1 / 12

Secure Remote Voting System - Designed for Easy Implementation and Verification

This remote voting system, based on Prêt à Voter and coded by David Lundin and Johannes Clos, aims to be end-to-end verifiable and easy to set up, maintain, and use. The design offloads authentication to the host organization and uses publicly available mix servers. While it has limitations like unsupervised voting and lack of coercion resistance, it provides a practical approach to remote voting.

wtabitha
Download Presentation

Secure Remote Voting System - Designed for Easy Implementation and Verification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A remote voting systembased on Prêt à Votercoded byDavid LundinJohannes Clos

  2. Design goals • End-to-end verifiable (if...)‏ • Offload authentication to host organization • Easy to set up, maintain and use • Use publicly available mix servers (when...)‏

  3. Limitations • Unsupervised voting • No coercion resistance • No guarantee of response from server • Someone has to authenticate users • We use host organization (could use our server)‏ • Some parts not quite complete • Threshold decryption • SSL certificates (time/money)‏

  4. Operational overview

  5. Election setup phase • Create election on EE • Don't declare voters! • Retrieve shared secret • Retrieve signed applet • Integrate host auth

  6. Client authentication phase • Voter logs on normally • Host serves applet • PHP script gets authentication information

  7. Voting phase • Vote using applet • Applet encrypts vote • ElGamal encryption • Ciphertexts à la [Hea07] • Packaged as XML • Committed to • Audit or vote • Vote sent back to host • Host signs XML • Sent back to ee.com • Signed receipt given

  8. Auditing

  9. Voting and auditing • Voting applet • constructs XML • reveals XML and hash • offers vote or audit • Voter then can either • audit, and uncover details of encryptions • vote, and get signed hash • Audit gives confidence in applet's fairness

  10. Decryption/tallying after polls close • Use mix nets • PRC to audit mixes • Anyone can audit • Public mix servers • Votes decrypted • Threshold decryption • CP proofs • Anyone can check • Lazily decrypt (STV)‏ • Anyone can tally

  11. Auditing the mix nets • A mix net • re-encrypts votes • randomly shuffles • Twice, with PRC • Links chosen by hash of output • Can be re-run

  12. Conclusion • Pretty much plug-and-play • Any organization hosting a web site can use • End-to-end verifiable • ...on various seemingly unavoidable assumptions

More Related