Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton.

Published bySteven Basil Cummings Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton."— Presentation transcript:

1 Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton

2 Motivation Current absentee ballot system requires a physical visit to the voting district authorities and one mailing or three mailings between voter and voting district authorities for every election Increase voter turnout of overseas military and citizens, disabled voters, out-of-state college students, younger citizens, traveling businessmen, etc. Increase confidence of election correctness by providing feedback to voters

3 Characteristics of a Secure Voting System CompletenessSoundnessPrivacyUnreusabilityEligibilityFairnessVerifiability

4 Threats to a Voting System Insider Attacks Denial of Service Vote Buying / Vote Coercion Virus

5 Cryptographic Functions Hash Digital Signature Blind Signature Verifiable Mixing Blind Commitment

6 Hash h = H(k 1, H(k 2, M) Used to ensure integrity of M Computationally infeasible to find a different values of M, k 1, or k 2 that yield the same hash output h k 1 and k 2 are random numbers to increase the strength of the resulting hash

7 Digital Signature Provides authentication and integrity Using RSA, signature C of H(M) using secret key d by C = H(M) d mod n Verify C by public key e by H(M) = C e mod n H(M) = C e mod n H(M) is hash of message M

8 Blind Signature Allows trusted authority to sign data that it can not see Encrypt message using random number k and trusted authority’s public key e by B = Mk e mod n B = Mk e mod n Authority signs with private key d by S = M d k mod n S = M d k mod n Blind signature extracted with k by C = (S / k) mod n = M d mod n

9 Verifiable Mixing Shuffle a list of encrypted data and pass it on to a second authority Second authority has no way to construct original order Any party can confirm all the original, unmodified data is present in the shuffled data, and no extra data was added No one but the shuffler has access to original list

10 Blind Commitment Prove to an authority that data has been created and fixed without supplying the data itself Data owner creates two random keys and calculates the hash h = H(k 1 || k 2 || M) Data owner sends k 2 and h to authority for safe keeping Data owner sends k 1 and M when data must be revealed and verified

11 Existing Systems Traditional (PCOS) Direct Record Electronic (DRE) Absentee VoteHere VHTi SERVE EVOX with Multiple Administrators

12 Traditional (PCOS) Precinct Counted Optical Scan Voter fills in circles on paper ballot Takes completed ballot to optical scanner in a sleeve Voter inserts paper ballot into scanner Optical scanner records are transported to central district for processing

13 Direct Record Electronic Ballot stored electronically, no paper ballot used Often use touch screens or push buttons Paper records may be printed internally during or after an election, but are not subject to voter verification Results usually reported on an electronic memory module or via modem

14 Absentee Registration requires a physical visit to the voting authority or a two-way mailing. Ballot and return envelopes are mailed prior to election. Voter completes ballot, encases it in an inner envelope, then mails it to the voting authority in an outer envelope up to the Saturday before Election Day. Voting officials open the outer envelope, shuffle inner envelopes, then remove and process ballots.

15 EVOX with Multiple Administrators Extension of EVOX system Reduces threat of insider attacks More than half of the available Administrators must validate each voter Commissioner Manager Administrators Anonymizer Tallying Server Voter Voter Voter

16 VoteHere VHTi DRE system Creates paper receipt for voter after casting the ballot Voter may verify that his/her ballot was correctly received by officials Anyone can verify correct tabulation of results

17 Generate receipt Unblind and decode results Choose columns for non-selections 40 011 1 22222222 235 304 453 5 VoteHere Receipt Example AlBob Clive Dan Al Bob Clive Dan 0,4 3,5 2,2 4,1 NoNo Yes No 0 1 2 3 4 5 Choose column for selection Blinded and committed ballot

18 SERVE Secure Electronic Registration and Voting Experiment intended for trials in 2004 election Developed as part of Federal Voting and Assistance Program (FVAP) Ruled too insecure by Security Peer Review Group Used Internet for transmissions and heavy use of public key cryptography

19 Proposed System SERVE’s cryptography EVOX with Multiple Administrators’ structure VoteHere’s public audit mechanisms Bootable CD and modem pool for increased security Commissioner Manager Administrators Anonymizer Tallying Server Modem Pool Voter Voter Voter

20 Registration Similar to absentee registration Propose allowing voters to establish a window for remote voting

21 Bootable CD Self-contained, minimal operating system and ballot information Private key and unique voter ID mailed with CD Mailed to voters several weeks ahead of time Voter may use CD to vote up until the Saturday before Election Day

