internet voting seriously
play

Internet VotingSeriously?? Ronald L. Rivest Institute Professor - PowerPoint PPT Presentation

May 18, 2023 •12 likes •912 views

Internet VotingSeriously?? Ronald L. Rivest Institute Professor MIT, Cambridge, MA EVN Conference 2016-03-11 Outline Introduction Technology evolution and voting Internet voting Security Risk assessment New tech for old applications

  1. Internet Voting–Seriously?? Ronald L. Rivest Institute Professor MIT, Cambridge, MA EVN Conference 2016-03-11

  2. Outline Introduction Technology evolution and voting Internet voting Security Risk assessment

  3. New tech for old applications One often asks if new technology can improve existing applications...

  4. New tech for old applications One often asks if new technology can improve existing applications... Example: punch cards for voting Step forward... or a mistake?

  5. Sometimes new tech helps

  6. Sometimes new tech helps Electric motors → elevators → tall buildings.

  7. Sometimes it doesn’t, or is silly.

  8. Sometimes it doesn’t, or is silly.

  9. Sometimes it is too dangerous for some uses!

  10. Sometimes it is too dangerous for some uses! (Don’t text while driving!)

  11. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices.

  12. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices. ◮ Allowing voters to update their personal information.

  13. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices. ◮ Allowing voters to update their personal information. ◮ Providing information about election results.

  14. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices. ◮ Allowing voters to update their personal information. ◮ Providing information about election results. ◮ Providing information about audit of election results...

  15. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices. ◮ Allowing voters to update their personal information. ◮ Providing information about election results. ◮ Providing information about audit of election results... ◮ ...

  16. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices. ◮ Allowing voters to update their personal information. ◮ Providing information about election results. ◮ Providing information about audit of election results... ◮ ...

  17. Can using the Internet help elections & voting? Yes, in many ways it can be helpful: ◮ Distributing information about an election and choices. ◮ Allowing voters to update their personal information. ◮ Providing information about election results. ◮ Providing information about audit of election results... ◮ ... But... actually voting over the Internet????

  18. What is “Internet Voting (IV)”? Internet voting is a form of remote voting. Remote voting has many flavors: ◮ Ballots sent to voter by: mail | web | email ◮ Ballots are: paper | electronic | both ◮ Voters are: supervised | unsupervised ◮ Ballot “marked” by: voter | kiosk | voter PC ◮ Ballots returned by: mail | web | email ◮ Auditing: none | moderate | comprehensive

  19. What is “Internet Voting (IV)”? Internet voting is a form of remote voting. Internet voting: ◮ Ballots sent to voter by: mail | web | email ◮ Ballots are: paper | electronic | both ◮ Voters are: supervised | unsupervised ◮ Ballot “marked” by: voter | kiosk | voter PC ◮ Ballots returned by: mail | web | email ◮ Auditing: none | moderate | comprehensive

  20. IV Proponents suggest IV would help:

  21. IV Proponents suggest IV would help: ◮ High-tech “buzz”?

  22. IV Proponents suggest IV would help: ◮ High-tech “buzz”? ◮ Extend franchise to military & disabled?

  23. IV Proponents suggest IV would help: ◮ High-tech “buzz”? ◮ Extend franchise to military & disabled? ◮ Turnout?

  24. IV Proponents suggest IV would help: ◮ High-tech “buzz”? ◮ Extend franchise to military & disabled? ◮ Turnout? ◮ Cost?

  25. IV Proponents suggest IV would help: ◮ High-tech “buzz”? ◮ Extend franchise to military & disabled? ◮ Turnout? ◮ Cost? ◮ Security?

  26. IV Proponents suggest IV would help: ◮ High-tech “buzz”? A+ ◮ Extend franchise to military & disabled? ◮ Turnout? ◮ Cost? ◮ Security?

  27. IV Proponents suggest IV would help: ◮ High-tech “buzz”? A+ ◮ Extend franchise to military & disabled? B ◮ Turnout? ◮ Cost? ◮ Security?

  28. IV Proponents suggest IV would help: ◮ High-tech “buzz”? A+ ◮ Extend franchise to military & disabled? B ◮ Turnout? C ◮ Cost? ◮ Security?

  29. IV Proponents suggest IV would help: ◮ High-tech “buzz”? A+ ◮ Extend franchise to military & disabled? B ◮ Turnout? C ◮ Cost? D ◮ Security?

  30. IV Proponents suggest IV would help: ◮ High-tech “buzz”? A+ ◮ Extend franchise to military & disabled? B ◮ Turnout? C ◮ Cost? D ◮ Security? F

  31. Voting must work in an adversarial environment ◮ Q: If we can put a man on the moon, why can’t we make online voting work?

