280 likes | 608 Views
Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services. Master Project Defense Hakan Evecek. Outline of the Talk. Introduction Document overview prepared for this project. Related Work Paillier Threshold Cryptography (PTC) PTC Web Services
E N D
Applying MESE processestoImproveOnline E-Voting Prototype System with PTC Web Services Master Project Defense Hakan Evecek Hakan Evecek/SE2Evote
Outline of the Talk • Introduction • Document overview prepared for this project. • Related Work • Paillier Threshold Cryptography (PTC) • PTC Web Services • Online E-Voting System • Suggested Improvement • Encryption/Decryption Optimization • User Interface • Future Directions • Conclusion Hakan Evecek/SE2Evote
Introduction The online E-Voting system generated within this project was based on an idea put forward in the ‘Future Suggestions’ section of the Master’s Thesis of Mr. Brett Wilson. (http://cs.uccs.edu/~gsc/pub/master/bswilson/doc/) As a result, augmentation of the demo application for PTC Web Services was undertaken. 5/29/2007 Hakan Evecek/SE2Evote 3
Continued… Scope of E-Voting: • The world is heading in this direction as currently many nations and large companies are seeking E-Voting solutions. • Similar to manual voting - only much faster and cheaper, however • Is the voter confident with the process? • Can Administrators monitoring verify that one vote is recorded for each voter? • How trustable is the tally process? • Is it socially acceptable? Hakan Evecek/SE2Evote
E-Voting Requirements • Basic requirements for electronic voting • Privacy – All votes should be kept secret • Completeness – All valid votes should be counted correctly • Soundness – Any invalid vote should not be counted • Unreusability – No voter can vote twice • Eligibility – Only authorized voters can cast a vote • Fairness – Nothing can affect the voting Hakan Evecek/SE2Evote
E-Voting Requirements • Extended Requirements for electronic voting • Robustness – faulty behavior of any reasonably sized coalition of participants can be tolerated. In other words, the system must be able to tolerate to certain faulty conditions and must be able to manage these situations. • Universal Verifiability – any party can verify the result of the voting • Receipt-freeness – Voters are unable to prove the content of his/her vote • Incoercibility – Voter cannot be coerced into casting a particular vote by a coercer. Hakan Evecek/SE2Evote
The categorization of voting system Hakan Evecek/SE2Evote
MESE Processes Applied for Online E-Voting System Project Proposal and Plan Software Requirements Document (SRS) Software Design Specification (SDS) Testing Document Defects List Project Report Hakan Evecek/SE2Evote
Related Work Some of the Encryption Schemes • Goldwasser-Micali Scheme (1984) It is probabilistic cryptography. Their scheme has the ability to encrypt the same text in many different ways without changing the modulus. It is very slow compared to the other schemes. • Blum-Goldwasser Scheme (1985) This scheme is comparable in speed to another public key scheme, RSA. Unfortunately it is not as robust as RSA. • The Paillier cryptosystem (1999) • a probabilistic asymmetric algorithm for public key cryptography. A given cleartext message can be encrypted into any one of a very large set of possible encryption values • homomorphic • deterministic Hakan Evecek/SE2Evote
Continued… Uses of Paillier Cryptography Electronic Voting Anonymous Mix Nets (due to self-blinding property) Electronic Auctions Electronic Lotteries Damgard-Jurick Scheme (2000) Just a modification of Paillier's scheme. It is also called Generalized Paillier System. It allows a user to increase the size of the encrypted value. Like Paillier it is probabilistic and homomorphic. 5/29/2007 Hakan Evecek/SE2Evote 10
Continued… Homomorphic Encryption A special type of cryptography in which the sum of two encrypted values is equal to the encrypted sum of the values. Public Key Cryptography Asymmetric cryptography, is a form of cryptography in which each user will have a key that didn’t have to be kept secret. Threshold Cryptography A cryptographic function can be distributed amongst several participants in such a way that the operation can be performed only through cooperation of a specified subset of the participants. In addition, if less than the required number of participants’ attempts to perform the action, no useful information can be constructed or obtained.
