democracy security and evidence let s have all three
play

Democracy, Security and Evidence lets have all three ASIACRYPT 2018 - PowerPoint PPT Presentation

Oct 17, 2023 •329 likes •644 views

Democracy, Security and Evidence lets have all three ASIACRYPT 2018 Vanessa Teague University of Melbourne December 5, 2018 Secure voting system designs predate computers Actually, they predate paper too. The votes are private. The

  1. Democracy, Security and Evidence let’s have all three ASIACRYPT 2018 Vanessa Teague University of Melbourne December 5, 2018

  2. Secure voting system designs predate computers Actually, they predate paper too. ◮ The votes are private. ◮ The election result is publicly verifiable. image: Sharon Mollerus. https://commons.wikimedia.org/wiki/File:Athenian_Secret_Ballot.jpg

  3. End-to-end verifiability 1. Voters can check that their vote is cast as they intended and 2. included in the count. 3. The election result is publicly verifiable.

  4. Helios Used in IACR elections. 1. Voters can challenge ciphertexts and demand to see the randomness used to generate them, which can then be confirmed using another device. They cast one they haven’t challenged. 2. Voters can look up the ciphertext on a public bulletin board.

  5. Helios (cont’d) Used in IACR elections. 3 Votes are added using homomorphic encryption. The total is decrypted and proven correct with ZKPs.

  6. Known attacks, weaknesses, etc. 1. It’s not receipt-free: you can remember the randomness used to encrypt your vote, and thus prove what you cast. 2. Voters could be tricked into not verifying properly. 3. Voters could be tricked into going to the wrong website. 4. Voters could be tricked into not looking at the real bulletin board. 5. Some older variants are vulnerable to the “clash attack,” in which ≥ 2 voters think the same vote is theirs. (This is fixed by generating IDs carefully.) 6. ...

  7. What is evidence exactly? ◮ Is it enough for the result to be verifiable, or should we insist that it be verified? ◮ What if none of the (other) voters bother verifying? ◮ Do we need statistical confidence, e.g. from Risk-Limiting Audits of paper ballots? ◮ Or does the possibility of getting caught disincentivize cheating?

  8. What is evidence exactly? ◮ Is it enough for the result to be verifiable, or should we insist that it be verified? ◮ What if none of the (other) voters bother verifying? ◮ Do we need statistical confidence, e.g. from Risk-Limiting Audits of paper ballots? ◮ Or does the possibility of getting caught disincentivize cheating? My two cents: it’s a little like Popper’s definition of a scientific theory. An election process that is verifiable might still give you a wrong answer (if nobody verified), but an election process that’s not verifiable isn’t an election process at all.

  9. What would you do if you were running this in Australia? e.g. our paper on privacy-preserving tallying of preferential votes (which can’t be counted by addition). with Kim Ramchen, Chris Culnane and Olivier Pereira: https://eprint.iacr.org/2018/246

  10. Instant-runoff Voting (IRV) Used in Australia, Canada, India, Ireland, U.K., U.S., . . .

  11. Instant-runoff Voting (IRV) Used in Australia, Canada, India, Ireland, U.K., U.S., . . . Counting process (single winner): 1. Count votes, using 1st preference only If a candidate gets majority, he wins 2. Remove candidate with lowest number of votes “Shift left” the ballots that contained a vote for that candidate Go back to 1. images: http://www.firearmscouncil.org.au/wp-content/uploads/2016/06/McEwen-ACP-HTV-1.jpg http://www.newcastlegreens.org.au/wp-content/uploads/2013/09/House-of-Reps.png

  12. Publishing complete votes causes a privacy problem ◮ Because the number of permutations can be much larger than the number of voters. ◮ So the coercer demands a particular permutation and then punishes the voter if it doesn’t appear.

  13. Verifiable Tallying for IRV This would provide IRV tallies that only leak partial counts at each round (which is required in most places anyway).

  14. Verifiable Tallying for IRV This would provide IRV tallies that only leak partial counts at each round (which is required in most places anyway). But we need fully homomorphic encryption or verifiable MPC!

