Download presentation
Presentation is loading. Please wait.
Published byGael Witty Modified over 10 years ago
1
Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony
2
Outline Paper Selection Criteria Secret Ballot Discussion Electronic vs. Handwritten ballots Summary of Results Physical Receipt Characteristics Verifying Votes Properties of the system Encoding, decoding, tallying votes Conclusion
3
Paper Selection Google Scholar: 25 Citations Published in IEEE Security and Privacy 2004 David Chaum: founded the International Association for Cryptographic Research, has filed 25 separate cryptography related patents Referenced directly in Wednesdays paper Scored 1,545,673 out of a possible 1,545,674 points on the Adam Anthony thinks its a really neat paper scale
4
Secret Ballots Required by free democracies Basic premise: The voter brings nothing out of the polling place that he didnt bring in that would provide information as to who he voted for. Buttons, T-Shirts, etc. allowed Copy of ballot, plaintext ballot materials, not allowed
5
Trust Issues Handwritten Ballots are the Gold Standard of voting Electronic voting machines are considered insecure
6
Summary of Results Use visual encryption to produce a zero-information ballot receipt Eliminates the need for proprietary black box systems Setup: A normal computer running openly published, verifiable software A special receipt printer User may take part of the encrypted receipt with him which can be used (personally, or by his party affiliation officials) to verify the correctness of his ballot Additionally, correctness can be verified without revealing who he voted for Tallying of votes is also quickly verifiable
7
Printer Requirements Printer fundamentally appears to be a simple cash register receipt printer Printer heads are positioned to print on both the front and back of a clear polymer tape The tape is actually 2 laminated pieces of tape The bottom inch contains instructions for separating the tape
8
Receipts, continued
9
Encoding a Receipt Generate one pad of random pixel symbols (white sheet) The second pad is created by choosing the correct symbol to either allow transparency or opacity (red sheet) Transparent portions produce the type-set report Swap every other pixel symbol between the two sheets so that either layer can be chosen as the receipt
10
Verifying Receipts Handheld scanners can be used to verify ballot consistency outside the polling place Digital copies of the receipts are sent to the main server Online: Enter the serial number at the bottom of the receipt and verify the image on record is identical to your own Eventually, all ballots are decrypted and posted online as well, to verify the count
11
Properties 1.If your receipt is correctly posted, you can be sure (with acceptable probability) that your vote will be included correctly in the tally 2.No one can decode your receipt or otherwise link it to your vote except by breaking the code or decrypting it using all the secret keys, each of which is assigned to a different trustee 3.There are only 3 ways a system could change a voters ballot without direct detection 1.Print an incorrect layer, gambling theyll choose the other layer 2.Use the same serial number for 2 different receipts, hoping the 2 voters choose the same layer 3.Perform a tally process step incorrectly, taking the chance that the step will escape selection during the audit 4.There is a 50/50 chance that any of the above fraud attempts will succeed, per ballot
12
Meat, Potatoes, Hold the Vegetables Where weve been: System Hardware Specification Encoding Receipts Verifying Receipts Properties of the system Where were going Mathematical model of the voting process Mathematical model of the tallying process Proof of system properties
13
About Dolls Author uses the Russian Doll analogy to explain the decryption process. A Doll consists of a set of random pads, added together (mod 2) The largest doll is used to create the background sheet There is a set of private keys that opens one of each of the dolls. The output of the decryption yields a partially decrypted message, as well as the value of the next doll Several trustees oversee each phase of decryption, basic key management schemes protect against missing/corrupt trustees
14
Voting Phase 1.The voter supplies a ballot image B 2.The system responds by providing two 4-tuples - this is the data printed on each separate layer 3.The voter visually verifies that L t L b = B and that q, D t, D b are identical on both layers 4.Voter aborts if there is a problem, or selects x = t or b for his choice of the top or bottom layer
15
Voting Phase, cont. 5.The system makes two digital signatures, and provides them as a 2-tuple 6.The voter (or a designate) performs a consistency check to ensure that the digital signatures of the 2-tuple check, using agreed public inverses of the systems private signature functions s x and o x,with the unsigned version of the corresponding values of the selected 4- tuple (as printed) on the selected layer, and that s x (q) correctly determines D x and the half of the elements of L x that it should determine
16
Yet more on the voting phase Remember that each layer contains an equal amount of red bits (the message) and white bits (the sum of dolls) Let R z and W z be matrices representing the set of red and white bits for layer image L z Let h and h be pseudo- random functions of q e i is a public key corresponding to a trustees private key d i L t i,2j - (i mod 2) = R t L t i,2j - (i + 1 mod 2) = W t L b i,2j - (i + 1 mod 2) = R b L b i,2j - (i mod 2) = W b R x W y = B x W z i,j = (d z k d z k-1 … d z 1 ) d z l = h(s z (q),l) d z l = h(d z l ) D z l = e l (d z l … e 2 (d z 2 (e 1 (d z 1 )) The final Doll, D z = D z k
17
Decryption to Plaintext Input L x and D y, refer to them as B k, D k Compute d l from D k using the proper private key D k-1 = D k / d l Find d l using h Compute B k-1 = B k d l B 0 = B z, the plaintext ballot
18
More important than decryption
19
Conclusion Reduces the cost of integrity while raising its level dramatically Voters are able to assure their own vote Voting can be more accessible due to the better handling of provisional ballots Hardware system costs are lower than current black-box systems, cost of printers should be less than the money saved Simpler maintenance, easier upgrade, multiple uses Open code means opposing parties will work hard to assure its integrity, and the government can fund the operation as well The auditing of trustees and system integrity is easily automated, and mathematically sound
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.