Secure Electronic Voting: New trends, new threats, new options. Dimitris Gritzalis

Similar documents
Secure and Reliable Electronic Voting. Dimitris Gritzalis

Secure Electronic Voting: Capabilities and Limitations. Dimitris Gritzalis

Electronic Voting Systems

Secure Electronic Voting

Addressing the Challenges of e-voting Through Crypto Design

CHAPTER 2 LITERATURE REVIEW

General Framework of Electronic Voting and Implementation thereof at National Elections in Estonia

Union Elections. Online Voting. for Credit. Helping increase voter turnout & provide accessible, efficient and secure election processes.

Swiss E-Voting Workshop 2010

E- Voting System [2016]

SECURE e-voting The Current Landscape

Privacy of E-Voting (Internet Voting) Erman Ayday

The usage of electronic voting is spreading because of the potential benefits of anonymity,

CRYPTOGRAPHIC PROTOCOLS FOR TRANSPARENCY AND AUDITABILITY IN REMOTE ELECTRONIC VOTING SCHEMES

Estonian National Electoral Committee. E-Voting System. General Overview

Electronic Voting: An Electronic Voting Scheme using the Secure Payment card System Voke Augoye. Technical Report RHUL MA May 2013

DESIGN AND ANALYSIS OF SECURED ELECTRONIC VOTING PROTOCOL

PRIVACY PRESERVING IN ELECTRONIC VOTING

L9. Electronic Voting

Security Analysis on an Elementary E-Voting System

Statement on Security & Auditability

Designing issues and requirement to develop online e- voting system systems having a voter verifiable audit trail.

SECURITY, ACCURACY, AND RELIABILITY OF TARRANT COUNTY S VOTING SYSTEM

Additional Case study UK electoral system

SMART VOTING. Bhuvanapriya.R#1, Rozil banu.s#2, Sivapriya.P#3 Kalaiselvi.V.K.G# /17/$31.00 c 2017 IEEE ABSTRACT:

SEMINAR WORK: E- ELECTIONS AND E- VOTING - THE CASE OF SWITZERLAND AND FRANCE

Key Considerations for Implementing Bodies and Oversight Actors

Key Considerations for Oversight Actors

E-Voting, a technical perspective

An Object-Oriented Framework for Digital Voting

Functional Requirements for a Secure Electronic Voting System

Secured Electronic Voting Protocol Using Biometric Authentication

Secure Voter Registration and Eligibility Checking for Nigerian Elections

Netvote: A Blockchain Voting Protocol

PRIVACY in electronic voting

TO: Chair and Members REPORT NO. CS Committee of the Whole Operations & Administration

L14. Electronic Voting

Thoughts On Appropriate Technologies for Voting

Secretary of State Chapter STATE OF ALABAMA OFFICE OF THE SECRETARY OF STATE ADMINISTRATIVE CODE

E-Voting Systems Security Issues

Towards a Practical, Secure, and Very Large Scale Online Election

Privacy Issues in an Electronic Voting Machine

Internet Voting the Estonian Experience

On Some Incompatible Properties of Voting Schemes

Electronic Voting Service Using Block-Chain

Citizen engagement and compliance with the legal, technical and operational measures in ivoting

A MULTIPLE BALLOTS ELECTION SCHEME USING ANONYMOUS DISTRIBUTION

Design and Prototype of a Coercion-Resistant, Voter Verifiable Electronic Voting System

Blind Signatures in Electronic Voting Systems

Int. J. of Security and Networks, Vol. x, No. x, 201X 1, Vol. x, No. x, 201X 1

Trusted Logic Voting Systems with OASIS EML 4.0 (Election Markup Language)

Ballot Reconciliation Procedure Guide

Internet Voting: Experiences From Five Elections in Estonia

M-Vote (Online Voting System)

A Study on Ways to Apply the Blockchain-based Online Voting System 1

M-Polling with QR-Code Scanning and Verification

An Application of time stamped proxy blind signature in e-voting

Should We Vote Online? Martyn Thomas CBE FREng Livery Company Professor of Information Technology Gresham College

Electronic Voting For Ghana, the Way Forward. (A Case Study in Ghana)

Challenges and Advances in E-voting Systems Technical and Socio-technical Aspects. Peter Y A Ryan Lorenzo Strigini. Outline

Poll Worker Training. For Nebraska Elections

EXPERIENCING SMALL-SCALE E-DEMOCRACY IN IRAN. Mohsen Kahani Department of Computer Engineering,

A paramount concern in elections is how to regularly ensure that the vote count is accurate.