  15. Verifiable Tallying for IRV This would provide IRV tallies that only leak partial counts at each round (which is required in most places anyway). But we need fully homomorphic encryption or verifiable MPC! ◮ Fully homomorphic encryption still looks expensive/cumbersome

  16. Verifiable Tallying for IRV This would provide IRV tallies that only leak partial counts at each round (which is required in most places anyway). But we need fully homomorphic encryption or verifiable MPC! ◮ Fully homomorphic encryption still looks expensive/cumbersome ◮ Secret sharing based verifiable MPC solutions [BaumDO’14] use ◮ secure channels between voters and trustees ◮ distributed key generation (not fully threshold) in covert adversary model

  17. Verifiable Tallying for IRV This would provide IRV tallies that only leak partial counts at each round (which is required in most places anyway). But we need fully homomorphic encryption or verifiable MPC! ◮ Fully homomorphic encryption still looks expensive/cumbersome ◮ Secret sharing based verifiable MPC solutions [BaumDO’14] use ◮ secure channels between voters and trustees ◮ distributed key generation (not fully threshold) in covert adversary model ◮ Threshold public key encryption based solutions rely on: ◮ RSA moduli with unknown factors [CramerDN01, SchoenmakersV15] ⇒ key generation cumbersome

  18. Somewhat Homomorphic Encryption with Encryption Switching Our solution: ◮ Design a somewhat homomorphic encryption scheme with threshold key generation in the malicious adversary setting ⇒ we can do many “+” and one “ · ” (then more “+”) [BonehGohNissim05, CatalanoFiore15]

  19. Somewhat Homomorphic Encryption with Encryption Switching Our solution: ◮ Design a somewhat homomorphic encryption scheme with threshold key generation in the malicious adversary setting ⇒ we can do many “+” and one “ · ” (then more “+”) [BonehGohNissim05, CatalanoFiore15] ◮ Design a multi-party encryption switching protocol from target space to source space ⇒ after switching, we can do one more multiplication! “+” “+” “ · ” Tgt Src “Id”, interactive

  20. What actually happens when Internet voting runs in Australia? ◮ The Australian State of New South Wales runs an Internet voting system called iVote.

  21. What actually happens when Internet voting runs in Australia? ◮ The Australian State of New South Wales runs an Internet voting system called iVote.

  22. Is it end-to-end verifiable? ◮ “Verification” consists of telephoning an automated system that reads back your vote to you.

  23. Is it end-to-end verifiable? ◮ “Verification” consists of telephoning an automated system that reads back your vote to you. ◮ The Electoral Commission said after the election that “Some 1.7% of electors who voted using iVote R � also used the verification service and none of them identified any anomalies with their vote.”

  24. Is it end-to-end verifiable? ◮ “Verification” consists of telephoning an automated system that reads back your vote to you. ◮ The Electoral Commission said after the election that “Some 1.7% of electors who voted using iVote R � also used the verification service and none of them identified any anomalies with their vote.” ◮ A year later they admitted that about 10% of calls hadn’t been able to retrieve any vote at all.

  25. So are they going to fix that? An independent inquiry recently released the report of its investigation into iVote. They said: ◮ iVote is used only for a small fraction of votes (about 6%), 1 But we should add some verifiability.

  26. So are they going to fix that? An independent inquiry recently released the report of its investigation into iVote. They said: ◮ iVote is used only for a small fraction of votes (about 6%), ◮ therefore nobody will bother to attack it, 1 But we should add some verifiability.

  27. So are they going to fix that? An independent inquiry recently released the report of its investigation into iVote. They said: ◮ iVote is used only for a small fraction of votes (about 6%), ◮ therefore nobody will bother to attack it, ◮ therefore it is secure in a realistic attacker model, 1 But we should add some verifiability.

  28. So are they going to fix that? An independent inquiry recently released the report of its investigation into iVote. They said: ◮ iVote is used only for a small fraction of votes (about 6%), ◮ therefore nobody will bother to attack it, ◮ therefore it is secure in a realistic attacker model, ◮ therefore it should be expanded nationwide. 1 Report at http://www.elections.nsw.gov.au/about_us/plans_and_reports/independent_reports/report_ on_the_ivote_system 1 But we should add some verifiability.

  29. What about academic concerns re large-scale undetectable electoral fraud? “The key difficulty I have with this argument is that it places too much weight on theoretical possibility and not enough on empirical likelihood, or probability of things occurring.”

  30. Did I promise not to mention the Telecommunications Assistance and Access bill? [The Opposition said] the bill was still “far from perfect and there are likely to be significant outstanding issues.”

  31. What can we do?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Concerns about Democracy What is Democracy? What's the simplest definition of democracy? What is

Concerns about Democracy What is Democracy? What's the simplest definition of democracy? What is

Concerns about Democracy What is Democracy? What's the simplest definition of democracy? What is Democracy? What's the simplest definition of democracy? Answer: Majority Rule. What's good about democracy? What's bad about democracy? Plato's

370 views • 24 slides
Experience, Evidence and Expertise in Program Evaluation, 50 Years On: What about Democracy and

Experience, Evidence and Expertise in Program Evaluation, 50 Years On: What about Democracy and

Experience, Evidence and Expertise in Program Evaluation, 50 Years On: What about Democracy and AI? Rod Dobell CJPE Forum University of Victoria February 26, 2018 Outline We continue to debate the value of evaluation But the context

