1 / 30

An Architecture For Electronic Voting

An Architecture For Electronic Voting. Master Thesis Presentation Clifford Allen McCullough Department of Computer Science University of Colorado at Colorado Springs October 30, 2012. Outline. The Need for an E-Voting System Related Work US Voluntary Voting System Guidelines

brant
Download Presentation

An Architecture For Electronic Voting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Architecture ForElectronic Voting Master Thesis Presentation Clifford Allen McCullough Department of Computer Science University of Colorado at Colorado Springs October 30, 2012

  2. Outline The Need for an E-Voting System Related Work US Voluntary Voting System Guidelines Existing Solutions Proposed Architecture A Demonstration System Performance Comparisons Lessons Learned Future Work Summary An Architecture for Electronic Voting by Clifford Allen McCullough

  3. I. The Need for an E-Voting System Business Board of Directors Student class president US citizens overseas US military overseas An Architecture for Electronic Voting by Clifford Allen McCullough

  4. Related Work A Survey of Internet Voting (EAC Voting System Testing and Certification Division, 2011) VVSG (EAC VVSG Vol I, 2010), (EAC VVSG Vol II, 2010) A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE) (Jefferson D. D., Rubin, Simons, & Wagner, 2004) Implementing a Paillier Threshold Cryptography Scheme as a Web Service (Wilson, 2006) An Architecture for Electronic Voting by Clifford Allen McCullough

  5. II. US Voluntary Voting System Guidelines (VVSG) Security Accuracy Error Recovery Integrity Vote Tabulation Casting a Ballot Accessibility Independent Verification System (EAC VVSG Vol I, 2010) An Architecture for Electronic Voting by Clifford Allen McCullough

  6. III. Existing Solutions • Commercial web-based voting systems are available • (MotionVoter, 2011) • (Vote-Now) • Secure Electronic Registration and Voting Experiment (SERVE) (Jefferson D. D., Rubin, Simons, & Wagner, 2004) • Security Peer Review Group (SPRG) (Defense, 2007) An Architecture for Electronic Voting by Clifford Allen McCullough

  7. IV. Proposed Architecture Design Requirements General Schema The System Architecture Paillier Cryptography An Architecture for Electronic Voting by Clifford Allen McCullough

  8. Design Requirements • VVSG (EAC VVSG Vol I, 2010) • Information Assurance general rules • Minimize the attack surface • Mitigate the vulnerabilities • A Survey of Internet Voting (EAC Voting System Testing and Certification Division, 2011) An Architecture for Electronic Voting by Clifford Allen McCullough

  9. General Schema • Should not be centralized • Precinct level is best • County level is good • Greatest vulnerability are from insider attacks • Denial of service • Keep control of the ballot, server-centric • Publish the web application An Architecture for Electronic Voting by Clifford Allen McCullough

  10. The System Architecture Voting-Server Voter Authentication Issue Presentation Verify the Ballot Casting the Ballot Mutual Authentication An Architecture for Electronic Voting by Clifford Allen McCullough

  11. System Diagram Linux OS Linux OS Windows OS Pre-election 1 Deploy public key 2 Start services Election 3 Login, retrieve public key 4 Vote 5 Cast the ballot to both Tally servers Post election 6 Retrieve ballots, check, and decrypt totals (3, 4, 5) (2, 5, 6) (3, 5) (1, 2, 3) (1, 6) An Architecture for Electronic Voting by Clifford Allen McCullough

  12. Paillier Cryptography • Block Paillier (Paillier, 1999) • Exponential • Encrypt: • Decrypt: • Homomorphic • Blinding • Generalized Paillier (Damgard & Jurik, December 2000) An Architecture for Electronic Voting by Clifford Allen McCullough

  13. V. A Demonstration System A 32-bit development and demonstration system, a.k.a Ignis A 64-bit demonstration system on UCCS EAS Data Center Cloud, eVote resource pool, a.k.a Prometheus An Architecture for Electronic Voting by Clifford Allen McCullough

  14. Ignis 32-bit Development System An Architecture for Electronic Voting by Clifford Allen McCullough

  15. Prometheus 64-bit Demonstration System An Architecture for Electronic Voting by Clifford Allen McCullough

  16. Election Preparation • Generate public and private keys • Private key is stored as Shamir shared secret shares (Shamir, November, 1979) • Total of 7 shares, quorum of 4 officials • Deploy the public key • Start the services An Architecture for Electronic Voting by Clifford Allen McCullough

  17. Casting a Ballot • Several lines of Comma Separated Values (CSV) • One or two lines per issue • Precinct number may be added • Issue number • Check box array or write-in • Paillier block count • Generalized Paillier encrypted information An Architecture for Electronic Voting by Clifford Allen McCullough

  18. Sample Ballot An Architecture for Electronic Voting by Clifford Allen McCullough

  19. Post Election • Collect the tally information from the redundant servers • Compare redundant collections • Tally files should match • Decrypt using Shamir secret shares (Shamir, November, 1979) • Quorum of 4 officials is required • Decrypt issue accumulations • Individually decrypt write-ins An Architecture for Electronic Voting by Clifford Allen McCullough

  20. VI. Performance Comparisons Cryptographic Methods Cryptographic Key Generation Block Paillier vs. Generalized Paillier Ballot Casting An Architecture for Electronic Voting by Clifford Allen McCullough

  21. Encrypt and Decrypt Times Table 1. DES, AES, and ElGamal Methods Table 2. Block Paillier Method An Architecture for Electronic Voting by Clifford Allen McCullough

  22. Block vs Generalized Paillier Encrypt Decrypt Time Table 3. Block Paillier Method Table 4. Generalized Paillier Method An Architecture for Electronic Voting by Clifford Allen McCullough

  23. Block vs Generalized Paillier Encrypt Decrypt Time Figure 5. Block Paillier Method Figure 6. Generalized Paillier Method An Architecture for Electronic Voting by Clifford Allen McCullough

  24. Key Generation Times Table 5. DES and AES Key Generation Table 6. ElGamal Key Generation Table 7. Paillier Key Generation An Architecture for Electronic Voting by Clifford Allen McCullough

  25. Key Generation Times Figure 7. ElGamal Key Generation Figure 8. Paillier Key Generation An Architecture for Electronic Voting by Clifford Allen McCullough

  26. VII. Lessons Learned • Freeware • Documentation not always current • Problems persist through several updates • Internet Forums • Good source of information and help • No response to difficult questions • Using Multiple Programing Languages • Transferring data between program and DLL • Passing values between libraries is problematic An Architecture for Electronic Voting by Clifford Allen McCullough

  27. VIII. Future Work Redundancy Secret Share Encryption and Decryption Error Handling and Logging Ballot Generation Ballot and Multi-lingual Database Quorum Administrator Login An Architecture for Electronic Voting by Clifford Allen McCullough

  28. IX. Summary Developing an Election Assistance Commission compliant voting system is a significant undertaking SERVE objective too much too soon Much future work available The demonstration system is a proof of concept An Architecture for Electronic Voting by Clifford Allen McCullough

  29. Demonstration Generate and load a key Initialize services Vote Collect the tally Decrypt the tally An Architecture for Electronic Voting by Clifford Allen McCullough

  30. References • Damgard, I. B., & Jurik, M. J. (December 2000). A Generalisation, a Simplification and some Applications of Paillier'sProbabilstic Public-Key System. Basic Research in Computer Science, RS-00-45. • Defense, D. o. (2007). Expanding the Use of Electronic Voting Technology for UOCAVA Citizens. Department of Defense. • EAC Voting System Testing and Certification Division. (2011). A Survey of Internet Voting. Washington, DC 20005. • EAC VVSG Vol I. (2010). Voluntary Voting System Guidelines Volume I. Retrieved August 24, 2012, from United States Election Assistance Commission: http://www.eac.gov/testing_and_certification/voluntary_voting_system_guidelines.aspx • EAC VVSG Vol II. (2010). Voluntary System Guidelines Volume II. Retrieved August 24, 2012, from United States Election Assistance Commission: http://www.eac.gov/testing_and_certification/voluntary_voting_system_guidelines.aspx • Jefferson, D. D., Rubin, D. A., Simons, D. B., & Wagner, D. D. (2004). A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE). • Jefferson, D., Rubin, A., & Simons, B. (2007, June 13). The new report in response to the May 2007 DoD report on Voting Technologies for UOCAVA Citizens. Retrieved March 04, 2012, from http://www.servesecurityreport.org/ • MotionVoter. (2011). Retrieved March 6, 2012, from http://www.motionvoter.com/ • Paillier, P. (1999). Public-Key Cryptosystems Based on Composite Degree ResiduosityClases. Advances in Cryptology - Eurocrypt '99, pp. 223-238. • Shamir, A. (November, 1979). How to Share a Secret. Communications of the ACM, 612-613. • Vote-Now. (n.d.). Retrieved March 6, 2012, from https://secure.vote-now.com/ An Architecture for Electronic Voting by Clifford Allen McCullough

More Related