140 likes | 337 Views
Code Voting. A simple way to prevent automatic vote manipulation at voter’s computer Rui Joaquim IPL / INESC-ID. Introduction. Why do we need Internet Voting? Because it is a solution to some special mobility needs, e.g. emigrants, abroad military. Internet voting main issue.
E N D
Code Voting A simple way to prevent automatic vote manipulation at voter’s computer Rui Joaquim IPL / INESC-ID
Introduction • Why do we need Internet Voting? • Because it is a solution to some special mobility needs, e.g. emigrants, abroad military. Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Internet voting main issue • The voter votes in an uncontrolled environment, therefore: • Vulnerable to vote buying and coercion. • Allow voter to recast a new vote. • Vulnerable to automatic vote manipulation, e.g. by a virus. • Use an external channel to confirm the vote. • Use trusted computing technology. • Use of candidate codes. Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Main idea • Have a trusted component of the voting system at client side. • Voter Card (smartcard). • Create a secure and human usable channel to enable secure communications between the voter and the Voter Card. • Adaptation of the candidate codes concept. Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Provide secure voter’s authentication. • Translates the candidate code on the Code Card to a concrete vote and encrypts it. • The Code Card has the candidate codes and confirmation codes that assure to the voter that every thing is right with the voting protocol. • Untrusted voter’s PC that mediate the interaction between the voter, the election server and the Voter Card. Voter Card • Election server(s) that collect the votes and perform the vote count. Code Card Architecture components overview Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Code Card Code Card Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Voting procedure (1/4) • First the application running on the voter’s PC (APP) displays the ballot to the voter. Election for the Most Important Figure in Security A - Alice B - Bob C - Eavesdropper D - Attacker Enter your option code: Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Voting procedure (2/4) • The voter chooses her favorite candidate using the corresponding code on her Code Card. Election for the Most Important Figure in Security A - Alice B - Bob C - Eavesdropper D - Attacker Enter your option code: WL764 Code Card Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Voting procedure (3/4) • Then the voter confirms her choice with the confirmation code. Election for the Most Important Figure in Security A - Alice B - Bob C - Eavesdropper D - Attacker Selected option code: WL764 Insert vote confirmation code: AW39F8BV Code Card Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Voting procedure (4/4) • Finally, the Voter Card translates the candidate code to a concrete vote on the chosen candidate, encrypts the vote and sends it to the election server and confirms the delivery with the “confirmed vote delivery code”. Election for the Most Important Figure in Security A - Alice B - Bob C - Eavesdropper D - Attacker Selected option code: WL764 Vote confirmation code: AW39F8BV Confirmed vote delivery code: 6HKG2Q75 Code Card Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Achievements • Using the candidate codes concept we: • Have a simple voter’s interaction. • Prevent automatic vote manipulation. • Keep the vote secret to the client application. • Keep the vote secret to the server application. • Allow the use of cryptographic voting protocols that protect the election’s integrity at server side. • Only requires smartcard technology that is already being used in Internet voting systems. Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Code Card Future work • Large candidate lists • Redesign the concept of the Code Card to allow the easy use of Code Voting solution on elections with large candidate lists. • Simultaneous elections • Prevent blind votes by APP in the case of simultaneous elections. • Code Card reuse • Collecting the codes use in prior elections it is possible to cast a blind vote. Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Code Card II Code Card Election for the Most Important Figure in Security 18747 - Alice 39448 - Bob 23745 - Eavesdropper 83653 - Attacker Enter your option code: VNTMU Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07
Conclusions • Code Voting is simple and pluggable solution that allows a secure interaction between the voter and the voting system therefore, allowing for a more secure Internet Voting. • Questions? Dagstuhl - Frontiers of Electronic Voting 29.07.07 - 03.08.07