401 views • 14 slides
The problem with democracy aid Nic Cheeseman Professor of Democracy, University of Birmingham

The problem with democracy aid Nic Cheeseman Professor of Democracy, University of Birmingham

14 September 2018 The problem with democracy aid Nic Cheeseman Professor of Democracy, University of Birmingham Democracy Aid Under Threat Plan of the talk Three main challenges to democracy aid: 1. It is not working. Democratic 2. Support

488 views • 19 slides
The Value of Democracy: Evidence from Road Building in Kenya IGC Africa Growth Forum 2014 Robin

The Value of Democracy: Evidence from Road Building in Kenya IGC Africa Growth Forum 2014 Robin

The Value of Democracy: Evidence from Road Building in Kenya IGC Africa Growth Forum 2014 Robin Burgess (LSE and IGC) Remi Jedwab (George Washington and IGC) Edward Miguel (UC Berleley and IGC) Ameet Morjaria (Harvard and IGC) Gerard Padro I

239 views • 20 slides
Faithful Democracy Faithful Democracy In a secular democracy, fair and just democratic systems

Faithful Democracy Faithful Democracy In a secular democracy, fair and just democratic systems

Faithful Democracy Faithful Democracy In a secular democracy, fair and just democratic systems are central to the assertion of human dignity and worth. Partners - Multi-Faith coalition of national, state, and local organization,

607 views • 12 slides
Electoral Democracy Liberal Democracy Pseudo Democracy Prospects of Electoral and Liberal

Electoral Democracy Liberal Democracy Pseudo Democracy Prospects of Electoral and Liberal

Electoral Democracy Liberal Democracy Pseudo Democracy Prospects of Electoral and Liberal Democracy in Zimbabwe Is Zimbabwe Ready for Electoral Democracy? Or Is it another civil war dubbed an election What is Electoral Democracy?

852 views • 17 slides
1 Western Europe and Political Democracy (cont.) Great Britain: A two-party parliamentary

1 Western Europe and Political Democracy (cont.) Great Britain: A two-party parliamentary

Western Europe and Political Democracy Growing prosperity after 1850 contributed to the expansion of democracy in Western Europe. Western Europe and Political Democracy (cont.) In the late 1800s, political democracy was spreading in

635 views • 6 slides
DNS and Evidence-Based Security WIE-KISMET December 9, 2019 Geoffrey M. Voelker University of

DNS and Evidence-Based Security WIE-KISMET December 9, 2019 Geoffrey M. Voelker University of

DNS and Evidence-Based Security WIE-KISMET December 9, 2019 Geoffrey M. Voelker University of California, San Diego Evidence-Based Security Our work in DNS and related areas has been motivated by long-term cybersecurity projects Wide

502 views • 19 slides
Section 4.1: The Mathematics of Democracy MATH 105: Contemporary Mathematics University of

Section 4.1: The Mathematics of Democracy MATH 105: Contemporary Mathematics University of

Section 4.1: The Mathematics of Democracy MATH 105: Contemporary Mathematics University of Louisville October 19, 2017 Introduction to Social Choice 2 / 16 Democracy and its challenges The idea of democracy is simple: decisions are made by

201 views • 8 slides
Experiencing multilevel democracy Political discourse, MEPs behavior, public opinion and the EU:

Experiencing multilevel democracy Political discourse, MEPs behavior, public opinion and the EU:

Experiencing multilevel democracy Political discourse, MEPs behavior, public opinion and the EU: evidence and issues from Lab activities and students research Sabrina Cavatorto, Francesco Olmastroni, Simone Cresti Presidio Mattioli Siena

386 views • 23 slides
U.S. Constitution: What are the key Principles? We have talked about Democracy Will of the

U.S. Constitution: What are the key Principles? We have talked about Democracy Will of the

U.S. Constitution: What are the key Principles? We have talked about Democracy Will of the people, representation, elections, rights, and rule of law, political equality Democracy American style- protective, developmental, pluralist, and

413 views • 19 slides
a government of the people, by the people, and for the people - has never been achieved except in

a government of the people, by the people, and for the people - has never been achieved except in

Democracy is everywhere; democracy is nowhere. Virtually every nation on the face of the earth today claims to be a democracy. Yet democracy - a government of the people, by the people, and for the people - has never been achieved except in

1.01k views • 25 slides
Practicing Democracy as if the Public Matters Will Friedman, Ph.D. President, Public Agenda

Practicing Democracy as if the Public Matters Will Friedman, Ph.D. President, Public Agenda

Practicing Democracy as if the Public Matters Will Friedman, Ph.D. President, Public Agenda June, 2015 Adelaide, South Australia Section I STATUS-QUO DEMOCRACY FALLI NG SHORT What ails democracy today Leaders out of touch with public

