46 research outputs found
Ballot secrecy: Security definition, sufficient conditions, and analysis of Helios
We propose a definition of ballot secrecy as an indistinguishability game in the
computational model of cryptography. Our definition improves upon
earlier definitions to ensure
ballot secrecy is preserved in the presence
of an adversary that controls
ballot collection.
We also propose
a definition
of ballot independence as
an adaptation of an indistinguishability game
for asymmetric
encryption. We prove relations between our definitions. In particular, we prove
ballot independence is sufficient for ballot secrecy in voting systems with
zero-knowledge tallying proofs. Moreover, we prove that building
systems
from non-malleable asymmetric encryption schemes suffices for ballot secrecy,
thereby eliminating
the expense of ballot-secrecy proofs for a class
of encryption-based voting systems. We demonstrate applicability of
our results by analysing the Helios voting system and its mixnet variant.
Our analysis reveals that Helios does not satisfy ballot secrecy in the presence of
an adversary that controls
ballot collection. The
vulnerability cannot be detected by earlier definitions of ballot secrecy, because
they do not consider such adversaries. We adopt non-malleable ballots
as a fix and prove that the fixed system satisfies ballot secrecy
Cast-as-Intended: A Formal Definition and Case Studies
peer reviewedVerifiable voting systems allow voters to check whether their ballot is correctly recorded (individual verifiability) and allow anyone to check whether votes expressed in recorded ballots are correctly counted (universal verifiability). This suffices to ensure that honest voters’ votes are correctly counted, assuming ballots are properly generated. Achieving ballot assurance, i.e., assuring each voter that their vote is correctly encoded inside their ballot, whilst ensuring privacy, is a challenging aspect of voting system design. This assurance property is known as cast-as-intended. Unlike many properties of voting systems, it has yet to be formalised. We provide the first formal definition and apply our definition to MarkPledge, Prêt à Voter, Selene, ThreeBallot, and schemes based upon Benaloh challenges
La volonté machinale: understanding the electronic voting controversy
Contains fulltext :
32048_voloma.pdf (publisher's version ) (Open Access)Radboud Universiteit Nijmegen, 21 januari 2008Promotor : Jacobs, B.P.F. Co-promotores : Poll, E., Becker, M.226 p
Voting on the internet
We address some of the challenges in achieving internet voting for real world elections. One challenge is that home-based computers are likely to be infected by malware, threatening both the integrity and privacy of the vote. Another concern is the possibility that a voter may be coerced to vote in a particular way, for example by a family member or organised crime ring. Moreover, any voting system intended to be used on a large scale should not require complex operations by voters whose purpose is hard to understand.
We introduce a series of novel proposals for internet voting, presented across three parts. First we examine how the problem of malware-infected computers in internet voting could be solved. We propose to use a dedicated hardware token (which is not required to be trustworthy) that helps remove the need to trust the voting computer and the server.
Second we examine how the outcome verification methods provided by internet voting can be made more intuitive. We show how using trial votes help voters achieve more intuitive verifiability.
Third we examine how the tension between verifiability and incoercibility can be reconciled while maintaining the usability of the voting systems. We propose a new property which we call “coercion-evidence” that helps improve usability, reduce trust assumptions, while maintaining the security of the system
Electronic voting : 6th International Joint Conference, E-Vote-ID 2021, virtual event, October 5-8, 2021
This book constitutes the proceedings of the 6th International Conference on Electronic Voting, E-Vote-ID 2021, held online -due to COVID -19- in Bregenz, Austria, in October 2021. The 14 full papers presented were carefully reviewed and selected from 55 submissions. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, as well as legal, social or political aspects
Sixth International Joint Conference on Electronic Voting E-Vote-ID 2021. 5-8 October 2021
This volume contains papers presented at E-Vote-ID 2021, the Sixth International Joint Conference on Electronic Voting, held during October 5-8, 2021. Due to the extraordinary situation provoked by Covid-19 Pandemic, the conference is held online for second consecutive edition, instead of in the traditional venue in Bregenz, Austria. E-Vote-ID Conference resulted from the merging of EVOTE and Vote-ID and counting up to 17 years since the _rst E-Vote conference in Austria. Since that conference in 2004, over 1000 experts have attended the venue, including scholars, practitioners, authorities, electoral managers, vendors, and PhD Students. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social or political aspects, amongst others; turning out to be an important global referent in relation to this issue.
