Presentation is loading. Please wait.

Presentation is loading. Please wait.

A. Steffen, 27.02.2012, Kickoff.pptx 1 Kickoff Meeting „E-Voting Seminar“ An Introduction to Cryptographic Voting Systems Andreas Steffen Hochschule für.

Published byEllen Norton Modified over 8 years ago

Similar presentations

Presentation on theme: "A. Steffen, 27.02.2012, Kickoff.pptx 1 Kickoff Meeting „E-Voting Seminar“ An Introduction to Cryptographic Voting Systems Andreas Steffen Hochschule für."— Presentation transcript:

1 A. Steffen, 27.02.2012, Kickoff.pptx 1 Kickoff Meeting „E-Voting Seminar“ An Introduction to Cryptographic Voting Systems Andreas Steffen Hochschule für Technik Rapperswil andreas.steffen@hsr.ch

2 A. Steffen, 27.02.2012, Kickoff.pptx 2 Cryptographic Voting Systems Due to repeated failures and detected vulnerabilities in both electro-mechanical and electronic voting machines, voters have somehow lost faith that the outcome of a poll always represents the true will of the electorate. Even more uncertain is electronic voting over the Internet which is potentially prone to coercion and vote-selling (this doesn‘t seem to be an issue in Switzerland). Manual counting of paper ballots is not really an option in the 21 st century and is not free from tampering either. Modern cryptographic voting systems allow true end-to-end verification of the complete voting process by any individual voter, without sacrificing secrecy and privacy. Summary:

3 A. Steffen, 27.02.2012, Kickoff.pptx 3 E-Voting in my home town Schlieren Hidden PIN „Internet-based voting does not have to be more secure as voting per snail mail“ Justice Department of the Canton of Zurich

4 A. Steffen, 27.02.2012, Kickoff.pptx 4 [In]Security Features ??? Protection from Man-in-the-Middle attacks

5 A. Steffen, 27.02.2012, Kickoff.pptx 5 E-Voting Website

6 A. Steffen, 27.02.2012, Kickoff.pptx 6 Voter Login

7 A. Steffen, 27.02.2012, Kickoff.pptx 7 Ballot (PHP Form)

8 A. Steffen, 27.02.2012, Kickoff.pptx 8 E-Voting in my home town Schlieren PIN

9 A. Steffen, 27.02.2012, Kickoff.pptx 9 Voter Authentication

10 A. Steffen, 27.02.2012, Kickoff.pptx 10 Transmission Receipt

11 A. Steffen, 27.02.2012, Kickoff.pptx 11 Conclusion So what? „You are not allowed to know. The exact transaction processing is kept secret due to security reasons“ Justice Department of the Canton of Zurich

12 A. Steffen, 27.02.2012, Kickoff.pptx 12 Traditional Chain-of-Custody Security Tallying Source: Ben Adida, Ph.D. Thesis 2006 Software Verification Sealing Verification by proxy only

13 A. Steffen, 27.02.2012, Kickoff.pptx 13 Desirable: End-to-End Verification by Voter Source: Ben Adida, Ph.D. Thesis 2006 Secrecy? Privacy?

14 A. Steffen, 27.02.2012, Kickoff.pptx 14 End-to-End Auditable Voting System (E2E) Any voter can verify that his or her ballot is included unmodified in a collection of ballots. Any voter (and typically any independent party additionally) can verify [with high probability] that the collection of ballots produces the correct final tally. No voter can demonstrate how he or she voted to any third party (thus preventing vote-selling and coercion). Source: Wikipedia

15 A. Steffen, 27.02.2012, Kickoff.pptx 15 Solution: Cryptographic Voting Systems Source: Ben Adida, Ph.D. Thesis 2006 AB C A B C Threshold Decryption ElGamal/ Paillier Homomorphic Tallying Mixnet Tamper-Proof Bulletin Board

