masked ballot voting for receipt free online elections
play

Masked Ballot Voting for Receipt-Free Online Elections Roland Wen - PowerPoint PPT Presentation

May 12, 2023 •148 likes •509 views

Masked Ballot Voting for Receipt-Free Online Elections Roland Wen and Richard Buckland School of Computer Science and Engineering The University of New South Wales Sydney, Australia {rolandw,richardb}@cse.unsw.edu.au VOTE-ID 2009 1 / 35

  1. Masked Ballot Voting for Receipt-Free Online Elections Roland Wen and Richard Buckland School of Computer Science and Engineering The University of New South Wales Sydney, Australia {rolandw,richardb}@cse.unsw.edu.au VOTE-ID 2009 1 / 35

  2. Outline Background Receipt-Freeness Designing Receipt-Free Schemes Masked Ballot Voting Scheme Overview Voting Scheme Discussion 2 / 35

  3. Background Receipt-Freeness Receipt-Freeness in Online Elections ◮ Online elections have great potential but serious concerns remain ◮ Elections have unique and challenging security requirements ◮ Secret ballot prevents bribery and coercion ◮ ⇒ Voters can lie to 3rd parties ◮ Receipt-freeness: voters cannot prove how they voted ◮ No receipt (evidence) for the vote 3 / 35

  4. Background Receipt-Freeness Why Is Receipt-Freeness Difficult? 1. Electronic data is easy to copy ◮ ⇒ Easy to produce electronic evidence for the vote 2. Plausible there could be a powerful adversary who intercepts all Internet communication (eg packet sniffing by ISPs) ◮ ⇒ Verify evidence ◮ Need secret information that prevents adversary from verifying evidence ◮ ⇒ Strong assumptions during the election ◮ Hard to realise assumptions in practice 4 / 35

  5. Background Designing Receipt-Free Schemes Example: A Flawed Scheme ◮ Hypothetical voting scheme: voters and authorities only communicate via the Internet 5 / 35

  6. Background Designing Receipt-Free Schemes Example: A Flawed Scheme ◮ Hypothetical voting scheme: voters and authorities only communicate via the Internet VOTER Internet vote 42 ballot E 1337 random Gromit casts AUTHORITIES 20 1337 6 / 35

  7. Background Designing Receipt-Free Schemes Example: A Flawed Scheme ◮ Hypothetical voting scheme: voters and authorities only communicate via the Internet VOTER Internet vote 42 ballot E 1337 random Gromit casts AUTHORITIES 20 1337 ADVERSARY 7 / 35

  8. Background Designing Receipt-Free Schemes Example: A Flawed Scheme ◮ Hypothetical voting scheme: voters and authorities only communicate via the Internet VOTER Internet vote 42 ballot E 1337 random Gromit casts AUTHORITIES 20 1337 vote 41 random 19 ADVERSARY You lying dog! Gotcha! vote 41 ballot E 9009 random ≠ 1337 19 8 / 35

  9. Background Designing Receipt-Free Schemes 1. Untappable Channels Approach ◮ Untappable channels: adversary cannot intercept messages 9 / 35

  10. Background Designing Receipt-Free Schemes 1. Untappable Channels Approach ◮ Untappable channels: adversary cannot intercept messages AUTHORITIES Untappable channel 42 1337 vote ? ballot 41 9009 ... ... VOTER vote ? ballot 10 / 35

  11. Background Designing Receipt-Free Schemes 1. Untappable Channels Approach ◮ Untappable channels: adversary cannot intercept messages AUTHORITIES Untappable channel 42 1337 vote ? ballot 41 9009 ... ... VOTER vote ? ballot Internet vote ballot ? 42 1337 Gromit casts 1337 AUTHORITIES 11 / 35

  12. Background Designing Receipt-Free Schemes 1. Untappable Channels Approach ◮ Untappable channels: adversary cannot intercept messages AUTHORITIES Untappable channel 42 1337 vote ? ballot 41 9009 ... ... VOTER vote ? ballot Internet vote ballot ? 42 1337 Gromit casts 1337 AUTHORITIES vote 41 Gromit 1337 vote ?? ballot Is this the ADVERSARY real table? ...I'm stuffed! vote ballot ?? 41 1337? 12 / 35