Voting Systems: From Art to Science 1RWH

Nevada Republican Party

Response to questions from the Speakers Commission on Digital Democracy regarding electronic voting

The Economist Case Study: Blockchain-based Digital Voting System. Team UALR. Connor Young, Yanyan Li, and Hector Fernandez

IMPLEMENTATION OF SECURE PLATFORM FOR E- VOTING SYSTEM

SECURE REMOTE VOTER REGISTRATION

Voting Protocol. Bekir Arslan November 15, 2008

The problems with a paper based voting

WHY, WHEN AND HOW SHOULD THE PAPER RECORD MANDATED BY THE HELP AMERICA VOTE ACT OF 2002 BE USED?

Democracy depends on losers accepting the results

I-A. Voting Systems As Part of Cyber Security Critical Infrastructure.

Arthur M. Keller, Ph.D. David Mertz, Ph.D.

Michigan Frequently Asked Questions TABLE OF CONTENTS

VOTERGA SAFE COMMISSION RECOMMENDATIONS

A Receipt-free Multi-Authority E-Voting System

Cryptographic Voting Protocols: Taking Elections out of the Black Box

An Introduction to Cryptographic Voting Systems

An untraceable, universally verifiable voting scheme

COMPUTING SCIENCE. University of Newcastle upon Tyne. Verified Encrypted Paper Audit Trails. P. Y. A. Ryan TECHNICAL REPORT SERIES

Subpart A General Provisions

E-Voting Solutions for Digital Democracy in Knowledge Society

FULL-FACE TOUCH-SCREEN VOTING SYSTEM VOTE-TRAKKER EVC308-SPR-FF

Uncovering the veil on Geneva s internet voting solution

Ad Hoc Voting on Mobile Devices

Aadhaar Based Voting System Using Android Application

Report of the National Workshop on Internet Voting: Issues and Research Agenda

Between Law and Technology: Internet Voting, Secret Suffrage and the European Electoral Heritage

Evaluation of Internet Voting Systems based on Requirements Satisfaction

Distributed Protocols at the Rescue for Trustworthy Online Voting

CHAPTER Committee Substitute for House Bill No. 7013

A homomorphic encryption-based secure electronic voting scheme

Act means the Municipal Elections Act, 1996, S.O. 1996, c.32 as amended. All references to sections in this procedure are references to the Act.

Referred to Committee on Legislative Operations and Elections. SUMMARY Revises provisions governing the administration of elections.

Large scale elections by coordinating electoral colleges

Smart Voting System using UIDAI

SAMPLE FORM a volunteer poll worker with the county registrar of voters; a licensee of the California Board of Accountancy;

PROCEDURES FOR THE USE OF VOTE COUNT TABULATORS

Transcription:

Secure Electronic Voting: New trends, new threats, new options Dimitris Gritzalis

7 th Computer Security Incidents Response Teams Workshop Syros, Greece, September 2003 Secure Electronic Voting: New trends, new threats, new options Dimitris Gritzalis Dept. of Informatics Athens University of Economics & Business & Data Protection Commission of Greece

What is electronic voting (system)? An electronic voting (e-voting) system is a voting system in which the election data is recorded, stored and processed primarily as digital information. Network Voting System Standards, VoteHere, Inc., April 2002 Voting Paper voting E-voting Paper ballots.. Punch cards Polling place voting Internet voting Precinct voting Kiosk voting Note: Traditional electronic voting is 132 years old! (T. Edison, Electrographic Vote Recorder, US Patent, 1869). 3

Do we need electronic voting systems*? They could lead to increased voter turnout (USA 2001: 59%, 18-24 yrs: 39%), thus supporting democratic process. They could give elections new potential (by providing ballots in multiple languages, accommodating lengthy ballots, facilitate early and absentee voting, etc.) thus enhancing democratic process. They could open a new market, thus supporting the commerce and the employment. * D. Gritzalis (Ed.), Secure Electronic Voting, Kluwer Academic Publishers, USA 2002. 4

Inherent gaps Technological gap: Disparity between expectations from software/hardware and the performance being delivered (security flaws, etc.). Socio-technical gap: Difference between social policies (laws, codes, etc.) and computer policies (procedures, functionalities, etc.). Social gap: Difference between social policies and human behavior (equipment misuse, etc.). 5

Opportunities for electronic voting Most countries believe that Internet voting will occur within the next decade. Internet voting options satisfy voter s desire for convenience. Internet voting can meet the voting needs of the physically disabled. Several countries are ready to try Internet voting for a small application immediately. Several countries are contemplating voting system replacement and are frustrated with the limited number of options available. Many countries are interested in touch screen systems. 6

