Your SlideShare is downloading. ×
0
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Christian bull eVoting
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Christian bull eVoting

335

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
335
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. E-voting: An Acceptable Risk? Project CSO Christian Bull
  • 2. Background
  • 3. Background…or not. We don’t have time for that!
  • 4. Remote Voting Over The Internet
  • 5. Legal requirements for remote e-voting• The secrecy of the ballot can not be compromised!• Secrecy is retained by implementing the following: – Allowing unlimited re-voting – Votes cast in a controlled environment always supersede those cast uncontrolled (paper votes may supersede electronic votes) – An e-voting system that does not reveal or retain any connection between voter and vote – A good authentication mechanism – E-voting only in the advance voting period – Remote voting only as a supplement to paper voting
  • 6. A quick overview of the solution - Log on - Submit vote E-voting system Receipt codePolling card
  • 7. How does the system know who I am?
  • 8. Authentiwhat?• When you turn up at the polling station, you are required to identify yourself.• Only since 2007 have you been required to produce an ID-card.• This is analogous to the process of authentication to a computer system, for instance using an eID.
  • 9. Important properties of a good eID• It must be obvious to the user that this is an identity document.• A voter should not be tempted to sell his voting credentials. – It must have other uses than just e-voting. – These other uses must be familiar and of value to the voter
  • 10. The Challenges of Remote e- voting• Auditability / transparency to the lay person• The buying and selling of votes• Coercion / family voting• Home computer security• Anonymity of the vote• Attacks scale
  • 11. The Challenges of Remote e- voting• Auditability / transparency to the lay person• The buying and selling of votes• Coercion / family voting• Home computer security• Anonymity of the vote
  • 12. Transparent e-voting?• Complete openness and transparecy in all aspects of the project• Available source code – Unfourtunately cryptography is really, really hard.• Cryptographic proofs of correctness – Even the voter gets one – The good thing about crypto is that it’s all just maths• Logging of all system events
  • 13. Transparent e-voting?• Obviously open source won’t make the system understandable to ”everyone”• …and extensive use of esoteric cryptography makes things worse…• ..but at least the lay person can choose which expert to trust.• Besides, paper voting really isn’t that easy to understand either!
  • 14. Communicating the crypto protocol• The cryptographer behind it is working on a conceptual description which should be understandable for anyone with high school maths• Amongst other things, we will try to integrate the protocol into maths education in high school.
  • 15. The Challenges of Remote e- voting• Auditability / transparency to the lay person• The buying and selling of votes• Coercion / family voting• Home computer security• Anonymity of the vote
  • 16. Buying and selling of votes• In practice this doesn’t scale• The seller can re-vote – Receipt for all cast votes, not only the final• Votes submitted from a polling station will supersede any vote cast remotely• Buyer would have to control seller’s eID – Would require the voter to give up a lot more than his vote
  • 17. The Challenges of Remote e- voting• Auditability / transparency to the lay person• The buying and selling of votes• Coercion / family voting• Home computer security• Anonymity of the vote
  • 18. Coercion/family voting• The coerced can re-vote – Receipt for all cast votes, not only the final• Votes submitted from a polling station will supersede any vote cast remotely• The system will never divulge that a previous vote has allready been recorded• If you accept that bastards are evenly distributed across the political spectrum, this doesn’t scale either.
  • 19. The Challenges of Remote e- voting• Auditability / transparency to the lay person• The buying and selling of votes• Coercion / family voting• Home computer security• Anonymity of the vote
  • 20. Encryption and storage of the vote
  • 21. Conceptual model Distribution of secrets Vote Voting Internet AdministrativeVoter Collection system client Server Return Code Air gap Vote verification Generator Mix and count M of N key shares from parties with competing interests
  • 22. ”Cleansing service” Counting e-votes Parti A 2 Parti B 1 Decryption service Mixing service

×