635 research outputs found
Estonian Voting Verification Mechanism Revisited Again
Recently, Mus, Kiraz, Cenk and Sertkaya proposed an improvement over the present Estonian Internet voting vote verification. This paper points to the weaknesses and questionable design choices of the new scheme. We show that the scheme does not fix the vote privacy issue it claims to. It also introduces a way for a malicious voting application to manipulate the vote without being detected by the verification mechanism, hence breaking the cast-as-intended property. As a solution, we propose modifying the protocol of Mus et al. slightly and argue for improvement of the security guarantees. However, there is inherent drop in usability in the protocol as proposed by Mus et al., and this issue will also remain in our improved protocol
Individual Verifiability and Revoting in the Estonian Internet Voting System
Individual verifiability remains one of the main practical challenges in e-voting systems and, despite the central importance of this property, countries that sought to implement it faced repeated security problems.
In this note, we revisit this property in the context of the IVXV version of the Estonian voting system, which has been in used for the Estonian municipal elections of 2017 and for the Estonian and European parliamentary elections of 2019.
We show that a compromised voter device can defeat the individual verifiability mechanism of the current Estonian voting system. Our attack takes advantage of the revoting option that is available in the Estonian voting system, and only requires compromise of the voting client application: it does not require compromising the mobile device verification app, or any server side component
Extending Helios Towards Private Eligibility Verifiability
We show how to extend the Helios voting system to provide eligibility verifiability without revealing who voted which we call private eligibility verifiability. The main idea is that real votes are hidden in a crowd of null votes that are cast by others but are indistinguishable from those of the eligible voter. This extended Helios scheme also improves Helios towards receipt-freeness
Secret texts and cipherballots: secret suffrage and remote electronic voting
Una de les principals preocupacions sobre el vot telemàtic és com preservar el sufragi secret. La llista d’estudis que
afirmen que el vot per Internet és incompatible amb el secret del vot és força extensa. Si bé estudis posteriors sobre
experiències reals han tingut resultats més matisats, les preocupacions sobre el sufragi secret i el vot telemàtic es
mantenen. Abordar aquestes preocupacions esdevé una obligació ineludible. En aquest context, la nostra recerca és
novadora. En primer lloc, el nostre punt de partida no es basa en definicions legals preexistents que s'accepten com a
donades. Partint de l'enfocament universalista del dret constitucional comparat, hem entès que el principi del sufragi
secret transcendeix les opinions i convencions lligades a comunitats polítiques concretes. Aquesta concepció comú i
bàsica s'ha traduït en tres estàndards: individualitat, confidencialitat i anonimat. Aquests estàndards s’han de satisfer
en qualsevol canal de votació. En segon lloc, hem adoptat un enfocament més ampli en l’aplicació d’aquest principi al
vot telemàtic. Hem demostrat que el sufragi secret es pot garantir mitjançant la llei, el codi informàtic, les normes i fins i
tot el mercat. La normativa actual tendeix a ser limitada perquè recorre a analogies amb els canals de votació en paper
i no reconeix les especificitats del vot telemàtic. Per contra, aquí hem examinat el paper que exerceixen (i les
limitacions pròpies) del xifrat asimètric, l'anonimització basada en mix-nets o el recompte homomòrfic, i el vot múltiple.Una de las principales preocupaciones sobre el voto telemático es cómo garantizar el secreto del voto. La lista de
autores que afirman que el voto por Internet es incompatible con el sufragio secreto es considerable. Aunque las
conclusiones de estudios posteriores sobre experiencias reales hayan sido más matizadas, las preocupaciones sobre
el sufragio secreto y el voto telemático se mantienen. Abordar estas preocupaciones constituye en una obligación
ineludible. En este contexto, nuestra investigación es novedosa. En primer lugar, nuestro punto de partida no se basa
en definiciones legales preexistentes que se aceptan como dadas. Partiendo del enfoque universalista del derecho
constitucional comparado, hemos entendido que el principio del sufragio secreto trasciende las opiniones y
convenciones ligadas a la cultura de comunidades políticas concretas. Esta concepción se ha traducido en tres
normas: individualidad, confidencialidad y anonimato. Estas normas deberían aplicarse a cualquier canal de votación.
En segundo lugar, hemos adoptado un enfoque más amplio sobre la aplicación de este principio. Hemos demostrado
que el sufragio secreto puede garantizarse mediante la ley, el código, las normas e incluso el mercado. La normativa
actual tiende a ser limitada porque recurre a analogías con los canales de votación en papel y no reconoce las
especificidades del voto telemático.One of the key concerns about remote electronic voting is how to preserve secret suffrage. The list of authors who
claim that Internet voting is incompatible with the secrecy of the vote is actually quite long. Even if later studies that
analysed the actual implementation of remote electronic voting in public political elections had more nuanced findings,
concerns about secret suffrage and remote electronic voting remain. Addressing these concerns becomes an
inescapable obligation. In this context, our research is quite novel. First and foremost, our starting point is not based on
pre-existing legal definitions that are accepted as given. Drawing from the universalist approach to comparative
constitutional law, we have understood that the principle of secret suffrage exists in such a way that it transcends the
culture bound opinions and conventions of particular political communities. This core understanding has been
translated into three standards: individuality, confidentiality, and anonymity. These standards should apply to any voting
channel. Second, we have taken a wider approach at the enforcement of this principle. We have showed that secret
suffrage may be enforced through law, code, norms, and even the market. Current regulations tend to be constrained
because they resort to analogies with paper-based voting channels and fail to acknowledge the specificities of remote
electronic voting. In contrast, we have examined the role played by (and the limitations of) asymmetric encryption,
anonymization based on mix-nets or homomorphic tallying, and of multiple voting to enforce secret suffrage
Electronic voting : 6th International Joint Conference, E-Vote-ID 2021, virtual event, October 5-8, 2021
This book constitutes the proceedings of the 6th International Conference on Electronic Voting, E-Vote-ID 2021, held online -due to COVID -19- in Bregenz, Austria, in October 2021. The 14 full papers presented were carefully reviewed and selected from 55 submissions. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, as well as legal, social or political aspects
Nation-State Attackers and their Effects on Computer Security
Nation-state intelligence agencies have long attempted to operate in secret, but recent revelations have drawn the attention of security researchers as well as the general public to their operations. The scale, aggressiveness, and untargeted nature of many of these now public operations were not only alarming, but also baffling as many were thought impossible or at best infeasible at scale. The security community has since made many efforts to protect end-users by identifying, analyzing, and mitigating these now known operations.
