A Usable Android Application Implementing Distributed Cryptography For Election Authorities

Although many electronic voting protocols have been proposed, their practical application faces various challenges. One of these challenges is, that these protocols require election authorities to perform complex tasks like generating keys in a distributed manner and decrypting votes in a distributed and verifiable manner. Although corresponding key generation and decryption protocols exist, they are not used in real-world elections for several reasons: The few existing implementations of these protocols and their corresponding interfaces are not designed for people with non technical background and thus not suitable for use by most election authorities. In addition, it is difficult to explain the security model of the protocols, but legal provisions generally require transparency. We implemented a smartphone application for election authorities featuring distributed key generation and verifiable distributed decryption of votes. In addition, we prepared education material throughout based on formulated metaphors for election authorities in order to explain the security of the application. We evaluated the usability of the application and understanding of the underlying security model, concluding that the application is usable for non-experts in computer science. While the participants were able to carry out the tasks, it became clear, that they did not have a clear understanding of the underlying security model, despite having viewed our educational material. We suggest improvements to this material as future work

Cryptographic Protocols for Privacy Enhancing Technologies: From Privacy Preserving Human Attestation to Internet Voting

Desire of privacy is oftentimes associated with the intention to hide certain aspects of our thoughts or actions due to some illicit activity. This is a narrow understanding of privacy, and a marginal fragment of the motivations for undertaking an action with a desired level of privacy. The right for not being subject to arbitrary interference of our privacy is part of the universal declaration of human rights (Article 12) and, above that, a requisite for our freedom. Developing as a person freely, which results in the development of society, requires actions to be done without a watchful eye. While the awareness of privacy in the context of modern technologies is not widely spread, it is clearly understood, as can be seen in the context of elections, that in order to make a free choice one needs to maintain its privacy. So why demand privacy when electing our government, but not when selecting our daily interests, books we read, sites we browse, or persons we encounter? It is popular belief that the data that we expose of ourselves would not be exploited if one is a law-abiding citizen. No further from the truth, as this data is used daily for commercial purposes: users’ data has value. To make matters worse, data has also been used for political purposes without the user’s consent or knowledge. However, the benefits that data can bring to individuals seem endless and a solution of not using this data at all seems extremist. Legislative efforts have tried, in the past years, to provide mechanisms for users to decide what is done with their data and define a framework where companies can use user data, but always under the consent of the latter. However, these attempts take time to take track, and have unfortunately not been very successful since their introduction. In this thesis we explore the possibility of constructing cryptographic protocols to provide a technical, rather than legislative, solution to the privacy problem. In particular we focus on two aspects of society: browsing and internet voting. These two events shape our lives in one way or another, and require high levels of privacy to provide a safe environment for humans to act upon them freely. However, these two problems have opposite solutions. On the one hand, elections are a well established event in society that has been around for millennia, and privacy and accountability are well rooted requirements for such events. This might be the reason why its digitalisation is something which is falling behind with respect to other acts of our society (banking, shopping, reading, etc). On the other hand, browsing is a recently introduced action, but that has quickly taken track given the amount of possibilities that it opens with such ease. We now have access to whatever we can imagine (except for voting) at the distance of a click. However, the data that we generate while browsing is extremely sensitive, and most of it is disclosed to third parties under the claims of making the user experience better (targeted recommendations, ads or bot-detection). Chapter 1 motivates why resolving such a problem is necessary for the progress of digital society. It then introduces the problem that this thesis aims to resolve, together with the methodology. In Chapter 2 we introduce some technical concepts used throughout the thesis. Similarly, we expose the state-of-the-art and its limitations. In Chapter 3 we focus on a mechanism to provide private browsing. In particular, we focus on how we can provide a safer, and more private way, for human attestation. Determining whether a user is a human or a bot is important for the survival of an online world. However, the existing mechanisms are either invasive or pose a burden to the user. We present a solution that is based on a machine learning model to distinguish between humans and bots that uses natural events of normal browsing (such as touch the screen of a phone) to make its prediction. To ensure that no private data leaves the user’s device, we evaluate such a model in the device rather than sending the data over the wire. To provide insurance that the expected model has been evaluated, the user’s device generates a cryptographic proof. However this opens an important question. Can we achieve a high level of accuracy without resulting in a noneffective battery consumption? We provide a positive answer to this question in this work, and show that a privacy-preserving solution can be achieved while maintaining the accuracy high and the user’s performance overhead low. In Chapter 4 we focus on the problem of internet voting. Internet voting means voting remotely, and therefore in an uncontrolled environment. This means that anyone can be voting under the supervision of a coercer, which makes the main goal of the protocols presented to be that of coercionresistance. We need to build a protocol that allows a voter to escape the act of coercion. We present two proposals with the main goal of providing a usable, and scalable coercion resistant protocol. They both have different trade-offs. On the one hand we provide a coercion resistance mechanism that results in linear filtering, but that provides a slightly weaker notion of coercion-resistance. Secondly, we present a mechanism with a slightly higher complexity (poly-logarithmic) but that instead provides a stronger notion of coercion resistance. Both solutions are based on a same idea: allowing the voter to cast several votes (such that only the last one is counted) in a way that cannot be determined by a coercer. Finally, in Chapter 5, we conclude the thesis, and expose how our results push one step further the state-of-the-art. We concisely expose our contributions, and describe clearly what are the next steps to follow. The results presented in this work argue against the two main claims against privacy preserving solutions: either that privacy is not practical or that higher levels of privacy result in lower levels of security.Programa de Doctorado en Ciencia y Tecnología Informática por la Universidad Carlos III de MadridPresidente: Agustín Martín Muñoz.- Secretario: José María de Fuentes García-Romero de Tejada.- Vocal: Alberto Peinado Domíngue

Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation

Abstract-Despite advances in security engineering, authentication in applications such as email and the Web still primarily relies on the X.509 public key infrastructure introduced in 1988. This PKI has many issues but is nearly impossible to replace. Leveraging recent progress in verifiable computation, we propose a novel use of existing X.509 certificates and infrastructure. Instead of receiving & validating chains of certificates, our applications receive & verify proofs of their knowledge, their validity, and their compliance with application policies. This yields smaller messages (by omitting certificates), stronger privacy (by hiding certificate contents), and stronger integrity (by embedding additional checks, e.g. for revocation). X.509 certificate validation is famously complex and errorprone, as it involves parsing ASN.1 data structures and interpreting them against diverse application policies. To manage this diversity, we propose a new format for writing application policies by composing X.509 templates, and we provide a template compiler that generates C code for validating certificates within a given policy. We then use the Geppetto cryptographic compiler to produce a zero-knowledge verifiable computation scheme for that policy. To optimize the resulting scheme, we develop new C libraries for RSA-PKCS#1 signatures and ASN.1 parsing, carefully tailored for cryptographic verifiability. We evaluate our approach by providing two real-world applications of verifiable computation: a drop-in replacement for certificates within TLS; and access control for the Helios voting protocol. For TLS, we support fine-grained validation policies, with revocation checking and selective disclosure of certificate contents, effectively turning X.509 certificates into anonymous credentials. For Helios, we obtain additional privacy and verifiability guarantees for voters equipped with X.509 certificates, such as those readily available from some national ID cards