  13. Background Designing Receipt-Free Schemes Problems with Untappable Channels ◮ Difficult to implement in practice ◮ Internet susceptible to eavesdropping by well-funded adversary ◮ Resolving disputes ◮ If voter claims authority is dishonest during the election, who is lying? ◮ Distributing trust among multiple authorities ◮ Voter must know identity of at least one trusted authority to lie safely ◮ Voter will be caught out if lying about messages from a corrupt authority ◮ ⇒ Typically have to assume no authorities collude with the adversary to bribe or coerce voters 13 / 35

  14. Background Designing Receipt-Free Schemes 2. Anonymous Channels Approach ◮ Anonymous channels: adversary cannot identify senders 14 / 35

  15. Background Designing Receipt-Free Schemes 2. Anonymous Channels Approach ◮ Anonymous channels: adversary cannot identify senders Untappable channel REGISTRAR VOTER Gromit is 86 15 / 35

  16. Background Designing Receipt-Free Schemes 2. Anonymous Channels Approach ◮ Anonymous channels: adversary cannot identify senders Untappable channel REGISTRAR VOTER Gromit is 86 vote 42 ballot Election start E 1337 random Anonymous channel 20 AUTHORITIES 86 casts 1337 16 / 35

  17. Background Designing Receipt-Free Schemes 2. Anonymous Channels Approach ◮ Anonymous channels: adversary cannot identify senders Untappable channel REGISTRAR VOTER Gromit is 86 vote 42 ballot Election start E 1337 random Anonymous channel 20 99 casts vote AUTHORITIES 9009 41 86 casts ballot E 1337 9009 random 19 17 / 35

  18. Background Designing Receipt-Free Schemes 2. Anonymous Channels Approach ◮ Anonymous channels: adversary cannot identify senders Untappable channel REGISTRAR VOTER Gromit is 86 vote 42 ballot Election start E 1337 random Anonymous channel 20 99 casts vote AUTHORITIES 9009 41 86 casts ballot E 1337 9009 random 19 I am 99 Who are vote 86 and 99? 41 random 19 ADVERSARY Is Gromit really 99? vote ...I'm stuffed! 41 ballot E 9009 random 19 18 / 35

  19. Background Designing Receipt-Free Schemes Problems with Anonymous Channels ◮ Difficult to implement in practice ◮ Hard to guarantee anonymity over Internet ◮ Eg mix-nets still require untappable channels between voters and mix-net ◮ Problems remain with offline untappable channels ◮ Resolving disputes ◮ Distributing trust 19 / 35

  20. Background Designing Receipt-Free Schemes 3. Trusted Randomisers Approach ◮ Trusted randomisers: generate secret randomness 20 / 35

  21. Background Designing Receipt-Free Schemes 3. Trusted Randomisers Approach ◮ Trusted randomisers: generate secret randomness VOTER vote 42 ballot E 1337 Untappable channel random 20 RANDOMISER 21 / 35

  22. Background Designing Receipt-Free Schemes 3. Trusted Randomisers Approach ◮ Trusted randomisers: generate secret randomness VOTER Internet vote 42 ballot E 1337 Gromit casts AUTHORITIES 1337 Untappable channel random 20 RANDOMISER 22 / 35

  23. Background Designing Receipt-Free Schemes 3. Trusted Randomisers Approach ◮ Trusted randomisers: generate secret randomness VOTER Internet vote 42 ballot E 1337 Gromit casts AUTHORITIES 1337 Untappable channel random 20 RANDOMISER vote 41 What is the random value? ADVERSARY ...I'm stuffed! vote 41 ballot E ? random ? 23 / 35

  24. Background Designing Receipt-Free Schemes Problems with Trusted Randomisers ◮ A lot of trust involved ◮ Hard to guarantee local channel is untappable ◮ Smart cards are tamper-resistant not tamper-proof ◮ Single point of failure 24 / 35