762 views • 48 slides
DISINFORMATION AND DEMOCRACY NCG/Bay Area Democracy Funders May, 2018 Madison Initiative M A D

DISINFORMATION AND DEMOCRACY NCG/Bay Area Democracy Funders May, 2018 Madison Initiative M A D

DIGITAL DISINFORMATION AND DEMOCRACY NCG/Bay Area Democracy Funders May, 2018 Madison Initiative M A D I S O N I N I T I A T I V E Uphold key values Strengthen Improve Combat digital and norms of Congress as campaigns &

493 views • 10 slides
1. The International Futures forecasting system (IFs) 2. Four datasets on democracy 3. The

1. The International Futures forecasting system (IFs) 2. Four datasets on democracy 3. The

10/26/16 AFRICAN FUTURES PAPER NO 19 Jakkie Cilliers Institute for Security Studies jcilliers@issafrica.org @jakkiecilliers @ISSAfrica SCOPE 1. The International Futures forecasting system (IFs) 2. Four datasets on democracy 3. The

387 views • 19 slides
1. The International Futures forecasting system (IFs) 2. Four datasets on democracy 3. The

1. The International Futures forecasting system (IFs) 2. Four datasets on democracy 3. The

11/3/16 AFRICAN FUTURES PAPER NO 19 Jakkie Cilliers Institute for Security Studies jcilliers@issafrica.org @jakkiecilliers @ISSAfrica SCOPE 1. The International Futures forecasting system (IFs) 2. Four datasets on democracy 3. The

638 views • 20 slides
Bilinear Text Regression and Applications Vasileios Lampos Department of Computer Science

Bilinear Text Regression and Applications Vasileios Lampos Department of Computer Science

Bilinear Text Regression and Applications Vasileios Lampos Department of Computer Science University College London May, 2014 1 / 45 V. Lampos v.lampos@ucl.ac.uk Bilinear Text Regression and Applications 1/45 Outline Linear Regression

478 views • 45 slides
Usable Security Spring 2015 Franziska (Franzi) Roesner

Usable Security Spring 2015 Franziska (Franzi) Roesner

CSE 484 / CSE M 584: Computer Security and Privacy Usable Security Spring 2015 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan

1.11k views • 55 slides
The LinGO Grammar Matrix Customization System Antske Fokkens Department of Computational

The LinGO Grammar Matrix Customization System Antske Fokkens Department of Computational

Introduction System Overview Research and Evaluation The LinGO Grammar Matrix Customization System Antske Fokkens Department of Computational Linguistics Saarland University 03 November 2009 Antske Fokkens Grammar Matrix 1 / 51

563 views • 53 slides
HUBZone Small Business Summit Welcome & Opening Comments Summit April 26, 2017 -

HUBZone Small Business Summit Welcome & Opening Comments Summit April 26, 2017 -

HUBZone Contractors National Council HUBZone Small Business Summit April 26, 2017 HUBZone Small Business Summit Welcome & Opening Comments Summit April 26, 2017 - Philadelphia John Armstead Acting Deputy Regional Administrator

100 views • 7 slides
Origins and Development of the Austrian School Peter G. Klein University of Missouri August

Origins and Development of the Austrian School Peter G. Klein University of Missouri August

Origins and Development of the Austrian School Peter G. Klein University of Missouri August 2011 1 | Production and the Firm 1 | Entrepreneurship in Austrian Economics Peter G. Klein | University of Missouri | August 2011 Peter G. Klein |

349 views • 5 slides
International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International Security What is security? Freedom from threats to core values? Contestation over referent object: Individual? State? System? How is security achieved?

715 views • 11 slides
WIDER WIDER Development Conference 13 - 15 September 2018, Helsinki, Finland FINANCING THE ZAMBIA

WIDER WIDER Development Conference 13 - 15 September 2018, Helsinki, Finland FINANCING THE ZAMBIA

THINK DEVELOPMENT THINK WIDER WIDER Development Conference 13 - 15 September 2018, Helsinki, Finland FINANCING THE ZAMBIA SOCIAL CASH TRANSFER SCALE UP A TA TAX BENEFIT MICRO SIMULATION ANALY LYSIS BASED ON MICROZAMOD Remmy

497 views • 18 slides
The use of norms violations to model agents behavioral variety Benot Lacroix 1,2 ,

The use of norms violations to model agents behavioral variety Benot Lacroix 1,2 ,

The use of norms violations to model agents behavioral variety Benot Lacroix 1,2 , Philippe Mathieu 2 and Andras Kemeny 1 COIN@AAMAS 2008 2 LIFL, University of Sciences and Technologies of Lille 1 Technical Center for Simulation, Renault

424 views • 17 slides

More recommend