14 research outputs found
Electronic voting in the classical and quantum settings: modelling, design and analysis
This thesis explores the cryptographic field of electronic voting both in the
classical and quantum regime. In the classical setting, we look at the problem of
self-tallying elections, while in the quantum setting we initiate the formal study
of quantum voting according to the principles of modern cryptography.
The concept of a self-tallying election (STE) scheme was first introduced by
Kiayias and Yung [PKC 2002] and captures electronic voting schemes in which
the tallying authorities are the voters of the election themselves. This type of
electronic voting is particularly compatible with and suitable for (but not only)
Blockchain governance, where governance is expected to be maintained in a fully
distributed manner. In this thesis, we formalize the requirements for secure STE
schemes in the Universal Composability (UC) framework. Our model captures
the standard voting properties of eligibility, fairness, vote-privacy, and one voter-one vote. We present E-cclesia, a new family of STE schemes, and prove that
it securely UC realizes the STE functionality. We propose E-cclesia 1.0 , the
first concrete instantiation of E-cclesia using RSA accumulators in combination
with a novel time-lock encryption scheme, name Astrolabous, that surpasses
the limitations of previous ones. In addition, we provide a concrete security
definition of TLE schemes and we formally abstract the concept of TLE into an
ideal functionality following the real/ideal paradigm introduced by Canetti [IEEE
FOCS 2001]. On top of that, we show that a protocol that uses a pair of TLE
algorithms that satisfy these properties UC realises our ideal TLE functionality.
Finally, we provide a novel TLE construction and we show that it satisfies our
security definition making our whole argumentation of a fully-fledged E-cclesia
protocol sound.
All practical e-voting constructions rely on computational assumption to
satisfy various properties such as privacy and verifiability.
A milestone work published by Shor [IEEE SFCS 1994] indicates that well
known mathematical problems can be solved efficiently if we have at our disposal a
quantum computer. Recent advances indicate that quantum computers will soon
be a reality. Motivated by this ever more realistic threat for existing classical
cryptographic protocols, researchers have developed several schemes to resist
quantum attacks. In particular, several e-voting schemes relying on the properties
of quantum mechanics have been proposed for electronic voting. However, each of
these proposals comes with a different and often not well-articulated corruption model, has different objectives, and is accompanied by security claims that are
never formalized and justified only against specific attacks. To address this, we
propose the first formal security definitions for quantum e-voting protocols.
With these at hand, we systematize and evaluate the security of previously
proposed quantum e-voting protocols; we examine the claims of these works concerning privacy, correctness and verifiability, and if they are correctly attributed
to the proposed protocols. In all non-trivial cases, we identify specific quantum
attacks that violate these properties. We argue that the cause of these failures
lies in the absence of formal security models and references to the existing cryptographic literature
Astrolabous: A Universally Composable Time Lock Encryption Scheme
In this work, we study the Time-Lock Encryption (TLE) cryptographic primitive. The concept of TLE involves a party initiating the encryption of a message that one can only decrypt after a certain amount of time has elapsed. Following the Universal Composability (UC) paradigm introduced by Canetti [IEEE FOCS 2001], we formally abstract the concept of TLE into an ideal functionality. In addition, we provide a standalone definition for secure TLE schemes in a game-based style and we devise a hybrid protocol that relies on such a secure TLE scheme. We show that if the underlying TLE scheme satisfies the standalone game-based security definition, then our hybrid protocol UC realises the TLE functionality in the random oracle model.
Finally, we present Astrolabous, a TLE construction that satisfies our security definition, leading to the first UC realization of the TLE functionality.
Interestingly, it is hard to prove UC secure any of the TLE construction proposed in the literature. The reason behind this difficulty relates to the UC framework itself. Intuitively, to capture semantic security, no information should be leaked regarding the plaintext in the ideal world, thus the ciphertext should not contain any information relating to the message. On the other hand, all ciphertexts will eventually open, resulting in a trivial distinction of the real from the ideal world in the standard model. We overcome this limitation by extending any secure TLE construction adopting the techniques of Nielsen [CRYPTO 2002] in the random oracle model. Specifically, the description of the extended TLE algorithms includes calls to the random oracle, allowing our simulator to equivocate. This extension can be applied to any TLE algorithm that satisfies our standalone game-based security definition, and in particular to Astrolabous
Universally Composable Simultaneous Broadcast against a Dishonest Majority and Applications
Simultaneous broadcast (SBC) protocols, introduced in [Chor et al., FOCS 1985], constitute a special class of broadcast channels which, besides consistency, guarantee that all senders broadcast their messages independently of the messages broadcast by other parties. SBC has proved extremely useful in the design of various distributed computing constructions (e.g., multiparty computation, coin flipping, electronic voting, fair bidding). As with any communication channel, it is crucial that SBC security is composable, i.e., it is preserved under concurrent protocol executions. The work of [Hevia, SCN 2006] proposes a formal treatment of SBC in the state-of-the-art Universal Composability (UC) framework [Canetti, FOCS 2001] and a construction secure assuming an honest majority.
