Secure Voter Registration and Eligibility Checking for Nigerian Elections

Similar documents
SECURE REMOTE VOTER REGISTRATION

Privacy of E-Voting (Internet Voting) Erman Ayday

Addressing the Challenges of e-voting Through Crypto Design

arxiv: v3 [cs.cr] 3 Nov 2018

PRIVACY in electronic voting

Remote Internet voting: developing a secure and efficient frontend

COMPUTING SCIENCE. University of Newcastle upon Tyne. Verified Encrypted Paper Audit Trails. P. Y. A. Ryan TECHNICAL REPORT SERIES

CHAPTER 2 LITERATURE REVIEW

E- Voting System [2016]

General Framework of Electronic Voting and Implementation thereof at National Elections in Estonia

Should We Vote Online? Martyn Thomas CBE FREng Livery Company Professor of Information Technology Gresham College

Ad Hoc Voting on Mobile Devices

Secure Electronic Voting: Capabilities and Limitations. Dimitris Gritzalis

Electronic Voting For Ghana, the Way Forward. (A Case Study in Ghana)

Challenges and Advances in E-voting Systems Technical and Socio-technical Aspects. Peter Y A Ryan Lorenzo Strigini. Outline

Secure Electronic Voting

Int. J. of Security and Networks, Vol. x, No. x, 201X 1, Vol. x, No. x, 201X 1

Swiss E-Voting Workshop 2010

Design and Prototype of a Coercion-Resistant, Voter Verifiable Electronic Voting System

(c) In addition to complying with the terms of the CPS, Company shall comply with each of the following obligations:

Pretty Good Democracy for more expressive voting schemes

Secure Electronic Voting: New trends, new threats, new options. Dimitris Gritzalis

Estonian National Electoral Committee. E-Voting System. General Overview

An Application of time stamped proxy blind signature in e-voting

Colorado Secretary of State Election Rules [8 CCR ]

Statement on Security & Auditability

Union Elections. Online Voting. for Credit. Helping increase voter turnout & provide accessible, efficient and secure election processes.

Distributed Protocols at the Rescue for Trustworthy Online Voting

Electronic Voting Systems

Secure and Reliable Electronic Voting. Dimitris Gritzalis

The usage of electronic voting is spreading because of the potential benefits of anonymity,

Electronic Voting: An Electronic Voting Scheme using the Secure Payment card System Voke Augoye. Technical Report RHUL MA May 2013

Voting Protocol. Bekir Arslan November 15, 2008

M-Vote (Online Voting System)

Experiences as an e-counting election observer in the UK

Josh Benaloh. Senior Cryptographer Microsoft Research

Internet voting in Estonia

I-A. Voting Systems As Part of Cyber Security Critical Infrastructure.

An Object-Oriented Framework for Digital Voting

An untraceable, universally verifiable voting scheme

On Some Incompatible Properties of Voting Schemes

Survey on Remote Electronic Voting

Volume I Appendix A. Table of Contents

E-Voting, a technical perspective

Blind Signatures in Electronic Voting Systems

Key Considerations for Implementing Bodies and Oversight Actors

Introduction of Electronic Voting In Namibia

CRYPTOGRAPHIC PROTOCOLS FOR TRANSPARENCY AND AUDITABILITY IN REMOTE ELECTRONIC VOTING SCHEMES

Audits: an in-depth review of Venezuela s automatic voting

PRIVACY PRESERVING IN ELECTRONIC VOTING

Receipt-Free Universally-Verifiable Voting With Everlasting Privacy

Jurnal Teknologi A BIOMETRIC E-VOTING FRAMEWORK FOR NIGERIA. Full Paper. Akintoye Kayode A. a,b*, Araoye, Olalekan I. b

Towards a Standard Architecture for Digital Voting Systems - Defining a Generalized Ballot Schema

DESIGN AND ANALYSIS OF SECURED ELECTRONIC VOTING PROTOCOL

IC Chapter 15. Ballot Card and Electronic Voting Systems; Additional Standards and Procedures for Approving System Changes

A Robust Electronic Voting Scheme Against Side Channel Attack

Formal Verification of Selene with the Tamarin prover

Improving Electoral Engagement: A Narrative on the Evidence. Tavneet Suri November 5 th 2015

Towards One Person, One Vote via Real-Time Voter s Registration and Identification

Security Analysis on an Elementary E-Voting System

Colorado Secretary of State Election Rules [8 CCR ]

Subpart A General Provisions

SECURITY, ACCURACY, AND RELIABILITY OF TARRANT COUNTY S VOTING SYSTEM

ANTI FRAUD MEASURES. Principles

Human readable paper verification of Prêt à Voter

THE PROPOSAL OF GIVING TWO RECEIPTS FOR VOTERS TO INCREASE THE SECURITY OF ELECTRONIC VOTING

RECEIPT-FREE UNIVERSALLY-VERIFIABLE VOTING WITH EVERLASTING PRIVACY

Key Considerations for Oversight Actors

BIOMETRICS - WHY NOW?