Cryptographic Techniques Implemented by Brett Wilson to PTC Web Services Continued… • Paillier CryptoSystem [15] • Trapdoor Discrete Logarithm Scheme • c = gMrn mod n2 • n is an RSA modulus (modulus of 2 safe primes) • Safe prime - p = 2q + 1 where q is also prime • g is an integer of order nα mod n2 • r is a random number in Zn* • M = L(cλ(n) mod n2)/L(gλ(n) mod n2) mod n • L(u) = (u-1)/n, λ(n)=lcm((p-1)(q-1)) • Important Properties • Probabilistic (randomness of E(M)) • Homomorphic • E(M1 + M2) = E(M1) x E(M2), E(k x M) = E(M)k • Self-blinding • D(E(M) rn mod n2 )= m Hakan Evecek/SE2Evote
Cryptographic Techniques Implemented • Threshold Encryption [15] • Public key encryption as usual • Distribute secret key “shares” among i participants • Decryption can only be accomplished if a threshold number t of the i participants cooperate • No information about m can be obtained with less than t participants cooperating • Shamir Secret Sharing • Lagrange Interpolation formula • f(X) = Σti=0 aiXi • a0 is secret, ai are random, f(X) are “secret shares” • X is share index (1 to number of servers) • If enough f(X) available it is possible to recover a0 Hakan Evecek/SE2Evote
Operation of E-Voting System [15] 2. SOAP/XML Request for PTC Parameters 5. Paillier Public Key 3. SOAP/XML Response containing RSA encrypted PTC Parameters 6. Paillier Encrypted Vote 8. Partial Decryption Shares of Vote Tally/Proofs of Correct Decryption 4. RSA Encrypted Secret Key Shares • Election Authorities • RSA Public Keys 7. Paillier Encrypted Vote Tally 5/29/2007 Hakan Evecek/SE2Evote 14
User Login Page Assumed that users has registered previously and has secure login credentials provided. Admin Users Voters Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) Hakan Evecek/SE2Evote
Admin Page Election Creation Ballot Creation Tally Vote Encryption/Decryption Generate Safe Prime Numbers Hakan Evecek/SE2Evote
Election Form 5/29/2007 18 Hakan Evecek/SE2Evote
Continued… 5/29/2007 Hakan Evecek/SE2Evote 19
Ballots Form 5/29/2007 Hakan Evecek/SE2Evote 20
Voter Page • Voter can access to the elections and complete the voting process. • Automatically loads the voting page. • Allows vote, then doesn’t allow user to vote again Hakan Evecek/SE2Evote
Database Schema Hakan Evecek/SE2Evote
Suggested Key Generation, Encryption/Decryption Optimization • Safe Prime Numbers Pre-Computation Process. • Chinese Remainder Theorem to calculate p,q separately and then multiply for n. • Paillier Scheme Pre-Computation for decryption. Hakan Evecek/SE2Evote 23
Results • 128 bit Encryption • 256 bit Encryption Hakan Evecek/SE2Evote 24
Lessons Learned • The SE processes applied in this project has set precedence which can be used for the future projects. • Ensure that the SRS, SDS and test documents can be easily modified and any future enhancements can be made with ease. • Security issues involved in E-voting systems. • CRT is a very useful theorem that can be applied on other theorems to improve the efficiency and increase the speed of the computations. • Pre-computation is always an improvement to the systems as long as they are designed and architected properly like running a thread on the background to generate prime numbers in this case. • Setting up read/write access permissions for the folders is important in ASP .Net. It is very important to follow the processes on this setup. • Certificate registration and confirmation requires additional processes for the internet solutions. Hakan Evecek/SE2Evote 25
Future Direction • Implement the suggested CRT improvement into the code. • Implement constant value pre-computation for decryption process. • Fix XML solution in the code. • Add more web application security protocols and processes. • Implement registration and voter identity verification process. • Authenticity of election parameters/ballots not currently guaranteed • Implement signing of election parameters/ballots by admin Hakan Evecek/SE2Evote
Conclusion • Encryption parameters creation process improvements with the application of pre-computation to the web services. • Alternate processes are also available to improve the efficiency further, such as: CRT Theorem, applying pre-computation to other constants in the Paillier’s scheme and also using 3rd scheme instead of the 1st scheme as explained in many researches. • The online E-Voting system with Paillier Cryptosystem Web Services implemented in this project brings a more secure e-voting environment one step closer. • Online E-Voting systems need to be considered as an enterprise solution when security, from the registration till the end of the Tally process, is to be considered. Hakan Evecek/SE2Evote 27
References [1] http://cris.joongbu.ac.kr/publication/evoting_implementation-APIEMS2004.pdf Implementation issues in a secure e-voting schemes, Riza Aditya, Byoungcheon Lee, Colin Boyd and Ed Dawson. [3] http://www.cs.virginia.edu/~pev5b/writing/academic/thesis/thesis.html Vote Early, Vote Often, and VoteHere: A Security Analysis of VoteHere, Philip E. Varner, May 11, 2001. [5] http://www.trustycom.fr/pdf/FoPoSt00.pdf P. Fouque, G. Poupard, J.Stern, Sharing Decryption in the Context of Voting or Lotteries, Financial Cryptography 2000 Proceedings. [6] http://www.captcha.net/ , the Official CAPTCHA web site. [7] http://www.vote.caltech.edu/reports/alv-nag_loyola.pdf R. Michael Alvarez, Jonathan Nagler, The Likely consequences of Internet Voting for Political Representations. [15] B. Wilson, C. E. Chow, Paillier Threshold Cryptography Web Service User’s Guide, University of Colorado – Colorado Springs Master’s Project, 2006. [16]http://www.cs.rit.edu:8080/ms/static/spr/2005/4/kar1141/report.pdf , Progress on Probabilistic Encryption Schemes, Kert Richardson, July 2006. [17] http://www.cs.umd.edu/~jkatz/THESES/staub.pdf.gz An Analysis of Chaum’s voter-verifiable election scheme, Julie Ann Staub, 2005 [18] http://www.brics.dk/RS/00/45/BRICS-RS-00-45.pdf Ivan Damgard and Mads J. Jurik, A Generalization, a Simplification and Some Applications of Paillier’s Probabilistic Public-Key System, PKC 2001. [ [20] http://www.rsa.com/rsalabs/cryptobytes/CryptoBytes_January_2002_final.pdf CryptoBytes, Dan Boneh, Hovav Shacham, Spring 2002. [21] http://www.gemplus.com/smart/rd/publications/pdf/Pai99pai.pdf Public-Key CryptoSystems Based on Composite Degree Residuosity Classes, Pascal Paillier, 1999 [22] http://en.wikipedia.org/wiki/Paillier_cryptosystem , Paillier Crytosystem from Wikipedia, the free encyclopedia. Hakan Evecek/SE2Evote