rui joaquim, [email protected] paulo ferreira, paulo ...€¦ · election “xpto” candidates:...
TRANSCRIPT
-
Rui Joaquim, [email protected]
Paulo Ferreira, [email protected]
Carlos Ribeiro, [email protected]
Verifiable Voting Schemes Workshop, form Theory to Practice, Luxembourg, 21-22/03/2013
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]
-
Motivation
Goals
Technical options
The voter’s perspective
EVIV protocol “details”
Conclusions and future work
2
-
“In theory, theory and practice are the same.
“In practice, they are not.”
― Albert Einstein
3
http://www.goodreads.com/author/show/9810.Albert_Einstein
-
trade offs
◦ usability vs privacy/coercion, verifiability, …
◦ assumptions vs real world
◦ adaptations to specific voting needs
4
-
End-to-end verifiability
“Weak” verifiability assumptions
◦ The election servers are not trusted
◦ The voter’s computer is not trusted
◦ Immunity to any system’s components collusion
◦ Voter has access to trustworthy information (Bulletin Board)
Protect the voter’s privacy from:
◦ The vote casting computer
◦ The election servers
Simple voter interaction
5
-
6
-
End-to-end verifiability
◦ MarkPledge voter verifiable encryption
◦ Verifiable homomorphic vote tally
◦ Trustworthy bulletin board
Code voting protocol
◦ Protects the voter’s privacy
◦ Adds some additional protection against a malicious vote client
7
-
Vote Encryption
Candidate Encrypted vote
Alice {NOvote}
Bob {NOvote}
Charles {NOvote}
Dharma {YESvote (PZ8R)}
Vote receipt verification
e
Select candidate (Dharma) a Voter
b
Ballot Creator
Bulletin Board
Vote Receipt
Candidate Verification code
Alice 46R9
Bob QE41
Charles KNSY
Dharma PZ8R
challenge
Create vote encryption
Pledge confirmation code (PZ8R) b
Random challenge c
d
Create vote receipt
Public verification
f
Verifiers
Trusted to preserve the voter’s privacy.
The order of steps (b) and (c) is essential to prevent vote manipulation.
The knowledge of the confirmation code reveals the voter’s vote.
-
10
-
11
Voter Enrollment Service
Voter’s credentials
Voter Security Token Candidate list
VST
-
12
Voter
Do you want to register to vote online on election “XPTO”?
Yes No
-
13
Voter
13
Do you want to register to vote online on election “XPTO”?
YES
You are registered.
Use the following code card to vote and verify your vote:
Code Card
Confirmation Code
PZ8R
Candidate Vote code
Alice KPLE
Bob 49UI
Charles ZXA8
Dharma RCP3
-
14
Voter
14
Election “XPTO”
Candidates: Alice Bob Charles Dharma
Select your candidate:
Code Card
Confirmation Code
PZ8R
Candidate Vote code
Alice KPLE
Bob 49UI
Charles ZXA8
Dharma RCP3
-
15
Voter
15
Election “XPTO”
Candidates: Alice Bob Charles Dharma
Select your candidate: RCP3
Vote receipt:
Submit vote :
Code Card
Confirmation Code
PZ8R
Candidate Vote code
Alice KPLE
Bob 49UI
Charles ZXA8
Dharma RCP3
Yes No
Vote Receipt 123
Candidate Verification code
Alice 46R9
Bob QE41
Charles KNSY
Dharma PZ8R
-
16
Voter
Election Bulletin Board
Code Card
Confirmation Code
PZ8R
Candidate Vote code
Alice KPLE
Bob 49UI
Charles ZXA8
Dharma RCP3
Vote Receipt 123
Candidate Verification code
Alice 46R9
Bob QE41
Charles KNSY
Dharma PZ8R
-
17
-
Voter Ballot Vote Receipt
~~~~
~~~~
Bulletin Board
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
EVIV
18
-
Voter Ballot Vote Receipt
~~~~
~~~~
Election key
Bulletin Board
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Candidate list