  25. Masked Ballot Voting Scheme Masked Ballot Voting Scheme Background Receipt-Freeness Designing Receipt-Free Schemes Masked Ballot Voting Scheme Overview Voting Scheme Discussion 25 / 35

  26. Masked Ballot Voting Scheme Overview Approach ◮ How to avoid strong assumptions during the election? ◮ Voters and authorities can only communicate via the Internet ◮ Adversary can intercept all messages ◮ ⇒ Voter must construct ballot without any assistance during the election ◮ ⇒ Adversary can verify the voter’s private data against eavesdropped ballot ◮ ⇒ Private data must appear to correspond with any possible vote ◮ How does a voter indicate the actual vote? ◮ Vote must depend on secret information obtained before the election 26 / 35

  27. Masked Ballot Voting Scheme Overview Masked Ballot Voting ◮ Assumption: untappable channels available only before the election (offline registration stage) ◮ All communication during the election is posted to authenticated bulletin board via Internet ◮ Purely a voting scheme ◮ The output is an encrypted vote for each voter ◮ Generic: independent of the vote encoding ◮ Subsequent counting scheme calculates the result 27 / 35

  28. Masked Ballot Voting Scheme Voting Scheme Registration Stage Untappable channel REGISTRAR mask VOTER 11 ◮ A registrar provides each voter V with a secret mask 1. Randomly select a mask m 2. Encrypt m → � m � 3. Post ( V , � m � ) to bulletin board 4. Construct designated-verifier proof d that � m � is an encryption of m 5. Send ( m , d ) to V via an untappable channel 28 / 35

  29. Masked Ballot Voting Scheme Voting Scheme Voting Stage Untappable channel REGISTRAR mask VOTER 11 vote 42 – 31 Election start mask Internet 11 ballot E 1337 random Gromit casts AUTHORITIES 20 1337 ◮ A voter casts a masked ballot for a vote v using mask m 1. Encrypt ( v − m ) → � v − m � 2. Construct proof p of plaintext knowledge 3. Post ( � v − m � , p ) to the bulletin board via the Internet 29 / 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Efficient Receipt-Free Ballot Casting Resistant to Covert Channels Ben Adida C. Andrew Neff

Efficient Receipt-Free Ballot Casting Resistant to Covert Channels Ben Adida C. Andrew Neff

Efficient Receipt-Free Ballot Casting Resistant to Covert Channels Ben Adida C. Andrew Neff EVT / WOTE August 11th, 2009 Montreal, Canada Andy uses a voting machine to prepare a ballot. Andy wants to verify that the machine properly

637 views • 32 slides
Free and Fair Free and Fair Elections Elections Twenty-first Century Challenges At the

Free and Fair Free and Fair Elections Elections Twenty-first Century Challenges At the

Free and Fair Free and Fair Elections Elections Twenty-first Century Challenges At the December TACIR meeting, Commissioners voted to study elections and voting methods in Tennessee Goals of the comprehensive study: Increasing public

979 views • 23 slides
1 London.ca/Elections 2 What is Ranked Choice Voting? The City of London used Ranked Choice

1 London.ca/Elections 2 What is Ranked Choice Voting? The City of London used Ranked Choice

1 London.ca/Elections 2 What is Ranked Choice Voting? The City of London used Ranked Choice Voting (a ranked ballot system) to elect municipal council in the 2018 election. This is a system that has been used around the world to tally

331 views • 9 slides
Voting in Maines Ranked Choice Election A non-partisan guide to ranked choice elections

Voting in Maines Ranked Choice Election A non-partisan guide to ranked choice elections

Voting in Maines Ranked Choice Election A non-partisan guide to ranked choice elections Summary: What is Ranked Choice Voting? A ranked choice ballot allows the voter to rank order the candidates: first choice, second choice, third

350 views • 19 slides
Census, Redistricting, and Voting How does voting work in Colorado? All registered voters

Census, Redistricting, and Voting How does voting work in Colorado? All registered voters

Census, Redistricting, and Voting How does voting work in Colorado? All registered voters with current addresses on file will automatically be mailed a ballot beginning October 9 You can register or update your registration online We

