多媒體網路安全實驗室
A Practical Voting Scheme Using
One Server with a Secure
Coprocessor
Date：2010.12.26
Reporter: Chien-Wen Huang
出處: ICIC Express Letters Volume 3, Number 3, September 2009

多媒體網路安全實驗室
Outline
1
2
Introduction
The Requirements of E-Voting System
An Innovative Practical E-Voting Scheme
The Analysis of the Proposed Scheme
Conclusions
2

多媒體網路安全實驗室
Introduction
 Voting is common in our daily life, from electing the president to selecting committees of certain organizations .
 PIR: which hides the real purpose of inquiry of the user by querying K servers.
 Smith et al. used a secure coprocessor (SC) in their PIR solution.
 SC: is a temper-proof device with small memory; it is designed to prevent anybody from accessing its memory.
3

4
多媒體網路安全實驗室

多媒體網路安全實驗室
The Requirements of E-Voting System
1.
Eligibility: Only eligible voters are permitted to cast their ballots.
2.
Privacy: There is no association between voter’s identification and a marked ballot .
3.
Uniqueness: No voter can cast his ballot more than once.
4.
Completeness: A voter’s ballot cannot be altered, and all valid ballots are counted correctly.
5.
Fairness: No one can affect the result of voting.
5

多媒體網路安全實驗室
6.
Verifiability: Voters can verify that their ballots are counted correctly.
7.
Robustness: A voting scheme will be successful regardless of partial failure due to a malicious voter.
8.
Uncoercibility: Bribery is prevented because no voter can prove to others what he or she voted.
9.
Efficiency: The computations can be performed efficiently.
10.
Mobility
6

多媒體網路安全實驗室
An Innovative Practical E-Voting
Scheme
7

多媒體網路安全實驗室
 tamper-proof device:the information can not be detected or distorted by the server or anyone else.
 Database 1 stores the roster,identification(ID) and personal information of all voters.
 Database 2 stores the encrypted voter’s identification (ID'), a marked ballot (vote') , and the encrypted voting information (C) .
8

多媒體網路安全實驗室
 the following notations are used in the description
PK
SC
: the public key of SC
SK
SC
: the secret key of SC
PK
V
: the public key of the voter
SK
V
: the secret key of the voter
ID: the voter’s identification
ID': the encrypted voter’s identification (by hash function)
ST : the temporal storage for gotten ballot identification stored by secure coprocessor
9

多媒體網路安全實驗室
Vote: the blank ballot
Vote': the marked ballot (voted by the voter)
M: the secret message of voter’s identification information
M': the secret message of voter’s identification created by SC
C: the secret message of voting created by voters
S: the secret message of unverified ballot created by voter
10

多媒體網路安全實驗室
S': the verified message of ballot created by SC
E: the error message of verified ballot created by
SC
11

多媒體網路安全實驗室
Authentication Phase
Sign
V
=E
SKv
( ID )
Sign
SC
驗證正確表示 已收到
12

Voting Phase
多媒體網路安全實驗室
 Then, it verifies Sign
V
; if it is correct, it saves
ID' and C of the voter into Database 2
13

多媒體網路安全實驗室
Announcement Phase
 Step8:Decrypted ID’ in C is compared to the identificatio n ID’ ( 之前 HASH 的部分 )
14

Verification Phase
多媒體網路安全實驗室
C = ID’ ,Sign
Compare
V
,Vote’
Sign
V
,Vote’
 All eligible voters can get their own ( ID', C) from bulletin board system.
 If the person is the qualified voter and C is the same as in Database 2,then decrypt C .
15

多媒體網路安全實驗室
The Analysis of the Proposed Scheme
1.
Eligibility: SC verifies the voter’s identification
ID.
2.
Privacy:The voter’s identification ID' and voted ballot Vote' are encrypted by the public key
PK
SC of SC.
3.
Uniqueness: Because the voter’s ID is verified by SC, anyone will not be able to transmit repeated identification (ID) to vote twice .
16

多媒體網路安全實驗室
4.
Completeness: Although the voters’ ballots are stored in Database 2, encrypted by PK
SC
.
C =( Vote', ID',Sign
V
)are
5.
Fairness: Any illegal voter cannot pass the roster’s authentication procedure by SC (he cannot forge Sign
V of a legal voter.)
6.
Verifiability: When SC acquires S , it can decrypt S to obtain Vote', Sign
V
, ID' and C.
7.
Robustness: voter’s ID is verified by SC and no one can know any eligible voter’s voting information .
17

多媒體網路安全實驗室
8.
Uncoercibility: all voters can acquire their own
( ID', C) from bulletin board system and their ballots are verified by SC.
9.
Efficiency: This e-voting scheme is suitable for small-scale area; it can run smoothly in present server performance and internet environment.
10.
Mobility: The voters can vote through the proposed e-voting scheme at any place where they have access to the internet.
18

多媒體網路安全實驗室
Conclusions
 An innovative and practical e-voting scheme is presented for small-scale elections
 The scheme can protect voters’ personal privacy and offer secure processes throughout every phrase of an election.
 The voting scheme has practical value because of its low cost, high efficiency, and strong security
19

多媒體網路安全實驗室