Individual verifiability in electronic voting

This PhD Thesis is the fruit of the job of the author as a researcher at Scytl Secure Electronic Voting, as well as the collaboration with Paz Morillo, from the Department of Applied Mathematics at UPC and Alex Escala, PhD student. In her job at Scytl, the author has participated in several electronic voting projects for national-level binding elections in different countries. The participation of the author covered from the protocol design phase, to the implementation phase by providing support to the development teams. The thesis focuses on studying the mechanisms that can be provided to the voters, in order to examine and verify the processes executed in a remote electronic voting system. This work has been done as part of the tasks of the author at the electronic voting company Scytl. Although this thesis does not talk about system implementations, which are interesting by themselves, it is indeed focused on protocols which have had, or may have, an application in the real world. Therefore, it may surprise the reader by not using state of the art cryptography such as pairings or lattices, which still, although providing very interesting properties, cannot be efficiently implemented and used in a real system. Otherwise, the protocols presented in this thesis use standard and well-known cryptographic primitives, while providing new functionalities that can be applied in nowadays electronic voting systems. The thesis has the following contents: A survey on electronic voting systems which provide voter verification functionalities. Among these systems we can find the one used in the Municipal and Parliamentary Norwegian elections of 2011 and 2013, and the system used in the Australian State of New South Wales for the General State Elections in 2015, in which the author has had an active participation in the design of their electronic voting protocols. A syntax which can be used for modeling electronic voting systems providing voter verifiability. This syntax is focused on systems characterized by the voter confirming the casting of her vote, after verifying some evidences provided by the protocol. Along with this syntax, definitions for the security properties required for such schemes are provided. A description of the electronic voting protocol and system which has been used in 2014 and 2015 elections in the Swiss Canton of Neuchâtel, which has individual verification functionalities, is also provided in this thesis, together with a formal analysis of the security properties of the scheme and further extensions of the protocol. Finally, two new protocols which provide new functionalities respect to those from the state of the art are proposed: A new protocol providing individual verifiability which allows voters to defend against coertion by generating fake proofs, and a protocol which makes a twist to individual verifiability by ensuring that all the processes executed by the voting device and the remote server are correct, without requiring an active verification from the voter. A formal analysis of the security properties of both protocols is provided, together with examples of implementation in real systems.Aquesta tesi és fruit de la feina de l'autora com a personal de recerca a la empresa Scytl Secure Electtronic Voting, així com de la col·laboració amb la Paz Morillo, del departament de matemàtica aplicada a la UPC, i el Alex Escala, estudiant de doctorat. A la feina a Scytl, l'autora ha participat a varis projectes de vot electrònic per a eleccions vinculants a nivell nacional, que s'han efectuat a varis països. La participació de la autora ha cobert tant la fase de disseny del protocol, com la fase de implementació, on ha proveït suport als equips de desenvolupament. La tesi estudia els mecanismes que es poden proporcionar als votants per a poder examinar i verificar els processos que s'executen en sistemes de vot electrònic. Tot i que la tesi no parla de la implementació dels sistemes de vot electrònic, sí que s'enfoca en protocols que han tingut, o poden tenir, una aplicació pràctica actualment. La tesi té els continguts següents: Un estudi en sistemes de vot electrònic que proporcionen funcionalitats per a que els votants verifiquin els processos. Entre aquests sistemes, trobem el que es va utilitzar a les eleccions municipals i parlamentàries a Noruega als anys 2011 i 2013, així com el sistema utilitzat a l'estat Australià de New South Wales, per a les eleccions generals de 2015, sistemes en els que l'autora ha participat directament en el diseny dels seus protocols criptogràfics. La tesi també conté una sintaxi que es pot utilizar per modelar sistemes de vot electrònic que proporcionen verificabilitat individual (on verifica el votant). Aquesta sintaxi s'enfoca en sistemes caracteritzats pel fet de que el votant confirma la emissió del seu vot un cop ha verificat unes evidències sobre ell, proporcionades pel protocol. A més de la sintaxi, es proporcionen definicions de les propietats de seguretat d'aquestts sistemes. La tesi també conté una descripció del sistema i protocol de vot electrònic que s'utilitza al cantó Suís de Neuchâtel a partir del 2014, el qual té funcionalitats per a que els votants verifiquin certs processos del sistema. La tesi a més conté un anàlisi de la seguretat de l'esquema, així com possibles extensions del protocol. Finalment, la tesi inclou dos protocols nous que proporcionen noves característiques i funcionalitats respecte als existents a l'estat de l'art de la tècnica. El primer permet a un votant defendre's de un coaccionador generant proves falses, i el segon fa un canvi de paradigma de la verificabilitat individual, de forma que el votant no ha de verificar certs processos per a saber que s'han efectuant correctament. La tesi inclou un anàlisi formal de les propietats de seguretat dels dos protocols, així com exemples de com podrien ser implementats en un escenari real.Postprint (published version

Remote electronic voting: studying and improving Helios

Dissertação de mestrado em Engenharia InformáticaA former North American President once said that the ballot is stronger than the bullet. In fact, the most civilized and organized way for a people express their opinion is by voting. However, there are people with bad intentions that affect voting and elections, being normal situations of coercion, collusion, fraud or forgery that disturb and cause alterations in the outcome of a vote. Thus, it becomes necessary to find ways to protect the voters, through vote secrecy and transparency, so that in end of a voting, democracy and justice prevail. Since the secret ballot papers until the electronic voting machines, passing through punched cards, technology in voting systems is evolving to ensure a greater security in elections, as well as greater efficiency, lower costs and other characteristics wanted in this type of systems. Nowadays, remote electronic voting is seen as the ultimate goal to achieve. The difficulty of developing such system is to ensure that it meets all the security requirements without infringing each other and without compromising the usability of the system itself. Thus, cryptography becomes an essential tool for obtaining security and integrity on electronic voting systems. This master thesis focuses on the world of electronic voting, in particular, the remote electronic voting. The objective is to find a system of this kind, with real world applications, to be studied and analyzed in a security point of view. Hence, we made a research on voting and, more deeply, a research on electronic voting schemes, in order to learn how to conceive it, which include the different stages that compose an election, types of voting and the entities involved, and what requirements to fulfill, both the security and functional. Because cryptography is used in most schemes, a detailed study was also performed on the primitives most common in protocols of electronic voting. However, there are not many schemes that pass from theory to practice. Fortunately, we found Helios, a well known scheme that implements various cryptographic techniques for everyone, under certain assumptions, be able to audit polls conducted with this system. A study was performed in order to explain how it was constructed and to identify its strengths and weaknesses. We also present some ongoing work by different people to improve Helios. Finally, we propose improvements on our own, to fight against coercion, to decrease the levels of assumptions and overcome corruption issues. Furthermore, we propose measures to protect the virtual voting booth and a mobile application to cast votes.Um antigo Presidente norte americano disse um dia que o voto é 'mais forte que a bala. De facto, a forma mais civilizada e organizada de um povo exprimir as suas opiniões é através de votações. Infelizmente, também este mundo é afectado por pessoas com más intenções, sendo normais as situações de coação, conluio, fraude ou falsificação que perturbam e causam alterações no resultado de urna votação. Assim, torna-se necessário arranjar formas de proteger os votantes, através de segredo de voto e transparência, de forma que, no final, a democracia e justiça de uma votação prevaleçam. Desde dos boletins de papel secreto até às máquinas de voto electrónico, passando pelas punched cards, a tecnologia em sistemas de votação vem evoluindo de modo a garantir uma maior segurança em eleições, assim como maior eficiência, menor custos e outras características que se querem neste tipo de sistemas. Nos dias de hoje, o voto electrónico remoto é visto como o grande objectivo a cumprir. A grande dificuldade de se desenvolver tal sistema é garantir que o sistema cumpra todos os requisitos de segurança sem que se violem entre si e sem que isso prejudique a usabilidade do sistema em si. Assim, a criptografia torna-se uma ferramenta essencial para se obter segurança e integridade em sistemas de voto electrónico. Esta tese de mestrado foca-se no mundo do voto electrónico, mais especificamente o voto electrónico remoto. O grande objectivo seria arranjar um sistema desse tipo, que tivesse aplicação real, para ser estudado e analisado do ponto de vista de segurança. Fez-se então uma pesquisa necessária sobre votações e, mais aprofundada, uma sobre esquemas de voto electrónico, de modo a aprender como se concebem, tanto as fases que a constituem como as entidades que normalmente fazem parte, e quais os requisitos a cumprir, tanto os funcionais como os de segurança. Como a criptografia entra em grande parte dos esquemas, também um estudo aprofundado foi realizado sobre as primitivas mais comuns em protocolos de voto electrónico. No entanto, não existem muitos esquemas que passem da teoria à prática. Felizmente, encontrou-se o Helios, um sistema que põe em prática diversas técnicas criptográficas para que qualquer pessoa, dentro de certas assumpções, possa auditar votações conduzidas por este sistema, ficando a privacidade nas mãos do Helios. Um estudo foi realizado de modo a explicar como foi construído e identificar os seus pontos fortes e fracos. Também são apresentados alguns trabalhos em curso sobre este sistema. Finalmente, propõem-se outros tipos de melhoramentos que visam: combater coação, diminuir o nível das assumpções e ultrapassar problemas de corrupção. Propõem-se ainda medidas para proteger a cabine virtual de votação e uma aplicação móvel

