Presentation is loading. Please wait.

Presentation is loading. Please wait.

1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service."— Presentation transcript:

1 1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service view graph) by Justin Pohlmann Allen Liu

2 21/11/2007bswilson/eVote-PTCWS Outline of the Talk Introduction/Motivation Related Work Paillier Threshold Cryptography Suggested Improvement Encryption/Decryption Optimization Encryption/Decryption Optimization User Interface User Interface Future Direction Conclusion

3 31/11/2007bswilson/eVote-PTCWS Introduction/Motivation E-voting Requirements Privacy/Anonymity, Completeness, Soundness, Un-reusability, Eligibility, Fairness Privacy/Anonymity, Completeness, Soundness, Un-reusability, Eligibility, Fairness Robustness, Universal Verifiability, Receipt- Freeness, Incoercibility Robustness, Universal Verifiability, Receipt- Freeness, Incoercibility

4 41/11/2007bswilson/eVote-PTCWS Introduction/Motivation Many new Secure Voting protocols Mathematical algorithms presented in literature Mathematical algorithms presented in literature Unable to identify/locate implementations of these algorithms Unable to identify/locate implementations of these algorithms UCCS effort to develop a secure e-voting application Using the concept of Paillier Threshold Cryptosystem to implement a voting system Using the concept of Paillier Threshold Cryptosystem to implement a voting system Find areas of improvement Find areas of improvement Encryption Optimization User Interface

5 51/11/2007bswilson/eVote-PTCWS Related Work Basis for Implementation Sharing Decryption in the context of Voting or Lotteries (Fouque, Poupard, Stern) Sharing Decryption in the context of Voting or Lotteries (Fouque, Poupard, Stern) Closely related research A Generalization of Paillier’s Public Key Cryptosystem with Applications to Electronic Voting (Damgard, Jurik, Nielson) A Generalization of Paillier’s Public Key Cryptosystem with Applications to Electronic Voting (Damgard, Jurik, Nielson) Encryption and Decryption Optimization

6 61/11/2007bswilson/eVote-PTCWS Related Work Other Techniques Used In E-voting Protocols A Secure and Optimally Efficient Multi-Authority Election Scheme (Cramer, Gennaro, Schoenmakers) A Secure and Optimally Efficient Multi-Authority Election Scheme (Cramer, Gennaro, Schoenmakers) Receipt-free: protocols where vote-buying or coercing is not possible because voters cannot prove to others how they voted. Non-Interactive Zero Knowledge Proofs Non-Interactive Zero Knowledge Proofs Proof does not require interaction Proof does not require interaction Proof does not reveal any other information Proof does not reveal any other information Prove vote is valid without revealing content of vote Prove vote is valid without revealing content of vote Prove two encryptions encrypt the same message without revealing message Prove two encryptions encrypt the same message without revealing message

7 71/11/2007bswilson/eVote-PTCWS Uses of Paillier Cryptography Electronic Voting Electronic Voting Anonymous Mix Nets (due to self-blinding property) Anonymous Mix Nets (due to self-blinding property) Electronic Auctions Electronic Auctions Electronic Lotteries Electronic Lotteries

8 81/11/2007bswilson/eVote-PTCWS Cryptographic Techniques Implemented Paillier CryptoSystem Trapdoor Discrete Logarithm Scheme Trapdoor Discrete Logarithm Scheme c = g M r n mod n 2 c = g M r n mod n 2 n is an RSA modulus (modulus of 2 safe primes) n is an RSA modulus (modulus of 2 safe primes) Safe prime - Safe prime - p = 2q + 1 where q is also prime g is an integer of order nα mod n 2 g is an integer of order nα mod n 2 r is a random number in Z n * r is a random number in Z n * M = L(c λ(n) mod n 2 )/L(g λ(n) mod n 2 ) mod n M = L(c λ(n) mod n 2 )/L(g λ(n) mod n 2 ) mod n L(u) = (u-1)/n, λ(n)=lcm((p-1)(q-1)) L(u) = (u-1)/n, λ(n)=lcm((p-1)(q-1)) Important Properties Important Properties Probabilistic (randomness of E(M)) Homomorphic E(M 1 + M 2 ) = E(M 1 ) x E(M 2 ), E(k x M) = E(M) k E(M 1 + M 2 ) = E(M 1 ) x E(M 2 ), E(k x M) = E(M) kSelf-blinding D(E(M) r n mod n 2 ) = m D(E(M) r n mod n 2 ) = m

9 91/11/2007bswilson/eVote-PTCWS Suggested Encryption/Decryption Optimization Current Paillier System Suggested Paillier System Key Generation g = nα mod n 2 Key Generation g=n+1 Encryption: C = g M x n modn 2 Encryption: C = g M x n s modn s+1 Decryption M = L(c λ(n) mod n 2 )/L(g λ(n) mod n 2 ) mod n Decryption 1.c d modn s+1  (1+n) jMdmodn s 2.g d modn s+1  (1+n) jdmodn s 3.(jMd)(jd) -1 = Mmodn s