While much-needed, the security community's response has largely been reactionary to the oracled existence of vulnerabilities and the disclosure of specific operations. Nation-State Attackers, however, are dynamic, forward-thinking, and surprisingly agile adversaries who do not rest on their laurels and are continually advancing their efforts to obtain information. Without the ability to conceptualize their actions, understand their perspective, or account for their presence, the security community's advances will become antiquated and unable to defend against the progress of Nation-State Attackers.
In this work, we present and discuss a model of Nation-State Attackers that can be used to represent their attributes, behavior patterns, and world view. We use this representation of Nation-State Attackers to show that real-world threat models do not account for such highly privileged attackers, to identify and support technical explanations of known but ambiguous operations, and to identify and analyze vulnerabilities in current systems that are favorable to Nation-State Attackers.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/143907/1/aaspring_1.pd
An Assessment of the Security and Transparency Procedural Components of the Estonian Internet Voting System
The I-Voting system designed and implemented in Estonia is one of the first nationwide Internet voting systems. Since its creation, it has been met with praise but also with close scrutiny. Concerns regarding security breaches have focused on in-person election observations, code reviews and adversarial testing on system components. These concerns have led many to conclude that there are various ways in which insider threats and sophisticated external attacks may compromise the integrity of the system and thus the voting process. In this paper, we examine the procedural components of the I-Voting system, with an emphasis on the controls related to procedural security mechanisms, and on system-transparency measures. Through an approach grounded in primary and secondary data sources, including interviews with key Estonian election personnel, we conduct an initial investigation into the extent to which the present controls mitigate the real security risks faced by the system. The experience and insight we present in this paper will be useful both in the context of the I-Voting system, and potentially more broadly in other voting systems
Sixth International Joint Conference on Electronic Voting E-Vote-ID 2021. 5-8 October 2021
This volume contains papers presented at E-Vote-ID 2021, the Sixth International Joint Conference on Electronic Voting, held during October 5-8, 2021. Due to the extraordinary situation provoked by Covid-19 Pandemic, the conference is held online for second consecutive edition, instead of in the traditional venue in Bregenz, Austria. E-Vote-ID Conference resulted from the merging of EVOTE and Vote-ID and counting up to 17 years since the _rst E-Vote conference in Austria. Since that conference in 2004, over 1000 experts have attended the venue, including scholars, practitioners, authorities, electoral managers, vendors, and PhD Students. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social or political aspects, amongst others; turning out to be an important global referent in relation to this issue.
Also, this year, the conference consisted of:
· Security, Usability and Technical Issues Track
· Administrative, Legal, Political and Social Issues Track
· Election and Practical Experiences Track
· PhD Colloquium, Poster and Demo Session on the day before the conference
E-VOTE-ID 2021 received 49 submissions, being, each of them, reviewed by 3 to 5 program committee members, using a double blind review process. As a result, 27 papers were accepted for its presentation in the conference. The selected papers cover a wide range of topics connected with electronic voting, including experiences and revisions of the real uses of E-voting systems and corresponding processes in elections.
We would also like to thank the German Informatics Society (Gesellschaft für Informatik) with its ECOM working group and KASTEL for their partnership over many years. Further we would like to thank the Swiss Federal Chancellery and the Regional Government of Vorarlberg for their kind support. EVote-
ID 2021 conference is kindly supported through European Union's Horizon 2020 projects ECEPS (grant agreement 857622) and mGov4EU (grant agreement 959072). Special thanks go to the members of the international program committee for their hard work in reviewing, discussing, and shepherding papers. They ensured the high quality of these proceedings with their knowledge and experience
Electronic Voting: 6th International Joint Conference, E-Vote-ID 2021, Virtual Event, October 5–8, 2021: proceedings
This volume contains the papers presented at E-Vote-ID 2021, the Sixth International
Joint Conference on Electronic Voting, held during October 5–8, 2021. Due to the
extraordinary situation brought about by the COVID-19, the conference was held
online for the second consecutive edition, instead of in the traditional venue in
Bregenz, Austria. The E-Vote-ID conference is the result of the merger of the EVOTE
and Vote-ID conferences, with first EVOTE conference taking place 17 years ago in
Austria. Since that conference in 2004, over 1000 experts have attended the venue,
including scholars, practitioners, authorities, electoral managers, vendors, and PhD
students. The conference focuses on the most relevant debates on the development of
electronic voting, from aspects relating to security and usability through to practical
experiences and applications of voting systems, also including legal, social, or political
aspects, amongst others, and has turned out to be an important global referent in
relation to this issue
- …