In this work, we provide a comprehensive revision of SBC in the UC setting and improve the results of [Hevia, SCN 2006]. In particular, we present a new SBC functionality that captures both simultaneity and liveness by considering a broadcast period such that (i) within this period all messages are broadcast independently and (ii) after the period ends, the session is terminated without requiring full participation of all parties. Next, we employ time-lock encryption (TLE) over a standard broadcast channel to devise an SBC protocol that realizes our functionality against any adaptive adversary corrupting up to all-but-one parties. In our study, we capture synchronicity via a global clock [Katz et al., TCC 2013], thus lifting the restrictions of the original synchronous communication setting used in [Hevia, SCN 2006]. As a building block of independent interest, we prove the first TLE protocol that is adaptively secure in the UC setting, strengthening the main result of [Arapinis et al., ASIACRYPT 2021].
Finally, we formally exhibit the power of our SBC construction in the design of UC-secure applications by presenting two interesting use cases: (i) distributed generation of uniform random strings, and (ii) decentralized electronic voting systems, without the presence of a special trusted party
Inkjet printing of insulin microneedles for transdermal delivery
Inkjet printing technology was used to apply insulin polymeric layers on metal microneedles for transdermal delivery. A range of various polymers such as gelatin (GLN), polyvinyl caprolactame-polyvinyl acetate-polyethylene glycol (SOL), poly(2-ethyl-2-oxazoline) (POX) and trehalose (THL) were assessed for their capacity to form thin uniform and homogeneous layers that preserve insulin intact. Atomic force microscopy (AFM) showed homogeneous insulinâpolymer layers without any phase separation while SOL demonstrated the best performance. Circular discroism (CD) analysis of rehydrated films showed that insulinâs alpha helices and ÎČâsheet were well preserved for THL and SOL. In contrast, GLN and POX insulin layers revealed small band shifts indicating possible conformational changes. Insulin release in Franz diffusion cells from MNs inserted into porcine skin showed rapid release rates for POX and GLN within the first 20 min. Inkjet printing was proved an effective approach for transdermal delivery of insulin in solid state
E-cclesia: Universally Composable Self-Tallying Elections
The technological advancements of the digital era paved the way
for the facilitation of electronic voting (e-voting) in the promise of
efficiency and enhanced security. In standard e-voting designs, the
tally process is assigned to a committee of designated entities called
talliers. Naturally, the security analysis of any e-voting system with
tallier designation hinges on the assumption that a subset of the
talliers follows the execution guidelines and does not attempt to
breach privacy. As an alternative approach, Kiayias and Yung [PKC
â02] pioneered the self-tallying elections (STE) paradigm, where the
post-ballot-casting (tally) phase can be performed by any interested
party, removing the need for tallier designation.
In this work, we explore the prospect of decentralized e-voting
where security is preserved under concurrent protocol executions.
In particular, we provide the first comprehensive formalization
of STE in the universal composability (UC) framework introduced
by Canetti [FOCS â01] via an ideal functionality that captures required security properties such as voter privacy, eligibility, fairness,
one-voter one-vote, and verifiability. We provide a concrete instantiation, called E-cclesia , that UC realizes our functionality. The
design of E-cclesia integrates several cryptographic primitives
such as signatures of knowledge for anonymous eligibility check,
dynamic accumulators for scalability, time-lock encryption for fairness and anonymous broadcast channels for voter privacy. For the
latter primitive, we provide the first UC formalization along with
a construction based on mix-nets that utilises layered encryption,
threshold secret sharing and equivocation techniques.
Finally, we discuss deployment and scalability considerations
for E-cclesia . We present preliminary benchmarks of the key
operations (in terms of computational cost) of the voting client and
demonstrate the feasibility of our proposal with readily available
cryptographic tools for mid-sized elections (âŒ100,000 voters)
A Comprehensive Analysis of Quantum E-voting Protocols
37 pages including Supplementary MaterialInternational audienceRecent advances at Google, IBM, as well as a number of research groups indicate that quantum computers will soon be reality. Motivated by the ever more realistic threat quantum computers pose to existing classical cryptographic protocols, researchers have developed several schemes to resist "quantum attacks". In particular, for electronic voting, several e-voting schemes relying on properties of quantum mechanics have been proposed. However, each of these proposals comes with a different and often not well-articulated corruption model, has different objectives, and is accompanied by security claims which are never formalized and are at best justified only against specific attacks. In this paper, we systematize and evaluate the security of suggested e-voting protocols based on quantum technology. We examine the claims of these works concerning privacy, correctness and verifiability, and if they are correctly attributed to the proposed protocols. In all non-trivial cases, we identified specific quantum attacks that violate these properties. We argue that the cause of these failures lies in the absence of formal security models and in a more general lack of reference to the existing cryptographic literature