Encryption Trapdoor Discrete Logarithm Scheme c = g M r n mod n 2 c = g M r n mod n 2 n is an RSA modulus n is an RSA modulus g is an integer of order nα mod n 2 g is an integer of order nα mod n 2 r is a random number in Z n * r is a random number in Z n * M = L(c λ(n) mod n 2 )/L(g λ(n) mod n 2 ) mod n M = L(c λ(n) mod n 2 )/L(g λ(n) mod n 2 ) mod n L(u) = (u-1)/n, λ(n)=lcm((p-1)(q-1)) L(u) = (u-1)/n, λ(n)=lcm((p-1)(q-1)) Important Properties Homomorphic Homomorphic E(M 1 + M 2 ) = E(M 1 ) x E(M 2 ), E(k x M) = E(M) k E(M 1 + M 2 ) = E(M 1 ) x E(M 2 ), E(k x M) = E(M) k Self-blinding Self-blinding Re-encryption with a different r doesn’t change M

6 610/25/2006 Threshold Paillier Encryption Different public key and secret key generation algorithm Distribute key shares using RSA public key encryption Distribute key shares using RSA public key encryption Distribute secret key shares using Shamir Secret Sharing scheme Web Service will be an implementation of scheme proposed in “Sharing Decryption in the Context of Voting or Lotteries” Fouque, Poupard, and Stern 2000

7 710/25/2006 Use of Threshold Paillier Encryption in Secure Voting Ballot format: pick 1 out of c candidates Let N be number of voters, k such that N<2 k Let N be number of voters, k such that N<2 k Vote = 2 ck where c is the desired candidate number (0…c) Vote = 2 ck where c is the desired candidate number (0…c) All Paillier-encrypted votes could be publicly posted Votes include proof of validity (v lies in a given set of valid votes) Votes include proof of validity (v lies in a given set of valid votes) At end of election, all invalid votes are removed, all encrypted votes are then multiplied together to get encrypted sum (publicly verifiable) With cooperation of the required threshold number of “authorities”, the final product could be decrypted to reveal the vote total (sum of individual votes). A threshold number of authorities would not agree to decrypt a single particular vote, and thus the individual votes would remain private A threshold number of authorities would not agree to decrypt a single particular vote, and thus the individual votes would remain private All computations are publicly verifiable given the validity proofs that prove the decryption was done correctly All computations are publicly verifiable given the validity proofs that prove the decryption was done correctly

8 810/25/2006 Web Service Design Goals Platform Independent Use of web service Use of web service XML input/output Extensible Additional encryption algorithms could be added Additional encryption algorithms could be added Additional services could be offered Additional services could be offered Threshold signatures Verifiable Mix Net

9 910/25/2006 Implementation Tools Visual Studio 2005 VB.NET VB.NET Gnu Multiprecision Library (Gmp) Open source arbitrary precision numeric library Open source arbitrary precision numeric library Compiled under Visual Studio 2005 Compiled under Visual Studio 2005NGmp Open source VB.NET binding of gmp.dll Open source VB.NET binding of gmp.dll Enables calling of gmp library functions through VB.NET Enables calling of gmp library functions through VB.NET Compiled under Visual Studio 2005 Compiled under Visual Studio 2005

10 1010/25/2006 Threshold Paillier Encryption Web Service Key generation algorithm Key generation algorithm Input Input k – size of key k – size of key l – number of shares to generate l – number of shares to generate One RSA public key (of the designated participant) for each share One RSA public key (of the designated participant) for each share t – threshold parameter t – threshold parameter Output Output Public Key PK Public Key PK List SK 1, …, SK l of private key shares List SK 1, …, SK l of private key shares Encrypted with supplied RSA keys so only designated participant can recover the key share Encrypted with supplied RSA keys so only designated participant can recover the key share List of Verifier Keys VK, VK 1, …,VK l List of Verifier Keys VK, VK 1, …,VK l Used for proving validity of decryption Used for proving validity of decryption