10 101/11/2007bswilson/eVote-PTCWS Suggested Encryption/Decryption Optimization. From O(n s )  O(s)

11 111/11/2007bswilson/eVote-PTCWS Cryptographic Techniques Implemented Threshold Encryption Public key encryption as usual Public key encryption as usual Distribute secret key “shares” among i participants Distribute secret key “shares” among i participants Decryption can only be accomplished if a threshold number t of the i participants cooperate Decryption can only be accomplished if a threshold number t of the i participants cooperate No information about m can be obtained with less than t participants cooperating Shamir Secret Sharing Lagrange Interpolation formula Lagrange Interpolation formula f(X) = Σ t i=0 a i X i f(X) = Σ t i=0 a i X i a 0 is secret, a i are random, f(X) are “secret shares” a 0 is secret, a i are random, f(X) are “secret shares” X is share index (1 to number of servers) If enough f(X) available it is possible to recover a 0 If enough f(X) available it is possible to recover a 0

12 121/11/2007bswilson/eVote-PTCWS Voting Application PTC Use Election Admin PTC Web Service PTC CSP 2. SOAP/XML Request for PTC Parameters 3. SOAP/XML Response containing RSA encrypted PTC Parameters Election Authorities 1. Election Authorities’ RSA Public Keys 8. Partial Decryption Shares of Vote Tally/Proofs of Correct Decryption 4. RSA Encrypted Secret Key Shares PTC CSP 7. Paillier Encrypted Vote Tally 9. Vote Tally Voter PTC CSP 5. Paillier Public Key 6. Paillier- Encrypted Vote Voters Vote

13 131/11/2007bswilson/eVote-PTCWS Preliminary Website Layout LoginPage AdminPage VoterPage VotePage ElectionCreation Encrypt/Decrypt

14 141/11/2007bswilson/eVote-PTCWS Admin Page Election Creation Add User(s)/Group(s) allowed to vote Add User(s)/Group(s) allowed to vote Add Election Admins Add Election AdminsEncryption/Decryption Via Email Via Email Add group

15 151/11/2007bswilson/eVote-PTCWS Voter Page Elections users can vote on Brings up voting page Allows vote, then doesn’t allow user to vote again Allows vote, then doesn’t allow user to vote again

16 161/11/2007bswilson/eVote-PTCWS Database Schema Ballots Candidate Elections Votes Users Eligibility Encryptors EncryptionStatus

17 171/11/2007bswilson/eVote-PTCWS Future Direction Implement the suggested Improvement Integrate other cryptosystem protocols (i.e. Receipt-Freeness and Zero Knowledge Proofs)

18 181/11/2007bswilson/eVote-PTCWS Questions?

Download ppt "1/11/2007 bswilson/eVote-PTCWS 1 Enhancing PTC based Secure E-Voting System (note: modification of Brett Wilson’s Paillier Threshold Cryptography Web Service."

Similar presentations

Non-interactive Zero- Knowledge Arguments for Voting Jens Groth UCLA.

Non-interactive Zero- Knowledge Arguments for Voting Jens Groth UCLA.
Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.

Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
Civitas Verifiability and Coercion Resistance for Remote Voting University of South Alabama August 15, 2012 Michael Clarkson The George Washington University.

Civitas Verifiability and Coercion Resistance for Remote Voting University of South Alabama August 15, 2012 Michael Clarkson The George Washington University.
A Pairing-Based Blind Signature

A Pairing-Based Blind Signature
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Receipt-Free Universally-Verifiable Voting With Everlasting Privacy Tal Moran Joint work with Moni Naor.

Receipt-Free Universally-Verifiable Voting With Everlasting Privacy Tal Moran Joint work with Moni Naor.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.

Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.
Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.

Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.
Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)

Research & development A Practical and Coercion-resistant scheme for Internet Voting Jacques Traoré (joint work with Roberto Araújo and Sébastien Foulle)
Jens Groth BRICS, University of Aarhus Cryptomathic

Jens Groth BRICS, University of Aarhus Cryptomathic
1/11/2007 bswilson/eVote-PTCWS 1 Paillier Threshold Cryptography Web Service by Brett Wilson.

1/11/2007 bswilson/eVote-PTCWS 1 Paillier Threshold Cryptography Web Service by Brett Wilson.
Practical Aspects of Modern Cryptography Josh Benaloh & Brian LaMacchia.

Practical Aspects of Modern Cryptography Josh Benaloh & Brian LaMacchia.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.
Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote.

Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek 1 5/29/2007Hakan Evecek/SE2Evote.
Tree Homomorphic Encryption with Scalable Decryption Moti Yung Columbia University Joint work with Aggelos Kiayias University of Connecticut.

Tree Homomorphic Encryption with Scalable Decryption Moti Yung Columbia University Joint work with Aggelos Kiayias University of Connecticut.
The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.

The Algebra of Encryption CS 6910 Semester Research and Project University of Colorado at Colorado Springs By Cliff McCullough 20 July 2011.

Similar presentations

Ads by Google