Biometrics using Electronic Voting System with Embedded Security
Voting Security Overview
-
Upload
ben-adida -
Category
Technology
-
view
1.732 -
download
1
description
Transcript of Voting Security Overview
![Page 1: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/1.jpg)
(Electronic)Voting Security
Ben AdidaHarvard University
Workshop on Electronic VotingIDC Herzliya17 May 2009
![Page 2: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/2.jpg)
The Point of An Election
![Page 3: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/3.jpg)
The Point of An Election
“The People have spoken....the bastards!”
Dick Tuck1966 Concession Speech
![Page 4: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/4.jpg)
The Point of An Election
“The People have spoken....the bastards!”
Dick Tuck1966 Concession Speech
Provide enough evidenceto convince the loser.
![Page 5: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/5.jpg)
![Page 6: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/6.jpg)
"That's for me and a button to know."
Joe, the plumber.
![Page 7: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/7.jpg)
5
![Page 8: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/8.jpg)
5
![Page 9: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/9.jpg)
5
![Page 10: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/10.jpg)
5
![Page 11: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/11.jpg)
5
![Page 12: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/12.jpg)
5
![Page 13: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/13.jpg)
5
![Page 14: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/14.jpg)
6
![Page 15: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/15.jpg)
6
![Page 16: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/16.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 17: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/17.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 18: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/18.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 19: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/19.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 20: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/20.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 21: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/21.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 22: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/22.jpg)
Fashionable Voting
http://www.cs.uiowa.edu/~jones/voting/pictures/7
![Page 23: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/23.jpg)
Fashionable Voting
8
![Page 24: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/24.jpg)
Fashionable Voting
8
![Page 25: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/25.jpg)
Voting is a fundamentally difficult problem.
9
![Page 26: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/26.jpg)
Wooten got the news from his wife, Roxanne, who went to City Hall on Wednesday
to see the election results.
"She saw my name with zero votes by it.She came home and asked me ifI had voted for myself or not."
10
![Page 27: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/27.jpg)
11
![Page 28: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/28.jpg)
11
14
12
![Page 29: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/29.jpg)
11
1 person, 1 vote
14
12
![Page 30: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/30.jpg)
Enforced Privacyto ensure each voter
votes in his/herown interest
12
![Page 31: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/31.jpg)
http://www.cs.uiowa.edu/~jones/voting/pictures/ 13
![Page 32: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/32.jpg)
http://www.cs.uiowa.edu/~jones/voting/pictures/
1892 - Australian Ballot
14
![Page 33: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/33.jpg)
![Page 34: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/34.jpg)
![Page 35: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/35.jpg)
The Ballot Handoff
Alice the Voter
17
McCain
![Page 36: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/36.jpg)
The Ballot Handoff
Alice the Voter
17
McCain
![Page 37: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/37.jpg)
The Ballot Handoff
Alice the Voter
17
McCain
![Page 38: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/38.jpg)
The Ballot Handoff
Alice the Voter
17
McCain
![Page 39: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/39.jpg)
The Ballot Handoff
Alice the Voter
17
McCain
ObamaObamaObama
McCainMcCain
McCain
![Page 40: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/40.jpg)
The Ballot Handoff
Alice the Voter
17
McCain
ObamaObamaObama
McCainMcCain
Black Box
McCain
![Page 41: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/41.jpg)
Chain of Custody
18
![Page 42: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/42.jpg)
Chain of Custody
Vendor
/*
* source
* code
*/
if (...
1
18
![Page 43: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/43.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
18
![Page 44: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/44.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
18
![Page 45: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/45.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
4
Alice
18
![Page 46: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/46.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
4
Alice
18
![Page 47: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/47.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
Ballot Box Collection
5
4
Alice
18
![Page 48: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/48.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
Ballot Box Collection
5
Results
.....6
4
Alice
18
![Page 49: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/49.jpg)
Chain of Custody
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
Ballot Box Collection
5
Results
.....6
4
Alice
Black Box18
![Page 50: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/50.jpg)
The Cost of Secrecy
![Page 51: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/51.jpg)
The Cost of Secrecy
![Page 52: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/52.jpg)
The Cost of Secrecy
![Page 53: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/53.jpg)
The Cost of Secrecy
![Page 54: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/54.jpg)
The Cost of Secrecy
![Page 55: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/55.jpg)
But Secrecy is Important.
Secret Ballot implemented in Chile in 1958.
“the secrecy of the ballot [...] has first-order implications for resource
allocation, political outcomes, and social efficiency.”
[BalandRobinson 2004]
![Page 56: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/56.jpg)
Because we care about a meaningful result, we’ve made auditing
very difficult.
21
![Page 57: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/57.jpg)
We are left chasing evidence of correctness.