Barriers to electronic voting Lack of common voting system standards across nations. Time and difficulty of changing national election laws. Time and cost of certifying a voting system. Security and reliability of electronic voting. Equal access to Internet voting for all socioeconomic groups. Difficulty of training election judges on a new system. Political risk associated with trying a new voting system. Need for security and election experts. 7

Time-sequence of a typical voting process* * E. Gerck, Private, secure, and auditable Internet voting, in D. Gritzalis (Ed.), Secure Electronic Voting, Kluwer Academic Publishers, USA 2002. 8

Generic voting principles Only eligible persons vote. No person gets to vote more than once. The vote is secret. Each (correctly cast) vote gets counted. The voters trust that their vote is counted. Internet Policy Institute, Report of the National Workshop on Internet Voting, March 2001 9

Voting systems design criteria* Authentication: Only authorized voters should be able to vote. Uniqueness: No voter should be able to vote more than once. Accuracy: Voting systems should record the votes correctly. Integrity: Votes should not be able to be modified without detection. Verifiability: Should be possible to verify that votes are correctly counted for in the final tally. Auditability: There should be reliable and demonstrably authentic election records. Reliability: Systems should work robustly, even in the face of numerous failures. * Internet Policy Institute, Report of the National Workshop on Internet Voting: Issues and Research Agenda, USA, March 2001. 10

Voting systems design criteria* Secrecy: No one should be able to determine how any individual voted. Non-coercibility: Voters should not be able to prove how they voted. Flexibility: Equipment should allow for a variety of ballot question formats. Convenience: Voters should be able to cast votes with minimal equipment and skills. Certifiability: Systems should be testable against essential criteria. Transparency: Voters should be able to possess a general understanding of the whole process. Cost-effectiveness:Systems should be affordable and efficient. * Internet Policy Institute, Report of the National Workshop on Internet Voting: Issues and Research Agenda, USA, March 2001. 11

Voting systems security requirements Voting Protocols and Schemes Inalterability Accuracy Completeness Soundness Security Requirements Democracy Eligibility Unreusability Privacy Robustness Verifiability Uncoercibility Fairness Verifiable participation System Wide Properties Walk-away Voter mobility Flexibility TRUSTED AUTHORITIES Karro Yes Yes Yes Yes Yes Cmp No Indi No Yes Yes Yes Yes ANONYMOUS VOTING Fujoka Yes Yes No Yes Yes Cmp No Opn No Yes No No Yes Yes Baraani Yes Yes Yes Yes Yes Cmp Yes Univ No Yes No Yes Yes Yes HOMOMORPHIC ENCRYPTION Schoenmakers Yes Yes Yes Yes Yes Cmp Yes Univ No Yes Yes Yes Yes No Hirt Yes Yes Yes Yes Yes Cmp Yes Indi Yes Yes Yes Yes No No Damgaard Yes Yes Yes Yes Yes Cmp Yes Univ No Yes Yes Yes Yes No Baudron Yes Yes Yes Yes Yes Cmp Yes Univ No Yes Yes Yes Yes No Privacy: Inf=Information-theoretical, Cmp=Computational Verifiability: Indi=Individual, Opn=Individual with open objection, Uni=Universal 12

Security voting systems technologies Cryptography Homomorphic encryption, digital signatures, blind signatures, Trusted Third Parties, digital certificates, etc.) Antiviral software Firewalls Biometrics Smart cards 13

A simple electronic voting model*: Generic description 1. the voter constructs an anonymous electronic ballot ; 2. the voter shows adequate proof of identity to the election authority; 3. the authority stamps the ballot after verifying that no other ballot has been stamped for this voter; 4. the voter anonymously inserts the ballot into an electronic mail box. Note: After the voting deadline passes, votes are counted and a database containing all ballots are made public. Anybody can verify that his/her vote is contained in the database. * R. Peralta, Issues, non-issues, and cryptographic tools for Internet-based voting, in D. Gritzalis (Ed.), Secure Electronic Voting, Kluwer Academic Publishers, USA 2002. 14

A simple electronic voting model: The ballot design ELECTION IDENTIFICATION VOTER S NONCE VOTE SIGNATURE OF ELECTION AUTHORITY The Election Identification is a long number, which identifies the specific election. The Voter s Nonce is a long number, which is kept secret and is different for each voter. The Vote Field is a short number, which denotes the confidential voter s selection(s). The Signature of Election Authority is a cryptographic signature of the other three fields. 15

DVS: An e-voting system architecture* * E. Gerck, Private, secure, and auditable Internet voting, in D. Gritzalis (Ed.), Secure Electronic Voting, Kluwer Academic Publishers, USA 2002. 16