  32. Voting must work in an adversarial environment ◮ Q: If we can put a man on the moon, why can’t we make online voting work? ◮ A: Because voting must work in an adversarial environment. You wouldn’t get a man on the moon if people were trying to sabotage the launch and shooting at the rocket.

  33. Voting must work in an adversarial environment ◮ Q: If we can put a man on the moon, why can’t we make online voting work? ◮ A: Because voting must work in an adversarial environment. You wouldn’t get a man on the moon if people were trying to sabotage the launch and shooting at the rocket. ◮ Note: Adversaries may be outsiders, or insiders. A foreign nation-state is a likely adversary .

  34. Voting must provide a secret ballot ◮ Q : If we can bank online, why can’t we make online voting work?

  35. Voting must provide a secret ballot ◮ Q : If we can bank online, why can’t we make online voting work? ◮ A : Banking is not anonymous, so you can have identifiable receipts. Furthermore you can “undo” a bad banking transaction. Finally, bankers spend lots of money on security.

  36. Online voting security is an unsolved problem ◮ Q : Do we know how, even in theory, to make online voting secure?

  37. Online voting security is an unsolved problem ◮ Q : Do we know how, even in theory, to make online voting secure? ◮ A : No. Not even close.

  38. Online voting security is an unsolved problem ◮ Q : Do we know how, even in theory, to make online voting secure? ◮ A : No. Not even close.

  39. Online voting security is an unsolved problem ◮ Q : Do we know how, even in theory, to make online voting secure? ◮ A : No. Not even close. NIST: “additional research and development is needed to overcome these challenges before secure Internet voting will be feasible.” (No timeframe provided. No existing standards for IV.) ◮ NIST is being diplomatic. Secure Internet voting may in fact be an unsolvable problem.

  40. Some may say “Adversary won’t attack”

  41. The Internet is a war zone. Casualties are mounting. ◮ Easy challenge: Pick a random month within the last couple of years. Find a major company that was seriously hacked that month, which is bigger than all of the voting system vendors put together.

  42. The Internet is a war zone. Casualties are mounting. ◮ Easy challenge: Pick a random month within the last couple of years. Find a major company that was seriously hacked that month, which is bigger than all of the voting system vendors put together. ◮ Home Depot ($83B revenues in 2015) was hacked in 2014, disclosing 56 million credit card numbers. This week they agreed to pay $19M in fines; they expect to lose as much as $160M via lawsuits.

  43. Attackers are getting stronger and winning. ◮ “Advanced Persistent Threats”—Adversary keeps working on a company until it finds a “way in” to its systems.

  44. Attackers are getting stronger and winning. ◮ “Advanced Persistent Threats”—Adversary keeps working on a company until it finds a “way in” to its systems. ◮ Almost always succeeds, eventually.

  45. Attackers are getting stronger and winning. ◮ “Advanced Persistent Threats”—Adversary keeps working on a company until it finds a “way in” to its systems. ◮ Almost always succeeds, eventually. ◮ Recently Juniper Systems ($4B revenue 2014) found its source code had been hacked by unknown parties, leaving a “backdoor”.

  46. Attackers are getting stronger and winning. ◮ “Advanced Persistent Threats”—Adversary keeps working on a company until it finds a “way in” to its systems. ◮ Almost always succeeds, eventually. ◮ Recently Juniper Systems ($4B revenue 2014) found its source code had been hacked by unknown parties, leaving a “backdoor”. ◮ It may be months or years (average around 18 months) before a company even realizes it has been hacked.

  47. Sea change in security world assumptions ◮ The standard assumption used to be:

  48. Sea change in security world assumptions ◮ The standard assumption used to be: With good design and careful implementation, you can prevent security problems.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Electronic Voting Electronic voting at a precinct Analysis of an Internet Voting Focus

Electronic Voting Electronic voting at a precinct Analysis of an Internet Voting Focus

Electronic Voting Electronic voting at a precinct Analysis of an Internet Voting Focus is on preventing fraud on the part of Protocol people building and running system. Electronic voting over the internet Dale Neal Must

508 views • 5 slides
Internet Voting and Ranked Ballots 2018 Municipal Election Special Committee of the Whole

Internet Voting and Ranked Ballots 2018 Municipal Election Special Committee of the Whole

Internet Voting and Ranked Ballots 2018 Municipal Election Special Committee of the Whole January 30, 2017 Purpose Continuation of discussion of internet voting from October 5, 2015 Outline recommended voting method options for 2018

792 views • 32 slides
Facebook Changing the Face of Voting: How the Internet and Social Networking Sites Affected

Facebook Changing the Face of Voting: How the Internet and Social Networking Sites Affected

Facebook Changing the Face of Voting: How the Internet and Social Networking Sites Affected Youth Voting Behaviors in the 2008 Election Aleesha Larsen April 2012 So What? Voting behavior is always being researched In 2006 there were