1
EVIV
19
-
Voter
Voter Ballot Vote Receipt
~~~~ ~~~~
~~~~ ~~~~
Election key
Bulletin Board
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Election Registrar
VST
Ballot
Ballots
Candidate list
PC
1 2
EVIV
20
2
Ballot
NOvote NOvote YESvote NOvote
-
Voter
Voter Ballot Vote Receipt
~~~~ ~~~~
~~~~ ~~~~
Election key
Bulletin Board
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Election Registrar
VST
Ballot
Ballots
Candidate list
PC
1 2
Code Card
3
EVIV
21
Code Card
Confirmation Code
PZ8R
Candidate Vote code
Alice KPLE
Bob 49UI
Charles ZXA8
Dharma RCP3
-
Voter
Voter Ballot Vote Receipt
~~~~ ~~~~
~~~~ ~~~~
Election key
Election challenge
Bulletin Board
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Election Registrar
VST
Code Card Ballot
Ballots
Trustees
Election challenge
Candidate list
PC
3
1 2
4
EVIV
22
-
Voter
Voter Ballot Vote Receipt
~~~~ ~~~~ ~~~ ~~~~
~~~~ ~~~~ ~~~ ~~~~
Election key
Election challenge
Bulletin Board
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Election Registrar
VST
Code Card Ballot
Ballots
Trustees
Election challenge
Ballot Box
Voter
VST
Vote code
Vote and receipt
Receipt
Received votes and receipts
Candidate list
PC
PC
3
1 2
4 5
EVIV
23
-
Voter
Voter Ballot Vote Receipt
~~~~ ~~~~ ~~~ ~~~~
~~~~ ~~~~ ~~~ ~~~~
Election key
Election challenge
Tally: A – 234 votes B – 215 votes
Bulletin Board
Independent Organization Verification Service
Verification of the
published data
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Election Registrar
VST
Code Card Ballot
Ballots
Trustees
Election challenge
Ballot Box
Voter
VST
Vote code
Vote and receipt
Receipt
Received votes and receipts
Trustees
Anonymous vote tally
computation
Voter
Cast-as-intended verification
Candidate list
PC
PC
3
1 2
4 5
Election integrity (verifiability) assumptions: - One honest trustee (challenge generation) - One honest verification organization
Privacy assumptions: - Honest threshold of trustees (key holders) - Honest VST -Code Card only known to the voter and her VST until the vote is cast (honest Code Card printing PC).
EVIV
24
-
25
-
EVIV
◦ Internet end-to-end voter verifiable system
◦ Simple voter verification (a simple match of short text strings)
◦ Resistance to system components collusion
◦ Protect the voter’s privacy from the vote casting PC
(by integrating MarkPledge with code voting)
Future work
◦ Coercion
◦ Complex ballots
◦ Usability
26
-
Rui Joaquim, Paulo Ferreira and Carlos Ribeiro
EVIV: An end-to-end verifiable Internet voting system Computers & Security, 2013, 32, pp. 170 - 191
27
-
Voter
Voter Ballot Vote Receipt
~~~~ ~~~~ ~~~ ~~~~
~~~~ ~~~~ ~~~ ~~~~
Election key
Election challenge
Tally: A – 234 votes B – 215 votes
Bulletin Board
Independent Organization Verification Service
Verification of the
published data
1 – Voter enrollment phase 2 – Election registration phase
3 – Vote casting phase 4 – Public verification and vote counting phase
Voter Enrollment Service
Voter’s credentials
Voter’s VST
VST
Voter enrollment
list
Trustees
Election public key
Election Registrar
VST
Code Card Ballot
Ballots
Trustees
Election challenge
Ballot Box
Voter
VST
Vote code
Vote and receipt
Receipt
Received votes and receipts
Trustees
Anonymous vote tally
computation
Voter
Cast-as-intended verification
Candidate list
PC
PC
3
1 2
4 5
EVIV
28
Question?
-
29