22 Modem Pool Provides bridge between voting PCs and servers Compared to Internet, more resistant to Spoofing Spoofing DoS DoS Eavesdropping Eavesdropping

23 Administrators Maintains list of voter IDs, voter public keys, and optionally ballot type information (district, party, etc.) Each administrator receives a message for the blind commitment of the voter’s ballot E KAi+ (V, E KV- (H(k 1,i || k 2,i || B), k 2,i )) Commits and returns ticket to voter E KV- (E KT+ (E KAi- (H(k 1,i || k 2,i || B), k 2,i, D)))

24 Manager Signs list of administrators a voter used to validate the ballot Does not know which administrators were used Only signs one list per voter ID Voter sends E KM+ (V, E V- ( H(A||k 1,1 ||…||k 1,n ))) Returned ticket is E V+ (E KM- (H(A||k 1,1 ||…||k 1,n )))

25 Anonymizer Voter sends completed ballot, verification tickets, and keys to unblind data E KANON+ (V, E KV- (B, E KT+ (E KM- (H(A || k 1,1 || … || k 1,n )), E KT+ (E KA1- (H(k 1,1 || k 2,1 || B), k 2,1, D)),..., E KT+ (E KAn- (H(k 1,n || k 2,n || B), k 2,n, D)), k B, k 1,1,... k 1,n, A))))

26 Anonymizer Anonymizer uses the list of voter IDs and public keys to decrypt the message. It creates a list of voter IDs and partially unblinded ballots (B) for publication on the web. It creates a list of B’s and the tallying server tickets, shuffles via verifiable mixing, and moves the list to the tallying server.

27 Tallying Server Ballot data from Anonymizer has the form B, E KT+ (E KM- (H(A || k 1,1 || … || k 1,n )), E KT+ (E KA1- (H(k 1,1 || k 2,1 || B), k 2,1, D)),..., E KT+ (E KAn- (H(k 1,n || k 2,n || B), k 2,n, D)), k B, k 1,1,... k 1,n, A))) All information present is protected by the tallying server’s public key, and no information about the specific voter is needed to decrypt, unblind, or verify data.

28 Tallying Server Tallying server uses Administrator keys and supplies data to confirm the following: More than half of the Administrators signed the ballot. More than half of the Administrators signed the ballot. The Manager signed a list that matches the Administrator tickets submitted. The Manager signed a list that matches the Administrator tickets submitted. The voter submitted the appropriate type of ballot. The voter submitted the appropriate type of ballot. The allowed number of selections for each question was not exceeded. The allowed number of selections for each question was not exceeded. Unblinded ballots are converted to strings of “yes” or “no” and published to the web for public viewing.

29 Implementation Initially target overseas military and citizens (est. 6,000,000) Create option for domestic voters System scales linearly as number of voters increases

30 Conclusion Reduces number of communication steps between voting authorities and voters prior to the election Increases voting availability to several demographics Provides a more secure system than the prior systems Allows more voters to confirm accuracy of election process, generating confidence in the system

Download ppt "Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
Military and Overseas Voters – Ready for the General Election! September 2014 Brad King Co-Director, Indiana Election Division 2014 Election Administrators.

Military and Overseas Voters – Ready for the General Election! September 2014 Brad King Co-Director, Indiana Election Division 2014 Election Administrators.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.
A Pairing-Based Blind Signature

A Pairing-Based Blind Signature
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Election Observer Training 2008 Elections Certification & Training Program 360.902.4180.

Election Observer Training 2008 Elections Certification & Training Program
The Punchscan Voting System Refinement and System Design Rick Carback Kevin Fisher Sandi Lwin May 8, 2006.

The Punchscan Voting System Refinement and System Design Rick Carback Kevin Fisher Sandi Lwin May 8, 2006.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
©1996-2004 VoteHere, Inc. All rights reserved. November 2004 VHTi Data Demonstration Andrew Berg Director, Engineering.

© VoteHere, Inc. All rights reserved. November 2004 VHTi Data Demonstration Andrew Berg Director, Engineering.
10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Guide to the Voting Action Planner Voting is the way we elect government officials, pass laws and decide on issues…

Guide to the Voting Action Planner Voting is the way we elect government officials, pass laws and decide on issues…
Static Validation of a Voting ProtocolSlide 1 Static Validation of a Voting Protocol Christoffer Rosenkilde Nielsen with Esben Heltoft Andersen and Hanne.

Static Validation of a Voting ProtocolSlide 1 Static Validation of a Voting Protocol Christoffer Rosenkilde Nielsen with Esben Heltoft Andersen and Hanne.
Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.

Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Similar presentations

Ads by Google