End-to-end verifiable elections in the standard model

We present the cryptographic implementation of “DEMOS”, a new e-voting system that is end-to-end verifiable in the standard model, i.e., without any additional “setup” assumption or access to a random oracle (RO). Previously known end-to-end verifiable e-voting systems required such additional assumptions (specifically, either the existence of a “randomness beacon” or were only shown secure in the RO model). In order to analyze our scheme, we also provide a modeling of end-to-end verifiability as well as privacy and receipt-freeness that encompasses previous definitions in the form of two concise attack games. Our scheme satisfies end-to-end verifiability information theoretically in the standard model and privacy/receipt-freeness under a computational assumption (subexponential Decisional Diffie Helman). In our construction, we utilize a number of techniques used for the first time in the context of e-voting schemes that include utilizing randomness from bit-fixing sources, zero-knowledge proofs with imperfect verifier randomness and complexity leveraging

DEMOS-2:scalable E2E verifiable elections without random oracles

Recently, Kiayias, Zacharias and Zhang-proposed a new E2E verifiable e-voting system called 'DEMOS' that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, DEMOS comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to {\em precompute} a number of ciphertexts for each voter and each possible choice of the voter. This approach clearly does not scale to elections that have a complex ballot and voters have an exponential number of ways to vote in the number of candidates. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext. In contrast to the above, in this work, we construct a new e-voting system that retains the strong E2E characteristics of DEMOS (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. We achieve this via a new cryptographic construction that has the EA produce and prove, using voters' coins, the security of a common reference string (CRS) that voters subsequently can use to affix non-interactive zero-knowledge (NIZK) proofs to their ciphertexts. The EA itself uses the CRS to prove via a NIZK the tally correctness at the end. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging

Intelligent detection of black hole attacks for secure communication in autonomous and connected vehicles

Detection of Black Hole attacks is one of the most challenging and critical routing security issues in vehicular ad hoc networks (VANETs) and autonomous and connected vehicles (ACVs). Malicious vehicles or nodes may exist in the cyber-physical path on which the data and control packets have to be routed converting a secure and reliable route into a compromised one. However, instead of passing packets to a neighbouring node, malicious nodes bypass them and drop any data packets that could contain emergency alarms. We introduce an intelligent black hole attack detection scheme (IDBA) tailored to ACV. We consider four key parameters in the design of the scheme, namely, Hop Count, Destination Sequence Number, Packet Delivery Ratio (PDR), and End-to-End delay (E2E). We tested the performance of our IDBA against AODV with Black Hole (BAODV), Intrusion Detection System (IdsAODV), and EAODV algorithms. Extensive simulation results show that our IDBA outperforms existing approaches in terms of PDR, E2E, Routing Overhead, Packet Loss Rate, and Throughput

Response-Time Analysis of Multipath Flows in Hierarchically-Scheduled Time-Partitioned Distributed Real-Time Systems

Modern industrial cyberphisical systems exhibit increasingly complex execution patterns like multipath end-to-end flows, that force the real-time community to extend the schedulability analysis methods to include these patterns. Only then it is possible to ensure that applications meet their deadlines even in the worst-case scenario. As a driving motivation, we present a real industrial application with safety requirements, that needs to be re-factored in order to leverage the features of new execution paradigms such as time partitioning. In this context we develop a new response-time analysis technique that provides the capacity of obtaining the worst-case response time of multipath flows in time-partitioned hierarchical schedulers and also in general fixed-priority (FP) real-time systems. We show that the results obtained with the new analysis reduce the pessimism of the currently used holistic analysis approach.This work was supported in part by the Doctorados Industriales 2018 program from the University of Cantabria and the Spanish Government and FEDER funds (AEI/FEDER, UE) under Grant TIN2017-86520-C3-3-R (PRECON-I4)

Election Security Is Harder Than You Think

Recent years have seen the rise of nation-state interference in elections across the globe, making the ever-present need for more secure elections all the more dire. While certain common-sense approaches have been a typical response in the past, e.g. ``don't connect voting machines to the Internet'' and ``use a voting system with a paper trail'', known-good solutions to improving election security have languished in relative obscurity for decades. These techniques are only now finally being implemented at scale, and that implementation has brought the intricacies of sophisticated approaches to election security into full relief. This dissertation argues that while approaches to improve election security like paper ballots and post-election audits seem straightforward, in reality there are significant practical barriers to sufficient implementation. Overcoming these barriers is a necessary condition for an election to be secure, and while doing so is possible, it requires significant refinement of existing techniques. In order to better understand how election security technology can be improved, I first develop what it means for an election to be secure. I then delve into experimental results regarding voter-verified paper, discussing the challenges presented by paper ballots as well as some strategies to improve the security they can deliver. I examine the post-election audit ecosystem and propose a manifest improvement to audit workload analysis through parallelization. Finally, I show that even when all of these conditions are met (as in a vote-by-mail scenario), there are still wrinkles that must be addressed for an election to be truly secure.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/163272/1/matber_1.pd

Intelligent Mobile Edge Computing Integrated with Blockchain Security Analysis for Millimetre-Wave Communication