261 views • 12 slides
Human Factors in Coercion-Resistant Internet Voting Oksana Kulyk I voted for A I voted

Human Factors in Coercion-Resistant Internet Voting Oksana Kulyk I voted for A I voted

Human Factors in Coercion-Resistant Internet Voting Oksana Kulyk I voted for A I voted for A +1 vote for B +1 vote for A ITU CIST 29/05/2019 1 Coercion in Internet Voting Internet voting is an unsupervised channel

580 views • 22 slides
Source Paper An Anonymous Electronic Voting Protocol An Electronic Voting Protocol for

Source Paper An Anonymous Electronic Voting Protocol An Electronic Voting Protocol for

Source Paper An Anonymous Electronic Voting Protocol An Electronic Voting Protocol for Voting Over the Internet, Indrajit Ray, (revisited) Indrakshi Ray, Natarajan Narasimhamurthi Paul Valiant extending work by Dale Neal &

441 views • 5 slides
Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys Rolf Haenni and Oliver

Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys Rolf Haenni and Oliver

Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys Rolf Haenni and Oliver Spycher Bern University of Applied Sciences, Switzerland http://e-voting.bfh.ch EVT/WOTE11, San Francisco August 9th, 2011 1 Outline

550 views • 23 slides
Exploiting the Client Vulnerabilities in Internet E-voting Systems: Hacking Helios 2.0 as an

Exploiting the Client Vulnerabilities in Internet E-voting Systems: Hacking Helios 2.0 as an

Exploiting the Client Vulnerabilities in Internet E-voting Systems: Hacking Helios 2.0 as an Example Saghar Estehghari 1 Yvo Desmedt 1 , 2 1 Department of Computer Science University College London, UK 2 Research Center for Information Security

572 views • 28 slides
March 13, 2014 1 Scantegrity 2 Process Modeling 3 Internet Voting March 13, 2014 ECS 235B Winter

March 13, 2014 1 Scantegrity 2 Process Modeling 3 Internet Voting March 13, 2014 ECS 235B Winter

Scantegrity Process Modeling Internet Voting March 13, 2014 1 Scantegrity 2 Process Modeling 3 Internet Voting March 13, 2014 ECS 235B Winter Quarter 2014 Slide 1 Scantegrity Process Modeling Internet Voting Scantegrity Goal: allow

346 views • 20 slides
Internet Voting Protocols with Everlasting Privacy Jeroen van de Graaf Joint work with Denise

Internet Voting Protocols with Everlasting Privacy Jeroen van de Graaf Joint work with Denise

Internet Voting Protocols with Everlasting Privacy Jeroen van de Graaf Joint work with Denise Demirel e Roberto Samarone jvdg@dcc.ufmg.br June 2012 Jeroen van de Graaf Joint work with Denise Demirel e Roberto Samarone Internet Voting Protocols

697 views • 40 slides
Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale electronic voting protocol: Primarily Internet-based Users voting from their own devices (such as home PC/laptop) Aimed toward actual

721 views • 21 slides
Coercion-Resistant Internet Voting with Everlasting Privacy Rolf Haenni (Philipp Locher, Reto E.

Coercion-Resistant Internet Voting with Everlasting Privacy Rolf Haenni (Philipp Locher, Reto E.

Coercion-Resistant Internet Voting with Everlasting Privacy Rolf Haenni (Philipp Locher, Reto E. Koenig) FC16, Bridgetown, Barbados, February 26, 2016 Bern University of Applied Sciences | Berner Fachhochschule | Haute ecole sp

735 views • 36 slides
Michigan Votes in 2020 Voter registration, absentee voting, and Election Day New Voting Laws New

Michigan Votes in 2020 Voter registration, absentee voting, and Election Day New Voting Laws New

Michigan Votes in 2020 Voter registration, absentee voting, and Election Day New Voting Laws New Michigan Voting Laws Prop 3 of 2018 added several voting policies to the Michigan constitution, including: straight-ticket voting, automatic

510 views • 15 slides
Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong

Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong

Lagrangian E-Voting Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong Privacy Scheme Description Registration Ballot Structure Casting a Vote ukasz Krzywiecki, Mirosaw Kutyowski Mixing

708 views • 66 slides
Electronic Voting for the 2018 Municipal Election Special Committee of the Whole March 6, 2017

Electronic Voting for the 2018 Municipal Election Special Committee of the Whole March 6, 2017

Electronic Voting for the 2018 Municipal Election Special Committee of the Whole March 6, 2017 Purpose Continuation of discussion of internet voting from the January 30, 2017 Special Committee of the Whole Outline Presentation from

559 views • 17 slides
T F A Statutes R D Voting T Voting about bullet points, not statutes details (wording

T F A Statutes R D Voting T Voting about bullet points, not statutes details (wording