309 views • 4 slides
your new voting experience California Voter's Choice Act a new model that will modernize

your new voting experience California Voter's Choice Act a new model that will modernize

your new voting experience California Voter's Choice Act a new model that will modernize elections by allowing the voter to choose when, where, and how to vote beginning with March 3, 2020 Presidential Primary Election Receive Ballot at Home

282 views • 10 slides
ThreeBallot, VAV, and Twin Ronald L. Rivest MIT CSAIL Warren D. Smith - CRV Talk at EVT07

ThreeBallot, VAV, and Twin Ronald L. Rivest MIT CSAIL Warren D. Smith - CRV Talk at EVT07

Ballot + G - B Ballot Box Mixer + B Receipt ThreeBallot, VAV, and Twin Ronald L. Rivest MIT CSAIL Warren D. Smith - CRV Talk at EVT07 (Boston) August 6, 2007 Outline End-to-end voting systems ThreeBallot VAV

827 views • 38 slides
Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e

Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e

Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e catholique de Louvain Based on joint works with: D. Bernhard, V. Cortier, E. Cuvelier, T. Peters and B. Warinschi March 2015 UCL Crypto Group Vote

415 views • 29 slides
On the Absentee Ballot What will we be voting on? 1) The Remsen Central School budget for

On the Absentee Ballot What will we be voting on? 1) The Remsen Central School budget for

On the Absentee Ballot What will we be voting on? 1) The Remsen Central School budget for 2020-2021 2) To elect one member to the Board of Education for a term of 5 years 3) To approve the purchase of one new, small bus How to Vote Absentee

309 views • 6 slides
Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong

Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong

Lagrangian E-Voting Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong Privacy Scheme Description Registration Ballot Structure Casting a Vote ukasz Krzywiecki, Mirosaw Kutyowski Mixing

708 views • 66 slides
Verifiable Elections That Scale for Free Melissa Chase (MSR Redmond) Markulf Kohlweiss (MSR

Verifiable Elections That Scale for Free Melissa Chase (MSR Redmond) Markulf Kohlweiss (MSR

Verifiable Elections That Scale for Free Melissa Chase (MSR Redmond) Markulf Kohlweiss (MSR Cambridge) Anna Lysyanskaya (Brown University) Sarah Meiklejohn (UC San Diego) 1 10,000-foot view of cryptographic voting 2 10,000-foot view of

2.01k views • 146 slides
Voting and Elections Chapter 8 Who will guard the guardians? The idea of being

Voting and Elections Chapter 8 Who will guard the guardians? The idea of being

Voting and Elections Chapter 8 Who will guard the guardians? The idea of being qualified to vote raises problems Our answer to this question has changed a lot over time Restrictions on Franchise Colonial times

592 views • 57 slides
Short Ballot Assumption and Threeballot E-voting Voting Protocol Threeballot Strauss Attack

Short Ballot Assumption and Threeballot E-voting Voting Protocol Threeballot Strauss Attack

Threeballot and SBA Cicho n, Kutyowski, We glorz Short Ballot Assumption and Threeballot E-voting Voting Protocol Threeballot Strauss Attack SBA Jacek Cicho n Mirosaw Kutyowski Bogdan We glorz Results 2

653 views • 44 slides
Eligible Voting Population for 2008 30 25.9 43.96 U.S. Elections Project

Eligible Voting Population for 2008 30 25.9 43.96 U.S. Elections Project

Eligible Voting Population for 2008 30 25.9 43.96 U.S. Elections Project http://elections.gmu.edu/Turnout_2010G.html Eligible Voting Population for 2010 40.9 59.1 U.S. Elections Project http://elections.gmu.edu/Turnout_2010G.html

347 views • 23 slides
ASUCR ELECTIONS SURVEY RECOMMENDATIONS Improve distribution of information to students about

ASUCR ELECTIONS SURVEY RECOMMENDATIONS Improve distribution of information to students about

ASUCR ELECTIONS SURVEY RECOMMENDATIONS Improve distribution of information to students about elections Provide more voting incentives to students Improve voting location accessibility Attract a more diverse range of candidates