 With the increase in number of devices enabled the Internet of Things (IoT) communication with the centralized cloud computing model. With the implementation of the cloud computing model leads to increased Quality of Service (QoS). The cloud computing model provides the edge computing technologies for the real-time application to achieve reliability and security. Edge computing is considered the extension of the cloud computing technology involved in transfer of the sensitive information in the cloud edge to increase the network security. The real-time data transmission realizes the interaction with the high frequency to derive improved network security. However, with edge computing server security is considered as sensitive privacy information maintenance. The information generated from the IoT devices are separated based on stored edge servers based on the service location. Edge computing data is separated based in edge servers for the guaranteed data integrity for the data loss and storage. Blockchain technologies are subjected to different security problem for the data integrity through integrated blockchain technologies. This paper developed a Voted Blockchain Elliptical Curve Cryptography (VBECC) model for the millimetre wave application. The examination of the blockchain model is evaluated based on the edge computing architecture. The VBECC model develop an architectural model based Blockchain technology with the voting scheme for the millimetre application. The estimated voting scheme computes the edge computing technologies for the estimation of features through ECC model. The VBECC model computes the security model for the data transmission in the edge computing-based millimetre application. The experimental analysis stated that VBECC model uses the data security model ~8% increased performance than the conventional technique

Distributed, end-to-end verifiable, and privacy-preserving internet voting systems

We present the D-DEMOS suite of distributed, privacy-preserving, and end-to-end verifiable e-voting systems; one completely asynchronous and one with minimal timing assumptions but better performance. Their distributed voting operation is human verifiable; a voter can vote over the web, using an unsafe web client stack, without sacrificing her privacy, and get recorded-as-cast assurance. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. We provide a model and security analysis of the systems, implement prototypes of the complete systems, measure their performance experimentally, demonstrate their ability to handle large-scale elections, and demonstrate the performance trade-offs between the two versions

The DEMOS family of e-voting systems: End-to-end verifiable elections in the standard model

Η παρούσα διδακτορική διατριβή εισάγει τα συστήματα ηλεκτρονικής ψηφοφορίας DEMOS-A και DEMOS-2 τα οποία επιτυγχάνουν άμεση επαληθευσιμότητα (end-to-end verifiability) για πρώτη φορά. Προγενέστερα της διατριβής, όλα τα κορυφαία συστήματα ηλεκτρονικής ψηφοφορίας (π.χ. SureVote, JCJ, Pret a Voter, Helios, Scantegrity, etc.) προϋπέθεταν το αδιάβλητο των συσκευών ψηφοφορίας, το μοντέλο τυχαίου μαντείου, ή την ύπαρξη μια έμπιστης πηγής τυχαιότητας για την επίτευξη άμεσης επαληθευσιμότητας. Στον πυρήνα των DEMOS-A και DEMOS-2 , βρίσκεται ένας νέος μηχανισμός εξαγωγής τυχαιότητας απαιτούμενης για την επαλήθευση από την εντροπία που παράγουν οι ψηφοφόροι κατά τη συμμετοχή τους στην ψηφοφορία. Η εν λόγω εντροπία είναι εσωτερική ως προς το εκλογικό περιβάλλον, επομένως απαλείφεται η ανάγκη για εμπιστοσύνη σε μία εξωτερική πηγή τυχαιότητας. Η ανάλυση ασφάλειας διεξάγεται υπό ένα νέο κρυπτογραφικό πλαίσιο το οποίο συνιστά επιπρόσθετη συνεισφορά της διατριβής. Τα θεωρήματα άμεσης επαλήθευσιμότητας των DEMOS-A και DEMOS-2 μαρτυρούν μία στενή συσχέτιση του επιπέδου ασφάλειας με την συμπεριφορά του εκλογικού σωμάτος κατά την επαλήθευση. Βάσει αυτού του ευρήματος και της εργασίας του Ellison το 2007, η παρούσα διατριβή επεκτείνει το πλαίσιο μοντελοποιώντας τα συστήματα ηλεκτρονικής ψηφοφορίας ως ceremonies. Ως υπόδειγμα μελέτης ενός ceremony ηλεκτρονικής ψηφοφορίας, η παρούσα διατριβή μελετά την ασφάλεια του καθιερωμένου συστήματος ηλεκτρονικής ψηφοφορίας Helios.This PhD thesis introduces the DEMOS-A and DEMOS-2 e-voting systems that achieve end-to-end verifiability in the standard model for the first time. Prior to this thesis, all top-tier e-voting systems (e.g. SureVote, JCJ, Pret a Voter, Helios, Scantegrity, etc.) assumed honesty of the voting clients, the random oracle model, or the existence a randomness beacon to achieve end-to-end verifiability. In the core of DEMOS-A and DEMOS-2, is a novel mechanism that extracts the randomness required for verification from the entropy generated by the voters, when they engage in the voting phase. This entropy is internal with respect to the election environment, therefore the need for trusting an outer source of randomness is removed. The security analysis is performed under a novel cryptographic framework that constitutes an additional contribution of this thesis. The end-to-end verifiability theorems for DEMOS-A and DEMOS-2 reveal that the security level is in high correlation with the auditing behaviour of the electorate. Motivated by this finding, this thesis extends the framework by modelling e-voting systems as ceremonies, inspired by the work of Ellison in 2007. As a case study of an e-voting ceremony, this thesis investigates the security of the well-known Helios e-voting system