1,768 research outputs found
Authentication with Weaker Trust Assumptions for Voting Systems
Some voting systems are reliant on external authentication services.
Others use cryptography to implement their own. We combine
digital signatures and non-interactive proofs to derive a generic construction
for voting systems with their own authentication mechanisms, from systems
that rely on external authentication services. We prove that our
construction produces systems satisfying ballot secrecy and election
verifiability, assuming the underlying voting system does. Moreover,
we observe that works based on similar ideas provide neither ballot secrecy nor
election verifiability. Finally, we demonstrate applicability of
our results by applying our construction to the Helios voting system
Cast-as-Intended Mechanism with Return Codes Based on PETs
We propose a method providing cast-as-intended verifiability for remote
electronic voting. The method is based on plaintext equivalence tests (PETs),
used to match the cast ballots against the pre-generated encrypted code tables.
Our solution provides an attractive balance of security and functional
properties. It is based on well-known cryptographic building blocks and relies
on standard cryptographic assumptions, which allows for relatively simple
security analysis. Our scheme is designed with a built-in fine-grained
distributed trust mechanism based on threshold decryption. It, finally, imposes
only very little additional computational burden on the voting platform, which
is especially important when voters use devices of restricted computational
power such as mobile phones. At the same time, the computational cost on the
server side is very reasonable and scales well with the increasing ballot size
Election Verifiability for Helios under Weaker Trust Assumptions
Most electronic voting schemes aim at providing verifiability: voters should trust the result without having to rely on some authorities. Actually, even a prominent voting system like Helios cannot fully achieve verifiability since a dishonest bulletin board may add ballots. This problem is called ballot stuffing. In this paper we give a definition of verifiability in the computational model to account for a malicious bulletin board that may add ballots. Next, we provide a generic construction that transforms a voting scheme that is verifiable against an honest bulletin board and an honest registration authority (weak verifiability) into a verifiable voting scheme under the weaker trust assumption that the registration authority and the bulletin board are not simultaneously dishonest (strong verifiability). This construction simply adds a registration authority that sends private credentials to the voters, and publishes the corresponding public credentials. We further provide simple and natural criteria that imply weak verifiability. As an application of these criteria, we formally prove the latest variant of Helios by Bernhard, Pereira and Warinschi weakly verifiable. By applying our generic construction we obtain a Helios-like scheme that has ballot privacy and strong verifiability (and thus prevents ballot stuffing). The resulting voting scheme, Helios-C, retains the simplicity of Helios and has been implemented and tested
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
An Electronic Voting System Using GSM Mobile Technology
Electronic voting systems have the potential to improve traditional voting
procedures by providing added convenience and flexibility to the
voter. Numerous electronic voting schemes have been proposed in the past, but
most of them have failed to provide voter authentication in an efficient and
transparent way. On the other hand, GSM (Global System for Mobile
communications) is the most widely used mobile networking standard. There are
more than one billion GSM users worldwide that represent a large user
potential, not just for mobile telephony, but also for other mobile
applications that exploit the mature GSM infrastructure. In this paper, an
electronic voting scheme using GSM mobile technology is presented. By
integrating an electronic voting scheme with the GSM infrastructure, we are
able to exploit existing GSM authentication mechanisms and provide enhanced
voter authentication and mobility while maintaining voter privacy
Overview of Polkadot and its Design Considerations
In this paper we describe the design components of the heterogenous
multi-chain protocol Polkadot and explain how these components help Polkadot
address some of the existing shortcomings of blockchain technologies. At
present, a vast number of blockchain projects have been introduced and employed
with various features that are not necessarily designed to work with each
other. This makes it difficult for users to utilise a large number of
applications on different blockchain projects. Moreover, with the increase in
number of projects the security that each one is providing individually becomes
weaker. Polkadot aims to provide a scalable and interoperable framework for
multiple chains with pooled security that is achieved by the collection of
components described in this paper
Open Voting Client Architecture and Op-Ed Voting: A Novel Framework for Solving Requirement Conflicts in Secret Ballot Elections
Building voting systems for secret ballot elections has many challenges and is the subject of significant academic research efforts. These challenges come from conflicting requirements. In this paper, we introduce a novel architectural approach to voting system construction that may help satisfy conflicting requirements and increase voter satisfaction. Our design, called Open Voting Client Architecture, defines a voting system architectural approach that can harness the power of individualized voting clients. In this work, we contribute a voting system reference architecture to depict the current voting system construction and then use it to define Open Voting Client Architecture. We then detail a specific implementation called Op-Ed Voting to evaluate the security of Open Voting Client Architecture systems. We show that Op-Ed Voting, using voters\u27 personal devices in an end-to-end verifiable protocol, can potentially improve usability and accessibility for voters while also satisfying security requirements for electronic voting
Unified architecture of mobile ad hoc network security (MANS) system
In this dissertation, a unified architecture of Mobile Ad-hoc Network Security (MANS) system is proposed, under which IDS agent, authentication, recovery policy and other policies can be defined formally and explicitly, and are enforced by a uniform architecture. A new authentication model for high-value transactions in cluster-based MANET is also designed in MANS system. This model is motivated by previous works but try to use their beauties and avoid their shortcomings, by using threshold sharing of the certificate signing key within each cluster to distribute the certificate services, and using certificate chain and certificate repository to achieve better scalability, less overhead and better security performance. An Intrusion Detection System is installed in every node, which is responsible for colleting local data from its host node and neighbor nodes within its communication range, pro-processing raw data and periodically broadcasting to its neighborhood, classifying normal or abnormal based on pro-processed data from its host node and neighbor nodes. Security recovery policy in ad hoc networks is the procedure of making a global decision according to messages received from distributed IDS and restore to operational health the whole system if any user or host that conducts the inappropriate, incorrect, or anomalous activities that threaten the connectivity or reliability of the networks and the authenticity of the data traffic in the networks. Finally, quantitative risk assessment model is proposed to numerically evaluate MANS security
- …