Internet Voting
description
Transcript of Internet Voting
![Page 1: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/1.jpg)
Internet Votinga menace to society?
Jan Meijer
![Page 2: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/2.jpg)
![Page 3: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/3.jpg)
POWER
![Page 4: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/4.jpg)
You exercise your right to vote...• If you are elligable• Anonymous• In private, it’s YOUR vote, leave your
consultant at home• to elect well defined subject(s)
According to a well defined process
![Page 5: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/5.jpg)
Water boards & RIES
• 2003, Water board Rijnland, Rijnland Internet Election System
• 1.2 million voters• 300k for Internet voting
Postal + Internet
![Page 6: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/6.jpg)
RIES: The ”Robers” protocol
• Herman Robers. Electronic elections employing DES smartcards. Master's thesis, Delft University of Technology, December 1998. http://www.iscit.surfnet.nl/team/Herman/election.ps.
• http://www.cs.ru.nl/W.Pieters/compsac2005.pdf
• Virtual ballot using DES
![Page 7: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/7.jpg)
3 phase system
• Phase 1: Prepare. – Distribute pseudo Id and voter secret to each
voter• Phase 2: Voting window• Phase 3: Tally
![Page 8: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/8.jpg)
Network paradigmclient (voter) server (polling station)network (internet)process stage
vote process
processingverification
vote contact
vote materials
vote result
vote confirmation
unsecured
secured
![Page 9: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/9.jpg)
Security is a mindset
![Page 10: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/10.jpg)
Know your goal: won the battle..
![Page 11: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/11.jpg)
Know your risks
![Page 12: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/12.jpg)
shit will happen
![Page 13: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/13.jpg)
Know when it’s good enough...
![Page 14: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/14.jpg)
System characteristics
• Peak performance 2004: 23 voters/s over SSL• Holistic approach• Compartimentalized security• Layered security• Sustain multiple component failure• BCP, common sense• ”Lazy running”• Dirt cheap
![Page 15: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/15.jpg)
Not in outer space
• You scavenge...• A network• Existing services (DNS, RPS, NTP, ...)• SURFnet-CERT• ...
![Page 16: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/16.jpg)
Architecture overview
![Page 17: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/17.jpg)
Our dashboard
![Page 18: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/18.jpg)
It worked…Resource usageRijnland elections
![Page 19: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/19.jpg)
No peak?
vote server 1, 2006 vote server 2, 2006
vote server 1, Dommelvote server 1, Rijnland
![Page 20: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/20.jpg)
So, a menace to society?
ONLY IF DONE BADLY
![Page 21: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/21.jpg)
Easiest to monitor
10.000 polling stations(Nigeria, UK, NL?)
or
1 station
![Page 22: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/22.jpg)
/me?
• Voting by the people, for the people: it’s democracy stupid!
• Internet age opportunity• Publicly owned system, open source• End commercial incompetence• Power to the people!
State of our eVoting systems is a professional disgrace!
![Page 23: Internet Voting](https://reader035.fdocuments.us/reader035/viewer/2022081503/56815b69550346895dc95f26/html5/thumbnails/23.jpg)
Still not convinced?http://www.theregister.co.uk/2007/05/17/sarasota_county_network_breached/
“Slammer turns Florida election result into worm food”
…The county server was breached on the first day of early voting in the 2006 election, which included a now-disputed race for a seat in the US House of Representatives. The attack code was a variant of the infamous Slammer worm that penetrated the county's server, which unbelievably, was missing five years worth of security patches…