On Security and Privacy for Networked Information Society : Observations and Solutions for Security Engineering and Trust Building in Advanced Societal Processes

Our society has developed into a networked information society, in which all aspects of human life are interconnected via the Internet — the backbone through which a significant part of communications traffic is routed. This makes the Internet arguably the most important piece of critical infrastructure in the world. Securing Internet communications for everyone using it is extremely important, as the continuing growth of the networked information society relies upon fast, reliable and secure communications. A prominent threat to the security and privacy of Internet users is mass surveillance of Internet communications. The methods and tools used to implement mass surveillance capabilities on the Internet pose a danger to the security of all communications, not just the intended targets. When we continue to further build the networked information upon the unreliable foundation of the Internet we encounter increasingly complex problems,which are the main focus of this dissertation. As the reliance on communication technology grows in a society, so does the importance of information security. At this stage, information security issues become separated from the purely technological domain and begin to affect everyone in society. The approach taken in this thesis is therefore both technical and socio-technical. The research presented in this PhD thesis builds security in to the networked information society and provides parameters for further development of a safe and secure networked information society. This is achieved by proposing improvements on a multitude of layers. In the technical domain we present an efficient design flow for secure embedded devices that use cryptographic primitives in a resource-constrained environment, examine and analyze threats to biometric passport and electronic voting systems, observe techniques used to conduct mass Internet surveillance, and analyze the security of Finnish web user passwords. In the socio-technical domain we examine surveillance and how it affects the citizens of a networked information society, study methods for delivering efficient security education, examine what is essential security knowledge for citizens, advocate mastery over surveillance data by the targeted citizens in the networked information society, and examine the concept of forced trust that permeates all topics examined in this work.Yhteiskunta, jossa elämme, on muovautunut teknologian kehityksen myötä todelliseksi tietoyhteiskunnaksi. Monet verkottuneen tietoyhteiskunnan osa-alueet ovat kokeneet muutoksen tämän kehityksen seurauksena. Tämän muutoksen keskiössä on Internet: maailmanlaajuinen tietoverkko, joka mahdollistaa verkottuneiden laitteiden keskenäisen viestinnän ennennäkemättömässä mittakaavassa. Internet on muovautunut ehkä keskeisimmäksi osaksi globaalia viestintäinfrastruktuuria, ja siksi myös globaalin viestinnän turvaaminen korostuu tulevaisuudessa yhä enemmän. Verkottuneen tietoyhteiskunnan kasvu ja kehitys edellyttävät vakaan, turvallisen ja nopean viestintäjärjestelmän olemassaoloa. Laajamittainen tietoverkkojen joukkovalvonta muodostaa merkittävän uhan tämän järjestelmän