DVS: Functionalities implementation table Modules Layer Sub-Modules Functions CPF (Central Processor & Firewall) LS (Local Server) EBS (Electronic Ballot Server) RBB (Remote Ballot Box) AL (Audit Logger) Central (Federal) Local (County) Group (State) Group Local Central, Group, Local Probe DVC Verifier Reverse Proxy Receipt Interface Log DVC Issuer Receipt Interface Log DVC Verifier Ballot Server Receipt Interface Log DVC Verifier Ballot Box Receipt Tally Audit Report Interface Log DVC Verifier Interface Log Probe and Protect Client Verify and Decrypt DVCs Provide Pass-Through Service Provide Notice of Receipt Interface with Client and other Modules Postmark and Register Events Issue and Encrypt DVCs; Register Voters Provide Notice of Receipt Interface with Client and other Modules Postmark and Register Events Verify and Decrypt DVCs Provide Ballot Views Protect Server and Client Provide Notice of Receipt Interface with Client and other Modules Postmark and Register Events Verify and Decrypt DVCs Receive Return Ballots Distribute Return Ballots Provide Notice of Receipt; Verify Voter Receipt Calculate Tally Audit Inputs & Outputs Report Results Interface with other Modules Postmark and Register Events Verify and Decrypt DVCs Interface with other Modules Postmark and Register Events 17

(Secure) Electronic voting: (instead of) Conclusions Rapidly emerging issue... Of a socio-technical nature... There are contradicting views... Several questions remain open... Context-dependent answers Security experts and skillful judges needed... Need for further experimentation In the meantime, complementary only... 18

Electronic voting technology: Things to remember* Voting is not like any other electronic transaction. There are two kinds of Internet voting: Polling place Internet voting, and remote Internet voting. Remote Internet voting is highly susceptible to voter fraud Remote Internet voting may erode our right to cast a secret ballot and lead to political coercion in the workplace. Remote Internet voting poses a threat to personal privacy. There is a huge politics and technology information gap. There is a generational technology gap. Changing technology is not enough; voter education is needed. Transparency in the voting process fosters voter confidence. Software used should be open to public inspection. * K. Alexander, Ten things I want people to know about voting technology, Democracy Online Project's National Task Force, National Press Club, Washington D.C., USA, January 18, 2001. 19

There is a debate still going on... The shining lure of this hype-tech voting schemes is only a technological fool s gold that will create new problems far more intractable than those they claim to solve P. Neumann (SRI), 2002 An Internet voting system would be the first secure networked application ever created in the history of computers B. Schneier (Counterpane), 2002 At least a decade of further research and development on the security of home computers is required before Internet voting from home should be contemplated R. Rivest (MIT), 2001 20

Looking for a moto Regarding electronic and Internet voting, between optimism and pessimism let s choose realism! 21

Bibliography 1. CALTECH-MIT Voting Technology project, Voting: What is, what could be, USA, 2001. 2. E-Voting Security Study, X/8833/4600/6/21, United Kingdom, 2002. 3. Gritzalis, D., Secure Electronic Voting, Springer, USA, 2003. 4. Gritzalis, D., Principles and requirements for a secure e-voting system, Computers & Security, vol. 21, no. 6, pp. 539-556, 2002. 5. Gritzalis, D., Katsikas, S., High level security policy guidelines, Studies in Health Technology and Informatics, pp. 164-188, December 1996. 6. Gritzalis, D., Kantzavelou, I., Katsikas, S., Patel, A., "A classification of health information systems security flaws", Proc. of the 11 th International Information Security Conference, pp. 453-464, Chapman & Hall, 1995. 7. Internet Policy Institute, Report of the National Workshop on Internet Voting, USA, 2001. 8. Lambrinoudakis, C., Gritzalis, D., Katsikas, S., Building a reliable e-voting system: Functional requirements and legal constraints, Proc. of the 13 th International Workshop on Database and Expert Systems Applications, pp. 435-446, 2002. 9. Mitrou, L., Gritzalis, D., Katsikas, S., Quirchmayr, G., Electronic voting: Constitutional and legal requirements, and their technical implications, in Secure Electronic Voting, Gritzalis, D. (Ed.), pp. 43-60, Springer, 2003. 10.Mitrou, L., Gritzalis, D., Katsikas, S., Revisiting legal and regulatory requirements for secure e-voting, Proc. of the 17 th IFIP International Information Security Conference, pp. 469-480, Kluwer Academic Publishers, 2002. 11.US Dept. of Defense, Voting Over the Internet Pilot Project Assessment Report, USA, 2001. 22

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback