Add to collection(s) Add to saved
  1. No category

Symmetric & Public Key Systems and E

advertisement 
Symmetric & Public Key Systems and E-Voting
The following is a set of exercises designed to grow your
understanding of the use of standard encryption in the design of
protocols.
1.
Criteria
A secure e-voting scheme has to have certain properties, while others are more
negotiable. The CESG security study lists four specific security objectives:
1. Effective Voter Registration.
2. Effective Voter Anonymity.
3. Effective Voter Confidentiality.
4. Effective System Registration.
The threads to e-voting can come from the following areas:
1. Denial of service attacks.
2. Viruses or malicious software could corrupt voting software installed on voter
equipment.
3. Hacking of servers could affect the integrity of the vote by breaking into
computer systems with the purpose to alter, copy, or damage data records and
software.
4. Limitations to the system’s capacity to cope with peak demand during the voting
period are purely based on the requirements set in the designing e-voting system
and the efficiency of the system provided by the commercial suppliers.
These criteria and threads show that there are wider issues than just the technical
problems of designing a good protocol. Nevertheless, we will concentrate on potential evoting protocols. We evaluate them according to the following criteria:
1. Only authorized voters can vote.
2. No one can vote more than once.
3. No one can determine for whom anyone else voted. (This prevents selling of
votes.)
4. No one can duplicate anyone’s vote. (This prevents selling of votes.)
5. No one can change anyone’s vote without being discovered.
6. Every voter can make sure that his vote has been taken into account in the final
tabulation.
There are sometimes additional requirements such as
7. Everyone knows who voted and who did not.
Figure out how each of the following protocols do with regards to these criteria and
propose simple remedies if this is possible.
2.
Protocols with a single, central tabulating facility
(CTF)
2.1.
Protocol 1
Each voter encrypts his vote with the public key of the CTF and sends it to it. The CTF
then decrypts the vote and tabulates it.
2.2.
Protocol 2
Each voter receives a public / private key pair from the CTF when registering. Each
voter encrypts his vote with his public key and sends it to the CTF. The CTF decrypts
the vote and tabulates it.
2.3.
Protocol 3
Each voter receives a public / private key pair from the CTF when registering. The CTF
keeps the key pairs secret. Each voter encrypts his vote with his private key and sends it
to the CTF. The CTF decrypts the vote with the public key contained in a database and
tabulates it.
2.4.
Protocol 4
Each voter receives a public / private key pair from the CTF when registering. The CTF
keeps the key pairs secret. Each voter signs his vote by encrypting a hash of the vote
with his private key. She then encrypts her vote with the CTF public key and sends both
vote and signature to the CTF. The CTF decrypts the vote, checks the signature, checks
off the voter in a database, and then tabulates the result. It publishes the voter list and the
results separately.
3.
Improvements
We can improve on these schemes using two favorite devices. The first is blind
signatures. Recall that a message m is a string of message blocks (m1, m2, m3, … mN)
where all message blocks have the same length. We can assume that message blocks are
numbers in some sense, e.g. elements of a Galois field. The message m is then a vector in
the Galois field and we can multiply such a vector with a scalar. To obtain a blinded
signature from Bob, Alice multiplies her document with a random scalar a. She then
sends the document to Bob, who signs it. If Alice gives the signature, the blinding scalar,
and the document, she can prove that she handed it to Bob.
Question: How secure is this.
Blind signatures are given to notaries, who do not know what they are signing. However,
to prevent cheating, one can use the following trick. Alice wants to have her document
signed by Bob. She prepares several sets of documents and blinds them all. Bob picks
one document to sign, but checks that all the others are O.K. (For this, Alice needs to
reveal her signatures.) In this manner, Bob can be prevented to see the document that he
actually signs.
The second ingredient is to break the CTF into several parts.
Related documents
Mississippi Summer 50 Years Later, Ken Abrams
Mississippi Summer 50 Years Later, Ken Abrams
Print out our flier to share it with family and friends.
Print out our flier to share it with family and friends.
what type of jobs were women in each group likely to hold
what type of jobs were women in each group likely to hold
Politics Learning Log 18th May 2015
Politics Learning Log 18th May 2015
Presidents_speech_AGM2012 - Canadian Teachers` Federation
Presidents_speech_AGM2012 - Canadian Teachers` Federation
March on Washington for Jobs and Freedom
March on Washington for Jobs and Freedom
Political Beliefs and Behaviors
Political Beliefs and Behaviors
Voter Registration: How To, FAQs, and Tips (PowerPoint)
Voter Registration: How To, FAQs, and Tips (PowerPoint)
Document
Document
opt diagram
opt diagram
Download
advertisement