11 1110/25/2006 Threshold Paillier Encryption Web Service Encryption Algorithm Input Input Public Key PK Public Key PK Random string r Random string r Cleartext M Cleartext M Output Output Ciphertext c Ciphertext c

12 1210/25/2006 Share Decryption Algorithm Input Input Ciphertext c Ciphertext c Private Key Share Sk i Private Key Share Sk i Encrypted with public key of webservice Encrypted with public key of webservice Output Output Decryption share c i Decryption share c i Validity proof p i Validity proof p i Threshold Paillier Encryption Web Service

13 1310/25/2006 Threshold Paillier Encryption Web Service Combining Algorithm Input Input Ciphertext c Ciphertext c List of decryption shares c 1,…,c l List of decryption shares c 1,…,c l List of verification keys VK, VK 1 …VK l List of verification keys VK, VK 1 …VK l List of validity proofs P 1,…P l List of validity proofs P 1,…P l Output Output M

14 1410/25/2006 Project Deliverables A working prototype of Paillier Threshold Encryption Web Service (PTEWS) A simple demo of applying PTEWS in online voting A master project report documenting the research findings and lessons learned

15 1510/25/2006 Tasks and Milestones Week 1: Proposal Briefing/Approval Week 2: WebService “skeleton” complete WebMethod stubs created, classes for passing parameters and return results complete WebMethod stubs created, classes for passing parameters and return results complete Week 3: Encryption algorithms implemented WebMethod stubs completely implemented with encryption and utility algorithms WebMethod stubs completely implemented with encryption and utility algorithms Week 4: Testing Interface complete Windows application for testing of Web Service Windows application for testing of Web Service Simple test of voting application Simple test of voting application Week 5: Final Report complete Week 1 ends Oct 30, Week 5 ends Nov 27

16 1610/25/2006 References “Sharing Decryption in the Context of Voting or Lotteries” P. Fouque, G. Poupard, and J. Stern, 2000 “Public Key Cryptosystems Based on Composite Degree Residuosity Classes” P. Paillier, 1999 “How to Share a Secret” A. Shamir, 1979 Big Number Libraries Gnu Multiprecision Library – Opensource C language library Gnu Multiprecision Library – Opensource C language library http://swox.com/gmp/ J# BigInteger – J# library available from Microsoft J# BigInteger – J# library available from Microsoft http://msdn.microsoft.com/msdnmag/issues/05/12/NETMatters/default.aspx C# BigInteger – Opensource implementation of Java BigInteger C# BigInteger – Opensource implementation of Java BigInteger http://www.codeproject.com/csharp/biginteger.asp NGmp.NET Mono Multiprecision Library (gmp binding to.NET) http://sourceforge.net/projects/ngmp http://sourceforge.net/projects/ngmp http://sourceforge.net/projects/ngmp Building Gmp with Visual Studio 2005 http://fp.gladman.plus.com/computing/gmp4win.htm http://fp.gladman.plus.com/computing/gmp4win.htm http://fp.gladman.plus.com/computing/gmp4win.htm

Download ppt "10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.

RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.
Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.

Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.

Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.
Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.

Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.
Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)

Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)
Jens Groth BRICS, University of Aarhus Cryptomathic

Jens Groth BRICS, University of Aarhus Cryptomathic
1/11/2007 bswilson/eVote-PTCWS 1 Paillier Threshold Cryptography Web Service by Brett Wilson.

1/11/2007 bswilson/eVote-PTCWS 1 Paillier Threshold Cryptography Web Service by Brett Wilson.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.

Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote.

Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote.
Tree Homomorphic Encryption with Scalable Decryption Moti Yung Columbia University Joint work with Aggelos Kiayias University of Connecticut.

Tree Homomorphic Encryption with Scalable Decryption Moti Yung Columbia University Joint work with Aggelos Kiayias University of Connecticut.
The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.

The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.

Similar presentations

Ads by Google