Kickoff Meeting „E-Voting Seminar“
An Introduction to
Cryptographic Voting Systems
Prof. Andreas Steffen
Hochschule für Technik Rapperswil
[email protected]
A. Steffen, 17.09.2009, Kickoff.pptx 1
Cryptographic Voting Systems
Summary of my talk:
•
Due to repeated failures and detected vulnerabilities in both
electro-mechanical and electronic voting machines, voters have
somehow lost faith that the outcome of a poll always represents
the true will of the electorate.
•
Even more uncertain is electronic voting over the Internet which
is potentially prone to coercion and vote-selling (this doesn‘t
seem to be an issue in Switzerland).
•
Manual counting of paper ballots is not really an option in the
21st century and is not free from tampering either.
•
Modern cryptographic voting systems allow true end-to-end
verification of the complete voting process by any individual
voter, without sacrificing secrecy and privacy.
A. Steffen, 17.09.2009, Kickoff.pptx 2
Losing Trust in Electronic Voting Systems
2006 - The Morning Call:
Voter smashes DRE in
Allentown with metal cat
2006 - Princeton study on Diebold DRE:
Hack the vote? No problem
2006 - Dutch ES3B voting machines:
Hacked to play chess
March 3 2009 - Germany:
Bundesverfassungsgericht
bans unverifiable E-voting
A. Steffen, 17.09.2009, Kickoff.pptx 3
E-Voting in my home town Schlieren
Hidden PIN
„Internet-based voting does not have to
be more secure as voting per snail mail“
Justice Department of the Canton of Zurich
A. Steffen, 17.09.2009, Kickoff.pptx 4
[In]Security Features
???
Protection from
Man-in-the-Middle
attacks
A. Steffen, 17.09.2009, Kickoff.pptx 5
E-Voting Website
A. Steffen, 17.09.2009, Kickoff.pptx 6
Voter Login
A. Steffen, 17.09.2009, Kickoff.pptx 7
Ballot (PHP Form)
A. Steffen, 17.09.2009, Kickoff.pptx 8
E-Voting in my home town Schlieren
PIN
A. Steffen, 17.09.2009, Kickoff.pptx 9
Voter Authentication
A. Steffen, 17.09.2009, Kickoff.pptx 10
Transmission Receipt
A. Steffen, 17.09.2009, Kickoff.pptx 11
Conclusion
So what?
„You are not allowed to know. The exact transaction
processing is kept secret due to security reasons“
Justice Department of the Canton of Zurich
A. Steffen, 17.09.2009, Kickoff.pptx 12
Traditional Chain-of-Custody Security
Software Verification
Sealing
Tallying
Verification by proxy only
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 13
Desirable: End-to-End Verification by Voter
Secrecy?
Privacy?
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 14
End-to-End Auditable Voting System (E2E)
•
Any voter can verify that his or her ballot is included
unmodified in a collection of ballots.
•
Any voter (and typically any independent party
additionally) can verify [with high probability] that the
collection of ballots produces the correct final tally.
•
No voter can demonstrate how he or she voted to any
third party (thus preventing vote-selling and coercion).
Source: Wikipedia
A. Steffen, 17.09.2009, Kickoff.pptx 15
Solution: Cryptographic Voting Systems
Threshold Decryption
Mixnet
A
A
B
C
B
C
ElGamal / Paillier
Tamper-Proof
Bulletin Board
Source: Ben Adida, Ph.D. Thesis 2006
Homomorphic
Tallying
A. Steffen, 17.09.2009, Kickoff.pptx 16
Proposed E2E Systems
•
•
•
•
•
Punchscan by David Chaum.
•
Helios by Ben Adida (http://www.heliosvoting.org/)
Prêt à Voter by Peter Ryan.
Scratch & Vote by Ben Adida and Ron Rivest.
ThreeBallot by Ron Rivest (paper-based without cryptography)
Scantegrity II by David Chaum, Ron Rivest, Peter Ryan et al.
(add-on to optical scan voting systems using Invisible Ink)
A. Steffen, 17.09.2009, Kickoff.pptx 17
Scratch & Vote Ballot
Perforation
Randomized
candidate list
Obama
Encryptpk(256, r1)
None
Encryptpk(20 , r2)
McCain
Encryptpk(228, r3)
2D barcode
ElGamal or Paillier
Public Key Encryption
Scratch surface
Source: Ben Adida, Ph.D. Thesis 2006
r1
r2
r3
Random Key
A. Steffen, 17.09.2009, Kickoff.pptx 18
Homomorphic Counters
256
00...01 00...00 00...00
One vote for Obama
228
00...00 00...01 00...00
One vote for McCain
20
00...00 00...00 00...01
One vote for None
Obama McCain
None
00...10 00...01 00...00
Tallying Counter
Multiplication of all encrypted votes with Tallying Counter
accumulates votes in the candidates‘ counters in encrypted form.
Total number of registered U.S. voters < 228 (28 bits)
1024 bit Paillier Public Key Cryptosystem could handle 35 candidates
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 19
Pre-Voting Verification I
McCain
None
Obama
Obama
None
McCain
Vote
Valerie the Voter
Source: Ben Adida, Ph.D. Thesis 2006
Audit
A. Steffen, 17.09.2009, Kickoff.pptx 20
Pre-Voting Verification II
McCain
None
None
Obama
Obama
Obama
None
McCain
McCain
r1 r2 r3
Vote
Valerie the Voter
Source: Ben Adida, Ph.D. Thesis 2006
Audit
A. Steffen, 17.09.2009, Kickoff.pptx 21
Casting the Ballot I
McCain
Obama

None
Valerie the Voter
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 22
Casting the Ballot II
McCain
Obama
None

Ed the
Election Official
Valerie the Voter
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 23
Casting the Ballot III
Optical
Scanner

Ed the
Election Official
Keep as
a receipt
Valerie the Voter
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 24
Post-Voting Verification
Web Bulletin Board
Valerie
Vanessa


Victor


Valerie the Voter
Source: Ben Adida, Ph.D. Thesis 2006
A. Steffen, 17.09.2009, Kickoff.pptx 25
Tally and Decryption of Final Result
Obama McCain
None
00...10 00...01 00...00
Threshold decryption with
shared private key
Web Bulletin Board
Valerie
Vanessa


Victor

Democrats
Republicans
Homomorphic Addition
0101101...11100100011
Independents
Source: Ben Adida, Ph.D. Thesis 2006
Encrypted tallying counter
A. Steffen, 17.09.2009, Kickoff.pptx 26
Conclusion
•
Modern Cryptographic Voting Systems allow true end-to-end
verification of the whole voting process by anyone while
maintaining a very high level of secrecy.
•
Due to the advanced mathematical principles they are based on,
Cryptographic Voting Systems are not easy to understand and are
therefore not readily accepted by authorities and the electorate.
•
But let‘s give Cryptographic Voting Systems a chance!
They can give democracy a new meaning in the 21st century!
A. Steffen, 17.09.2009, Kickoff.pptx 27