vakaudelle ja turvallisuudelle. Verkkovalvonnan toteuttamiseen käytetyt menetelmät ja työkalut eivät vain anna mahdollisuutta tarkastella valvonnan kohteena olevaa viestiliikennettä, vaan myös vaarantavat kaiken Internet-liikenteen ja siitä riippuvaisen toiminnan turvallisuuden. Kun verkottunutta tietoyhteiskuntaa rakennetaan tämän kaltaisia valuvikoja ja haavoittuvuuksia sisältävän järjestelmän varaan, keskeinen uhkatekijä on, että yhteiskunnan ydintoiminnot ovat alttiina ulkopuoliselle vaikuttamiselle. Näiden uhkatekijöiden ja niiden taustalla vaikuttavien mekanismien tarkastelu on tämän väitöskirjatyön keskiössä. Koska työssä on teknisen sisällön lisäksi vahva yhteiskunnallinen elementti, tarkastellaan tiukan teknisen tarkastelun sijaan aihepiirä laajemmin myös yhteiskunnallisesta näkökulmasta. Tässä väitöskirjassa pyritään rakentamaan kokonaiskuvaa verkottuneen tietoyhteiskunnan turvallisuuteen, toimintaan ja vakauteen vaikuttavista tekijöistä, sekä tuomaan esiin uusia ratkaisuja ja avauksia eri näkökulmista. Työn tavoitteena on osaltaan mahdollistaa entistä turvallisemman verkottuneen tietoyhteiskunnan rakentaminen tulevaisuudessa. Teknisestä näkökulmasta työssä esitetään suunnitteluvuo kryptografisia primitiivejä tehokkaasti hyödyntäville rajallisen laskentatehon sulautetuviiille järjestelmille, analysoidaan biometrisiin passeihin, kansainväliseen passijärjestelmään, sekä sähköiseen äänestykseen kohdistuvia uhkia, tarkastellaan joukkovalvontaan käytettyjen tekniikoiden toimintaperiaatteita ja niiden aiheuttamia uhkia, sekä tutkitaan suomalaisten Internet-käyttäjien salasanatottumuksia verkkosovelluksissa. Teknis-yhteiskunnallisesta näkökulmasta työssä tarkastellaan valvonnan teoriaa ja perehdytään siihen, miten valvonta vaikuttaa verkottuneen tietoyhteiskunnan kansalaisiin. Lisäksi kehitetään menetelmiä parempaan tietoturvaopetukseen kaikilla koulutusasteilla, määritellään keskeiset tietoturvatietouden käsitteet, tarkastellaan mahdollisuutta soveltaa tiedon herruuden periaatetta verkottuneen tietoyhteiskunnan kansalaisistaan keräämän tiedon hallintaan ja käyttöön, sekä tutkitaan luottamuksen merkitystä yhteiskunnan ydintoimintojen turvallisuudelle ja toiminnalle, keskittyen erityisesti pakotetun luottamuksen vaikutuksiin

Electronic Voting: 6th International Joint Conference, E-Vote-ID 2021, Virtual Event, October 5–8, 2021: proceedings

This volume contains the papers presented at E-Vote-ID 2021, the Sixth International Joint Conference on Electronic Voting, held during October 5–8, 2021. Due to the extraordinary situation brought about by the COVID-19, the conference was held online for the second consecutive edition, instead of in the traditional venue in Bregenz, Austria. The E-Vote-ID conference is the result of the merger of the EVOTE and Vote-ID conferences, with first EVOTE conference taking place 17 years ago in Austria. Since that conference in 2004, over 1000 experts have attended the venue, including scholars, practitioners, authorities, electoral managers, vendors, and PhD students. The conference focuses on the most relevant debates on the development of electronic voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social, or political aspects, amongst others, and has turned out to be an important global referent in relation to this issue