Also, this year, the conference consisted of:
· Security, Usability and Technical Issues Track
· Administrative, Legal, Political and Social Issues Track
· Election and Practical Experiences Track
· PhD Colloquium, Poster and Demo Session on the day before the conference
E-VOTE-ID 2021 received 49 submissions, being, each of them, reviewed by 3 to 5 program committee members, using a double blind review process. As a result, 27 papers were accepted for its presentation in the conference. The selected papers cover a wide range of topics connected with electronic voting, including experiences and revisions of the real uses of E-voting systems and corresponding processes in elections.
We would also like to thank the German Informatics Society (Gesellschaft für Informatik) with its ECOM working group and KASTEL for their partnership over many years. Further we would like to thank the Swiss Federal Chancellery and the Regional Government of Vorarlberg for their kind support. EVote-
ID 2021 conference is kindly supported through European Union's Horizon 2020 projects ECEPS (grant agreement 857622) and mGov4EU (grant agreement 959072). Special thanks go to the members of the international program committee for their hard work in reviewing, discussing, and shepherding papers. They ensured the high quality of these proceedings with their knowledge and experience
Electronic Voting: 6th International Joint Conference, E-Vote-ID 2021, Virtual Event, October 5–8, 2021: proceedings
This volume contains the papers presented at E-Vote-ID 2021, the Sixth International
Joint Conference on Electronic Voting, held during October 5–8, 2021. Due to the
extraordinary situation brought about by the COVID-19, the conference was held
online for the second consecutive edition, instead of in the traditional venue in
Bregenz, Austria. The E-Vote-ID conference is the result of the merger of the EVOTE
and Vote-ID conferences, with first EVOTE conference taking place 17 years ago in
Austria. Since that conference in 2004, over 1000 experts have attended the venue,
including scholars, practitioners, authorities, electoral managers, vendors, and PhD
students. The conference focuses on the most relevant debates on the development of
electronic voting, from aspects relating to security and usability through to practical
experiences and applications of voting systems, also including legal, social, or political
aspects, amongst others, and has turned out to be an important global referent in
relation to this issue
Model checking security protocols : a multiagent system approach
Security protocols specify the communication required to achieve security objectives, e.g.,
data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting,
etc. Formal verification is used to discover protocol-design flaws.
In this thesis, we use a multiagent systems approach built on temporal-epistemic logic
to model and analyse a bounded number of concurrent sessions of authentication and
key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness
of classical, trace-based frameworks by mapping each protocol requirement into a
hierarchy of temporal-epistemic formulae.
To automate our methodology, we design and implement a tool called PD2IS. From a
high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic
specifications of the protocol’s goals. This output is verified with the model checker MCMAS.
We benchmark our methodology on various protocols drawn from standard repositories.
We extend our approach to formalise protocols described by equations of cryptographic
primitives. The core of this extension is an indistinguishability relation to accommodate the
underlying protocol equations. Based on this relation, we introduce a knowledge modality and
an algorithm to model check multiagent systems against it. These techniques are applied to
verify e-voting protocols.
Furthermore, we develop our methodology towards intrusion-detection techniques. We
introduce the concept of detectability, i.e., the ability of protocol participants to detect
jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support
detectability analysis. We model check several attack-prone protocols against their detectability
specifications
Model Checking Security Protocols: A Multiagent System Approach
Security protocols specify the communication required to achieve security objectives, e.g., data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting, etc. Formal verification is used to discover protocol-design flaws. In this thesis, we use a multiagent systems approach built on temporal-epistemic logic to model and analyse a bounded number of concurrent sessions of authentication and key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness of classical, trace-based frameworks by mapping each protocol requirement into a hierarchy of temporal-epistemic formulae. To automate our methodology, we design and implement a tool called PD2IS. From a high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic specifications of the protocol’s goals. This output is verified with the model checker MCMAS. We benchmark our methodology on various protocols drawn from standard repositories. We extend our approach to formalise protocols described by equations of cryptographic primitives. The core of this extension is an indistinguishability relation to accommodate the underlying protocol equations. Based on this relation, we introduce a knowledge modality and an algorithm to model check multiagent systems against it. These techniques are applied to verify e-voting protocols. Furthermore, we develop our methodology towards intrusion-detection techniques. We introduce the concept of detectability, i.e., the ability of protocol participants to detect jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support detectability analysis. We model check several attack-prone protocols against their detectability specifications