Meanwhile we destroy evidence on purpose.
22
![Page 58: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/58.jpg)
Obtaining Evidence
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
Ballot Box Collection
5
Results
.....6
4
Alice
23
![Page 59: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/59.jpg)
Obtaining Evidence
- source code audit
- Logic & Accuracy
- Parallel Testing
- Voter-Verified Paper Audit Trail
VotingMachine
2
Vendor
/*
* source
* code
*/
if (...
1
Polling Location
3
![Page 60: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/60.jpg)
Obtaining Evidence
Polling Location
3
4
Alice
- Multiple poll watcherscompeting affiliations
- No personal electronic devicesat the polling station
- Logging all events
![Page 61: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/61.jpg)
Obtaining Evidence
- redundant counts
- ballot box seals
- statistical auditing by partial recounts
Ballot Box Collection
5
Results
.....6
![Page 62: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/62.jpg)
Fragmented, Adversarial and Indirect
- each piece of evidence coversa small segment of the chain.
- attacker knows the checks, and can try to sneak in where the chain is not covered.
- to maintain security and for practical purposes, the evidence is very indirect.
![Page 63: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/63.jpg)
The Effect of DREs
- More to audit
- Errors can have disproportionate effects
- Software is not just for speed/efficiency,it becomes central for integrity.
![Page 64: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/64.jpg)
Software Independence
an undetected mistake in the system does not cause an
undetectable error in the tally.
![Page 65: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/65.jpg)
Can we getmore direct,
more end-to-end evidence?
![Page 66: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/66.jpg)
Secret Ballot vs. Verifiability
Voting System
Alice
convince
Carl the Coercer
31
![Page 67: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/67.jpg)
Secret Ballot vs. Verifiability
Voting System
Alice
convince
Carl the Coercer
31
[Chaum81], [Benaloh85], [PIK93], [BenalohTuinstra92], [SK94], [Neff2001], [FS2001],[Chaum2004], [Neff2004], [Ryan2004], [Chaum2005]
Punchscan, Scantegrity I & II, Civitas, ThreeBallot, Prêt-à-Voter, Scratch & Vote, ...
![Page 68: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/68.jpg)
Bulletin Board
Public Ballots
Bob:McCain
Carol:Obama
32
![Page 69: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/69.jpg)
Bulletin Board
Public Ballots
Bob:McCain
Carol:Obama
Alice
32
![Page 70: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/70.jpg)
Bulletin Board
Public Ballots
Alice:Obama
Bob:McCain
Carol:Obama
Alice
32
![Page 71: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/71.jpg)
Bulletin Board
Public Ballots
Alice:Obama
Bob:McCain
Carol:Obama
Tally
Obama....2McCain....1
Alice
32
![Page 72: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/72.jpg)
Encrypted Public BallotsBulletin Board
Alice:Rice
Bob:Clinton
Carol:Rice
Tally
Obama....2McCain....1
Alice
33
![Page 73: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/73.jpg)
Encrypted Public BallotsBulletin Board
Alice:Rice
Bob:Clinton
Carol:Rice
Tally
Obama....2McCain....1
Alice
Alice verifies her vote
33
![Page 74: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/74.jpg)
Encrypted Public BallotsBulletin Board
Alice:Rice
Bob:Clinton
Carol:Rice
Tally
Obama....2McCain....1
Alice
Alice verifies her vote Everyone verifies the tally
33
![Page 75: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/75.jpg)
End-to-End Verification
![Page 76: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/76.jpg)
End-to-End Verification
Polling Location
VotingMachine
Vendor
/*
* source
* code
*/
if (...
![Page 77: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/77.jpg)
End-to-End Verification
Polling Location
VotingMachine
Vendor
/*
* source
* code
*/
if (...
Ballot Box /
Bulletin Board
Alice
![Page 78: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/78.jpg)
End-to-End Verification
Polling Location
VotingMachine
Vendor
/*
* source
* code
*/
if (...
Ballot Box /
Bulletin Board
Alice
Results
.....
![Page 79: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/79.jpg)
End-to-End Verification
Polling Location
VotingMachine
Vendor
/*
* source
* code
*/
if (...
Receipt
1
Ballot Box /
Bulletin Board
Alice
Results
.....
![Page 80: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/80.jpg)
End-to-End Verification
Polling Location
VotingMachine
Vendor
/*
* source
* code
*/
if (...
Receipt
1 2
Ballot Box /
Bulletin Board
Alice
Results
.....
![Page 81: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/81.jpg)
Open-AuditElections
![Page 82: Voting Security Overview](https://reader033.fdocuments.us/reader033/viewer/2022060106/55492f50b4c905a54c8c156e/html5/thumbnails/82.jpg)
Evidence-Based Elections