Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

Published byAbril Wardwell Modified over 9 years ago

Similar presentations

Presentation on theme: "The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000."— Presentation transcript:

1 The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000

2 What is CINECA A Consortium of 15 Italian Universities Mission: to provide the most advanced computing and networking services to universities and industries Founded in 1969 About 150 full time researchers

3 CINECA resources Cray T3E - 256 nodes IBM SP/2 - 32 nodes IBM SP/3 - 8 nodes SGI Onyx2 SGI Origin 2000 SGI Challenge L-2 Gigabit backbone LAN 10+ Mbps connection to Internet The first and unique Virtual Theatre in Italy

4 How Italian Universities recruit teaching staff When a University offers a position, an evaluation committee is needed Members of the committee have to be elected amongst all the teaching staff in all the Italian Universities belonging to the scientific discipline related to the position offered Each offered position, therefore, requires a nation-wide election (!)

5 Complexity Thousands of elections, each with a different list of candidates and involving many thousands of electors Achieving this objective with traditional methods is impossible The Ministry for University and Scientific and Technologic Research asked us to build an Electronic Voting System

6 Requirements As in a traditional election: ä Legitimacy: only those who have the right to vote can vote and can cast only one vote ä Secrecy: no one can read the vote until the polling phase ä Anonymity: the identity of the voter cannot be traced from the vote cast ä Integrity: the vote cannot be modified once it has been cast In addition: ä Acknowledge receipt of each vote cast

7 The Electronic Voting System A Central Electoral Office for voting authorizations A Central Ballot-Box collecting votes Many Polling Stations distributed all over the country and directly connected to the two central entities Smart card based asymmetric cryptography

8 The Polling Station

9 Voting operations He votes using a network terminal The printer prints out a record with the name of the voter and periodic accounting on the number of voters The voter is identified at a Polling Station by an electoral committee He receives a one time use personal secret code

10 Polling operations Each Recruitment Procedure Officer, using his smart card, gets the encrypted votes from the Central Ballot-Box and decrypt them He determines the results, signs them with the smart card and gets them published on the Web in real-time

11 Polling Station software A specific client in Java No local data Simple to use even for non-technical skilled people Mouse use not required Confirmation required before any critical action

12 The Certification Authority Issues X.509v3 certificates for: Recruitment Procedure Officers Polling Stations

13 Global architecture The voting phase Central Electoral Office Central Ballot-Box Voter Polling Station Voter identification Voting Authorization + List of Candidates + Public-Key for encryption Voting Authorization + Encrypted Vote Issued Voting Authorization Used or Expired Voting Authorization Acknowledge of receipt

14 Global architecture The poll phase IIdentification Central Electoral Office Central Ballot-Box Recruitment Procedure Officer Verifies credentials Authorizes operation Ecrypted votes Polling station

15 Hardware CENTRAL ELECTORAL OFFICE CENTRAL BALLOT-BOX CONTROL WORKSTATION ACCESS ROUTERS PRINTER ISDN ROUTER Polling station y PRINTER ISDN ROUTER Polling station x STATION 1STATION 2STATION 1STATION 2STATION 3 CERTIFICATION AUTHORITY

16 The Network Private ISDN network configured as a closed user group Direct connection from each Polling Station to the central servers Dial-on-demand with multi-link PPP Caller ID verification Centralized management of each network device

17 Security systems Votes are protected by: Strong asymmetric cryptography based on smart card SSL authentication with X.509v3 certificates Digital signature of the Polling Station

18 Votes flow RECRUITMENT PROCEDURE OFFICER PUBLIC KEY ENCRYPTED VOTE ENCRYPTED VOTE POLLING STATION PRIVATE KEY CENTRAL BALLOT-BOX PUBLIC KEY ISDN LINE CENTRAL BALLOT-BOX RECRUITMENT PROCEDURE OFFICER PRIVATE KEY Polling phase ISDN LINE SSL ENCRYPTED VOTE

19 Why is the system secure? Authentication for both client and server All communications are 1024 bit RSA protected The intranet is not connected to the public Internet Each vote is encrypted with the Recruitment Procedure Officer public key and signed by the Polling Station No relation between the vote and the voter Protection against the system managers

20 System certification This solution has been checked and certified as safe by a Technical Committee on behalf of the Ministry for University and Scientific and Technologic Research

21 The first voting session in 1999 Some numbers 1969 elections and different candidate lists 42497 electors 79 Polling Stations in 72 Universities 209 Voting Stations 26873 voters (63%) 163645 votes cast Opening time for Polling Stations: 3 weeks Average number of votes due by each voter: 6 Average elapsed time for each voter: 5 minutes Average elapsed time from the beginning of the polling phase and the publishing of the results on the Web: 1 minute

22 Future extensions A personal identity card for each voter instead of the one-time-use secret code Polling Stations on the public Internet Feasibility of voting from any PC Other kinds of elections...

23 For any information evote@cineca.it

Download ppt "The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000."

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
ETen E-Poll ID – Strasbourg COE meeting 23-24 November, 2006 Slide 1 E-TEN 29332 E-POLL Project Electronic Polling System for Remote Operation Strasbourg.

ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Cryptography and Network Security

Cryptography and Network Security
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Chapter 8 Web Security.

Chapter 8 Web Security.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Similar presentations

Ads by Google