Act means the Municipal Elections Act, 1996, c. 32 as amended;

An Overview on Cryptographic Voting Systems

Usability Analysis of Helios - An Open Source Verifiable Remote Electronic Voting System

Office for Democratic Institutions and Human Rights OSCE/ODIHR DISCUSSION PAPER IN PREPARATION OF GUIDELINES FOR THE OBSERVATION OF ELECTRONIC VOTING

2018 Municipal Election. Policies & Procedures. Internet & Telephone Voting

HAVA- Help America Vote Act of 2002

CPSC 467b: Cryptography and Computer Security

Response to the Scottish Government s Consultation on Electoral Reform

SMS based Voting System

Receipt-Free Homomorphic Elections and Write-in Voter Verified Ballots

European Parliamentary

Secured Electronic Voting Protocol Using Biometric Authentication

Ministry of Citizenship and Immigration. Follow-Up on VFM Section 3.09, 2014 Annual Report RECOMMENDATION STATUS OVERVIEW

L14. Electronic Voting

Mental Voting Booths

Protocol to Check Correctness of Colorado s Risk-Limiting Tabulation Audit

The Use of New Technologies in Electoral Process in Bosnia and Herzegovina: Where we started and where we are going

Online Voting System Using Aadhar Card and Biometric

Identity Documents Act

Ballot secrecy with malicious bulletin boards

Mecklenburg County Department of Internal Audit. Mecklenburg County Board of Elections Elections Process Report 1476

Prêt à Voter: a Voter-Verifiable Voting System Peter Y. A. Ryan, David Bismark, James Heather, Steve Schneider, and Zhe Xia

POLICY 3.01 ELECTION, REFERENDUM, AND PLEBISCITE MANAGEMENT. Election Conduct

Arthur M. Keller, Ph.D. David Mertz, Ph.D.

Elections, Technology, and the Pursuit of Integrity: the Connecticut Landscape

The Case for implementing a Bio-Metric National ID for Voting and/or to replace the Social Security Card

VOTERGA SAFE COMMISSION RECOMMENDATIONS

Trusted Logic Voting Systems with OASIS EML 4.0 (Election Markup Language)

Machine-Assisted Election Auditing

Scytl Secure Electronic Voting

Electronic Voting in Belgium Past, Today and Future

Transcription:

Secure Voter Registration and Eligibility Checking for Nigerian Elections Nicholas Akinyokun Second International Joint Conference on Electronic Voting (E-Vote-ID 2017) Bregenz, Austria October 24, 2017

Introduction Over the last decade, a number of countries have adopted different techniques to accurately identify eligible voters and increase democratic participation among their citizens during legally binding elections. On the one hand, biometric identification cards have been the most commonly used technique for identifying eligible voters during elections. Typical examples include the Belgian and Estonian national ID cards, as well as the Nigerian biometric voter cards, amongst others. On the other hand, voters have also been identified through mobile phones embedded with special SIM cards. A very common example is the Mobile-ID system used in Estonia for Internet voting. Image credits: http://www.smartcities.info/electronic-identity-card-integrated-municipal-websites https://gds.blog.gov.uk/2013/10/31/government-as-a-data-model-what-i-learned-in-estonia/ http://www.inecnigeria.org/wp-content/uploads/2015/02/election-manual-2015-.pdf

Research Motivation Accurate identification of eligible voters is a fundamental requirement in election administration. The majority of electronic voting schemes that have been proposed in the cryptographic literature have been designed specifically to prevent electoral fraud during the ballot casting phase of elections in developed countries. While these schemes and their various extensions claim to provide receiptfreeness and end-to-end verifiability, none of them effectively counter coercion. In addition, these voting schemes typically assume that the computer/ smartphones used by voters to cast their vote is trustworthy. Evidently, this assumption is rather naïve, because a voter s device might be infected by a malware that could manipulate votes, subvert a voting session or even execute denial-of-service and replay attacks intended to disenfranchise a certain group of voters.

Problems with Voter Identification in Nigeria Unavailability of a secure and reliable national ID infrastructure. Relative ease with which biometric voter cards can be forged or stolen. Coercion of voters to sell or voluntarily relinquish their voter cards. Security vulnerabilities in biometric voter card readers. Inaccurate and incomplete voter register. Ineffective and uncoordinated distribution of voter cards to remote areas. Poor quality of biometric data captured and stored in biometric voter cards. Undocumented collection of biometric voter cards by proxies. Dishonest polling officials colluding to allow ineligible voters to vote.