214 views • 17 slides
on Voting in Congressional and Presidential Elections Jon A. Krosnick, Bo MacInnis, Ana Villar

on Voting in Congressional and Presidential Elections Jon A. Krosnick, Bo MacInnis, Ana Villar

American Public Opinion on Climate Change and Its Impact on Voting in Congressional and Presidential Elections Jon A. Krosnick, Bo MacInnis, Ana Villar Stanford University Funded by Woods Institute for the Environment at Stanford University ABC

1.07k views • 96 slides
Random Projections, Margins, Kernels and Feature Selection Adithya Pediredla Rice University

Random Projections, Margins, Kernels and Feature Selection Adithya Pediredla Rice University

Random Projections, Margins, Kernels and Feature Selection Adithya Pediredla Rice University Electrical and Computer Engineering 1 SVM: Revision f ( x i ) = w T x i + b 2 SVM: Revision f ( x i ) = w T x i + b N w R d w 2 + C

734 views • 39 slides
RapidChain:Scaling Blockchain via Full Sharding Jinghui Liao Outlines Background

RapidChain:Scaling Blockchain via Full Sharding Jinghui Liao Outlines Background

RapidChain:Scaling Blockchain via Full Sharding Jinghui Liao Outlines Background Protocol Evaluation Conclusion Background POW and/or POS Low transaction throughput High latency Poor energy efficiency

448 views • 13 slides
Random forests and wine Machine Learning Toolbox Random forests Popular type of machine

Random forests and wine Machine Learning Toolbox Random forests Popular type of machine

MACHINE LEARNING TOOLBOX Random forests and wine Machine Learning Toolbox Random forests Popular type of machine learning model Good for beginners Robust to overfi ing Yield very accurate, non-linear models Machine

553 views • 31 slides
Introduction to Multilevel Analysis Prof. Dr. Ulrike Cress Knowledge Media Research Center

Introduction to Multilevel Analysis Prof. Dr. Ulrike Cress Knowledge Media Research Center

Introduction to Multilevel Analysis Prof. Dr. Ulrike Cress Knowledge Media Research Center Tbingen Aim of this session Whats the problem about multilevel data? Options to handle multilevel data in CSCL Caution: After this

1.13k views • 53 slides
Range Trees Carola Wenk Slides courtesy of Charles Leiserson with small changes by Carola Wenk

Range Trees Carola Wenk Slides courtesy of Charles Leiserson with small changes by Carola Wenk

CS 5633 -- Spring 2008 Range Trees Carola Wenk Slides courtesy of Charles Leiserson with small changes by Carola Wenk 2/28/08 CS 5633 Analysis of Algorithms 1 Orthogonal range searching Input: n points in d dimensions E.g., representing

339 views • 17 slides
Multi Multi-dimensional Data and Spatial Range dimensional Data and Spatial Range Query in

Multi Multi-dimensional Data and Spatial Range dimensional Data and Spatial Range Query in

Multi Multi-dimensional Data and Spatial Range dimensional Data and Spatial Range Query in Sensor Networks Query in Sensor Networks 1 Orthogonal range search Orthogonal range search Find all the sensors inside a rectangular box.

649 views • 38 slides
Set-Difference Range Queries David Eppstein , Michael T. Goodrich, and Joseph A. Simons 25th

Set-Difference Range Queries David Eppstein , Michael T. Goodrich, and Joseph A. Simons 25th

Set-Difference Range Queries David Eppstein , Michael T. Goodrich, and Joseph A. Simons 25th Canadian Conference on Computational Geometry Waterloo, Ontario, August 2013 Spot the difference A popular type of childrens puzzle CC-BY-SA image

606 views • 17 slides
I/O-Efficient Data Structures for Colored Range and Prefix Reporting Kasper Green Larsen,

I/O-Efficient Data Structures for Colored Range and Prefix Reporting Kasper Green Larsen,

I/O-Efficient Data Structures for Colored Range and Prefix Reporting Kasper Green Larsen, MADALGO, Aarhus University Rasmus Pagh, IT University of Copenhagen Presenter: Yakov Nekrich 1 Motivating example Jag ligger och ska somna, jag ser

700 views • 25 slides

More recommend