16 A. Steffen, 27.02.2012, Kickoff.pptx 16 Proposed E2E Systems Punchscan by David Chaum. Prêt à Voter by Peter Ryan. Scratch & Vote by Ben Adida and Ron Rivest. ThreeBallot by Ron Rivest (paper-based without cryptography) Scantegrity II by David Chaum, Ron Rivest, Peter Ryan et al. (add-on to optical scan voting systems using Invisible Ink) Helios by Ben Adida (www.heliosvoting.org/) Selectio Helvetica by BFH (www.baloti.ch) Primevote by MSE graduates Christoph Galliker and Halm Reusser (www.smartprimes.ch)

17 A. Steffen, 27.02.2012, Kickoff.pptx 17 Conclusion Modern Cryptographic Voting Systems allow true end-to-end verification of the whole voting process by anyone while maintaining a very high level of secrecy. Due to the advanced mathematical principles they are based on, Cryptographic Voting Systems are not easy to understand and are therefore not readily accepted by authorities and the electorate. But let‘s give Cryptographic Voting Systems a chance! They can give democracy a new meaning in the 21 st century!

18 A. Steffen, 27.02.2012, Kickoff.pptx 18 E-Voting Literature and Simulators http://security.hsr.ch/msevote/ Collection of MSE E-Voting seminar papers E-Voting Simulator based on the Paillier Cryptosystem E-Voting Simulator on the Damgard-Jurik Cryptosystem Generalized Paillier, reduces to Paillier Cryptosystem with s = 1 Threshold Decryption with Distributed Keys issued by Trusted Dealer Assume generator g = n+1 (  = 1,  = 1) The Paillier Cryptosystem, presented at the BFH E-Voting seminar

19 A. Steffen, 27.02.2012, Kickoff.pptx 19 E-Voting Seminar Project Verifiable E-Voting System for Shareholder Meetings. Example: Novartis AG with 2‘745‘623‘000 shares Item 1: Approval of the Annual Report and Financial Statements yes / no / abstention (32 bit field per option) Voter 1550‘000‘010 shares Voter 2500‘000‘010 shares Voter 3400‘000‘010 shares Voter 4350‘000‘010 shares Voter 5300‘000‘010 shares Voter 6150‘000‘010 shares Voter 7100‘000‘010 shares Voter 8 50‘000‘010 shares Voter 9 50‘000‘010 shares Voter 10 50‘000‘010 shares Total 2‘500‘000‘100 shares

20 A. Steffen, 27.02.2012, Kickoff.pptx 20 Partial Private Key i=N, N, T, d, n Encrypted Ballot v=V, c, a[], e[], z[] E-Voting Seminar Project Tasks Threshold Key Generation by Trusted Dealer Threshold Key Generation by Trusted Dealer 1 Public Key n, g=n+1 Ballot Encrypt. and ZKP by Voter v Ballot Encrypt. and ZKP by Voter v 2 Encrypted Ballot v=1, c, a[], e[], z[] keysize, N, T Partial Private Key i=1, N, T, d, n ZKP Check Weighted Tallying ZKP Check Weighted Tallying 3 Shareholder Registry v[], w[] Partial Decrypt. by Trustee i Partial Decrypt. by Trustee i 4 Encrypted Tally ct Partial Private Key i=N, N, T, pt, n Partiallly Decr. Tally i=1, N, T, pt, n Threshold Decryption Threshold Decryption 5 Decrypted Tally yes, no, abstention Paillier Cryptosystem keysize = 1536 bits V=10, N=5, T=3 protected channel

21 A. Steffen, 27.02.2012, Kickoff.pptx 21 Conditions Goal: Restrict effort spent on project to 90 working hours (3 ECTS) Programming or scripting language: Arbitrary Program code without whistles and bells! No GUI required, may be a command line program. I/O Format: JSON Big numbers encoded as hexadecimal strings {"v":1,"c":"2fe698..daf57e"} Details of interface specification to be settled among tasks Deliverables: Commented program code and final test run data Slides of final presentation

Download ppt "A. Steffen, 27.02.2012, Kickoff.pptx 1 Kickoff Meeting „E-Voting Seminar“ An Introduction to Cryptographic Voting Systems Andreas Steffen Hochschule für."

Similar presentations

Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony.

Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony.
RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.

RPC Mixing: Making Mix-Nets Robust for Electronic Voting Ron Rivest MIT Markus Jakobsson Ari Juels RSA Laboratories.
Talk by Vanessa Teague, University of Melbourne Joint work with Chris Culnane, James Heather & Steve Schneider at University of.

Talk by Vanessa Teague, University of Melbourne Joint work with Chris Culnane, James Heather & Steve Schneider at University of.
Electronic Voting System Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin Dan S. Wallach IEEE Symp. On Security and Privacy 2004 VoteHere System Analysis,

Electronic Voting System Tadayoshi Kohno, Adam Stubblefield, Aviel D. Rubin Dan S. Wallach IEEE Symp. On Security and Privacy 2004 VoteHere System Analysis,
Electronic Voting Ronald L. Rivest MIT CSAIL Norway June 14, 2004.

Electronic Voting Ronald L. Rivest MIT CSAIL Norway June 14, 2004.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
Civitas Verifiability and Coercion Resistance for Remote Voting University of South Alabama August 15, 2012 Michael Clarkson The George Washington University.

Civitas Verifiability and Coercion Resistance for Remote Voting University of South Alabama August 15, 2012 Michael Clarkson The George Washington University.
Can voters check that their e-vote is cast as they intended and properly included in an accurate count? Vanessa Teague University of Melbourne

Can voters check that their e-vote is cast as they intended and properly included in an accurate count? Vanessa Teague University of Melbourne
Civitas Security and Transparency for Remote Voting Swiss E-Voting Workshop September 6, 2010 Michael Clarkson Cornell University with Stephen Chong (Harvard)

Civitas Security and Transparency for Remote Voting Swiss E-Voting Workshop September 6, 2010 Michael Clarkson Cornell University with Stephen Chong (Harvard)
ThreeBallot, VAV, and Twin Ronald L. Rivest – MIT CSAIL Warren D. Smith - CRV Talk at EVT’07 (Boston) August 6, 2007 Ballot Box Ballot Mixer Receipt G.

ThreeBallot, VAV, and Twin Ronald L. Rivest – MIT CSAIL Warren D. Smith - CRV Talk at EVT’07 (Boston) August 6, 2007 Ballot Box Ballot Mixer Receipt G.
ETen E-Poll ID – Strasbourg COE meeting 23-24 November, 2006 Slide 1 E-TEN 29332 E-POLL Project Electronic Polling System for Remote Operation Strasbourg.

ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
On the Security of Ballot Receipts in E2E Voting Systems Jeremy Clark, Aleks Essex, and Carlisle Adams Presented by Jeremy Clark.

On the Security of Ballot Receipts in E2E Voting Systems Jeremy Clark, Aleks Essex, and Carlisle Adams Presented by Jeremy Clark.
Cryptographic Voting Protocols: A Systems Perspective Chris Karlof Naveen Sastry David Wagner UC-Berkeley Direct Recording Electronic voting machines (DREs)

Cryptographic Voting Protocols: A Systems Perspective Chris Karlof Naveen Sastry David Wagner UC-Berkeley Direct Recording Electronic voting machines (DREs)
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
A method for electronic voting with Coercion-free receipt David J. Reynolds (unaffiliated)

A method for electronic voting with Coercion-free receipt David J. Reynolds (unaffiliated)
Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.

Electronic Voting Presented by Ben Riva Based on presentations and papers of: Schoenmakers, Benaloh, Fiat, Adida, Reynolds, Ryan and Chaum.
Self-Enforcing E-Voting (SEEV) Feng Hao Newcastle University, UK CryptoForma’13, Egham.

Self-Enforcing E-Voting (SEEV) Feng Hao Newcastle University, UK CryptoForma’13, Egham.
Josh Benaloh Senior Cryptographer Microsoft Research.

Josh Benaloh Senior Cryptographer Microsoft Research.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

10/25/20061 Threshold Paillier Encryption Web Service A Master’s Project Proposal by Brett Wilson.

Similar presentations

Ads by Google