Research Objectives The primary aim of this research is to investigate how we could improve the integrity of the voter identification process in Nigeria. To accomplish this, we will explore the techniques that can be used to design a provably secure and verifiable cryptographic protocol that will uniquely identify voters in the presence of malicious adversaries and colluding polling officials. In addition, we will investigate how we can reduce the incidences of voter coercion during the voter registration and eligibility checking phases on election day. Once we have a fully functional protocol, we will formally verify the protocol in order to assess its overall security and performance. We are also considering the implementation of a voter identification system that can be used to evaluate the usability of the protocol.

Related Work

Progress made so far We have been able formulate the security properties and trust assumptions of the cryptographic protocol. In addition, we have outlined the protocol s adversarial model. In doing so, we have now reasonably specified the following: How an adversary will try to subvert the protocol's functionality. The potential attacks that can be launched against the protocol. A list of the goals, capabilities and possible limitations of each adversary. The security, trust and privacy implications of each adversary s influence on the protocol s functionality. At the moment, we are currently working on the high-level security proofs that will form the basis of the key security properties of the protocol s specification, notably receipt-freeness and participation privacy.

Security Requirements of the Protocol Eligibility: Only registered voters may vote. A voter can attempt to verify their identity at most once. After this attempt, the polling place officials have to be contacted to resolve any discrepancies. Individual verifiability: Each voter should be able to check that their voter ID has been accurately recorded on the bulletin board. Universal verifiability: The final list of eligible voters should be verifiable by any third party. Accuracy (Integrity): The announced list of eligible voters should reflect the true count of all legitimate voters. Participation privacy: The protocol should not disclose any information that will give a passive adversary the opportunity to know that an individual voter has participated in the election.

Security Requirements of the Protocol (contd.) Receipt-freeness: A voter should not be able to prove that they have verified their identity and subsequently voted. Coercion resistance: All voters should be able to verify their true identity and cast their ballot, even while appearing to cooperate with the coercer. Robustness: The protocol should be able to deliver the correct results even in the event of certain, suitably defined levels of failure or compromise. Availability: All eligible voters should be able to access all features of a fullyfunctioning voter registration system during the election. Vote secrecy: An adversary should not be able to know whether a particular voter has registered to vote at the polling place, based on the publicly available information on the bulletin board. From the viewpoint of the users of electronic voting systems, a major concern is whether the privacy claims of these systems can be trusted.

Components of the Protocol

Message Sequence Chart of the Protocol

How to Verify the Protocol s Security Formal analysis will be used to evaluate the possibility of adversarial attacks on the protocol s specification while formal verification will be used to verify the correctness of the protocol s specification and our security proofs. Moreover, since our protocol involves the use of the Fiat-Shamir heuristic, the security of all aspects of the protocol will be proven in a computationally-sound sense.

Contribution to Knowledge Upon successful completion, our main deliverable will be a provably secure and verifiable cryptographic protocol for voter registration and eligibility checking in Nigerian elections. With this protocol, we aim to: Reduce voter coercion, impersonation and disenfranchisement. Significantly reduce electoral fraud due to multiple voting. Disincentivise the collusion of political party representatives and election officials' to collectively subvert the electoral process. As the problems pertaining to the voter identification process in Nigeria resonates across a number of countries like Argentina, Brazil, Columbia and India, amongst others, it is envisaged that this research will provide a viable solution that can be studied to understand how to minimize voter coercion and electoral fraud during the voter registration and eligibility checking phases of elections in developing countries.

Questions?

References 1. A. Juels, D. Catalano, and M. Jakobsson. Coercion-resistant electronic elections. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, Alexandria VA, USA, 7-10 November 2005, pp. 61 70. 2. M.R. Clarkson, S. Chong, and A.C. Myers. Civitas: toward a secure voting system. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy, Oakland CA, USA, 18-21 May 2008, pp. 354 368. 3. S. Bursuc, G.S. Grewal, and M.D. Ryan. Trivitas: voters directly verifying votes. In: Proceedings of the 2011 International Conference on E-Voting and Identity (VOTE-ID2011),Talinn, Estonia, 28-30 September 2011, pp. 190 207. 4. B. Adida. Helios: web-based open-audit voting. In: Proceedings of the 17th USENIX Security Symposium, San Jose CA, USA, 28 July-1 August 2008, pp. 335 348. 5. G.S. Grewal et al. Du-Vote: remote electronic voting with untrusted computers. In: Proceedings of the 28th Computer Security Foundations Symposium, Verona, Italy, 13-17 July 2015, pp. 155 169.

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback