1 / 13

Cryptanalysis on Mu – Varadharajan's e-voting schemes

This paper critiques Mu-Varadharajan's e-voting schemes that claim to protect voter anonymity, detect double voting, and authenticate voters. The analysis reveals the failures in these schemes, including the ease with which the authority can identify the owner of a cast ballot and the possibility of voting more than once without detection or authentication.

fhager
Download Presentation

Cryptanalysis on Mu – Varadharajan's e-voting schemes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptanalysis on Mu–Varadharajan's e-voting schemes Source: Applied Mathematics and Computation, Vol 139, Issue 2-3, July, 2003, pp. 525-530 Author: Hung-Yua Chien, Jinn-Ke Jan, Yuh-Min Tseng Speaker: Chang-Chu Chen Date: 10/13/2004

  2. Outlines • Introduction • Review • Proposed scheme • Conclusions

  3. Mu and Varadharajan claimed protect voter’s anonymity detect double voting authenticate the voters This paper show the failures the authority can easily identify the owner of a cast ballot a valid voter or any one can vote more than once without being detected any one can forge ballot without being authenticated Introduction  Y. Mu, V. Varadharajan, Anonymous secure e-voting over a network. Proceedings of the 14th Annual Computer Security Applications Conference, CACSAC’98, 1998, pp. 293–299.

  4. Structure of proposed scheme Certificate Authority CA 1 1 1 1 Ticket Counting Server Authentication Server AS VS TCS 5 3 Voting Servers 4 2 Vi Voter

  5. Notations : RSA public key : secret key : public key certificate issued by CA contain Vis identity, public key, serial number, valid period, CAs signature, etc.

  6. Goal : AS will authenticate an eligible voter Vi and issues him an anonymous voting ticket. Review: phase 1anonymous ticket acquiring Voter Vi AS b: blind factort: timestamp p: large prime verify CertVi and ASdatabase

  7. Review: phase 1 (cont.)anonymous ticket acquiring Voter Vi m: voting intention get k2 by decrypt x3  voting ticket

  8. Review: phase 2voting and ticket collecting • Goal :Vi can cast the voting ticket T to VS over the network. T Voter Vi VS TCS get T TCSdatabase VSdatabase

  9. Review: phase 3tickets counting • Goal :TCS checks whether there exists a double-voting. TCSdatabase

  10. Cryptanalysis 1 • Failure of protecting voter’s anonymity from

  11. Cryptanalysis 2 • Authenticated voter vote more than once without being detected from where let then

  12. Cryptanalysis 3 • Forging valid anonymous tickets without being authenticated attacker choose k1,k2,r satisfy get then can pass VS and TCS

  13. Conclusions • Mu and Varadharajan fail • protect voter’s anonymity • detect double voting • authenticate the voters

More Related