European Pirate Party T F A Statutes R D Voting T Voting about bullet points, not statutes details (wording in statutes not relevant) F A Show all topics first, then start over with voting R D There is a limited amount of

650 views • 32 slides
CSC304 Lectures 17-18 Voting 3: Axiomatic, Statistical, and Utilitarian Approaches to Voting

CSC304 Lectures 17-18 Voting 3: Axiomatic, Statistical, and Utilitarian Approaches to Voting

CSC304 Lectures 17-18 Voting 3: Axiomatic, Statistical, and Utilitarian Approaches to Voting CSC304 - Nisarg Shah 1 Recap We introduced a plethora of voting rules Plurality Plurality with runoff Borda Kemeny Veto

303 views • 27 slides
Inclusion: or the Reverse? Michael Spence ISEO June 23, 2017 WEAK RECOVERIES IN DEVELOPED

Inclusion: or the Reverse? Michael Spence ISEO June 23, 2017 WEAK RECOVERIES IN DEVELOPED

CENTRIFIGAL FORCES IN THE GLOBAL ECONOMY: Is More Growth the Answer to Economic and Social Inclusion: or the Reverse? Michael Spence ISEO June 23, 2017 WEAK RECOVERIES IN DEVELOPED COUNTRIES Advanced Economies Output Gap China Grew with

902 views • 45 slides
How we implemented an LDAP directory for Laboratories A Case Study at Hong Kong Institute of

How we implemented an LDAP directory for Laboratories A Case Study at Hong Kong Institute of

How we implemented an LDAP directory for Laboratories Nick Urbanik How we implemented an LDAP directory for Laboratories A Case Study at Hong Kong Institute of Vocational Education (Tsing Yi), Department of ICT Nick Urbanik

1.17k views • 106 slides
Outline Key Management Properties of keys CS 239 Key management Computer Security

Outline Key Management Properties of keys CS 239 Key management Computer Security

Outline Key Management Properties of keys CS 239 Key management Computer Security Key servers February 7, 2005 Kerberos Certificates Lecture 8 Lecture 8 Page 1 Page 2 CS 239, Winter 2005 CS 239, Winter 2005

357 views • 12 slides
Next Generation of Identity Aware Applications. Fulup Ar Foll Liberty Alliance Technical Expert

Next Generation of Identity Aware Applications. Fulup Ar Foll Liberty Alliance Technical Expert

Next Generation of Identity Aware Applications. Fulup Ar Foll Liberty Alliance Technical Expert Group Master Architect, Global Software Practice Sun Microsystems. Fulup.ArFoll@sun.com p 1 San Diego April 2007 e-Government Trend France :

605 views • 18 slides
Advanced Architectures 15A. Distributed Computing Operating Systems Principles 15B.

Advanced Architectures 15A. Distributed Computing Operating Systems Principles 15B.

5/29/2016 Advanced Architectures 15A. Distributed Computing Operating Systems Principles 15B. Multi-Processor (and NUMA) Systems 15C. Tightly Coupled (SSI) Clusters Advanced Architectures 15D. Loosely Coupled (Horizontally Scalable) 15E.

206 views • 10 slides
MIKEY: Multimedia Internet KEYing <draft-ietf-msec-mikey-00.txt> Fredrik Lindholm 1 MIKEY

MIKEY: Multimedia Internet KEYing <draft-ietf-msec-mikey-00.txt> Fredrik Lindholm 1 MIKEY

IETF-52, SLC Key Management for Multimedia Sessions <draft-carrara-mm-kmgt-sol-00.txt> <draft-blom-mm-kmgt-00.txt> MIKEY: Multimedia Internet KEYing <draft-ietf-msec-mikey-00.txt> Fredrik Lindholm 1 MIKEY IETF-52, SLC

194 views • 16 slides
Neues zum Them a Trusted Com puting Wilhelm Dolle 12. Workshop des DFN CERT Director

Neues zum Them a Trusted Com puting Wilhelm Dolle 12. Workshop des DFN CERT Director

Neues zum Them a Trusted Com puting Wilhelm Dolle 12. Workshop des DFN CERT Director Information Technology Sicherheit in vernetzten Systemen interActive Systems GmbH 02./03. Mrz 2005, Hamburg Agenda Spezifikationen der Trusted

753 views • 28 slides
CS 557 - Lecture 3 Network Architecture End to End Arguments in System Design Saltzer, Reed,

CS 557 - Lecture 3 Network Architecture End to End Arguments in System Design Saltzer, Reed,

CS 557 - Lecture 3 Network Architecture End to End Arguments in System Design Saltzer, Reed, Clark, 1984 Design Philosophy of the DARPA Internet Protocols Clark 1988 Spring 2013 Architecture Dictionary definitions A style and method of

682 views • 24 slides

More recommend