Slide 1OverviewPaper ReviewCase StudiesWhat went wrong?Case StudyWhat went wrong here?Cryptographic FoundationsBlind Ballot using PKCIs message/vote truly blinded?Modified Blind Ballot using PKIModified Voting ProtocolComparison of electionsTechnology Risks for Online VotingElection Risk & SecurityTrust in technology/internetZone 1 - SecurityZone 2 - SecurityWeb App Security RisksZone 3 - SecurityZone 4 - SecurityConclusionSourcesSecurity Issues Facing Online Voting SystemsJoe HernandezMEIA CS-6910Dr. ChowOverviewSecurity of Remote Online Voting [1]Two Case StudiesTroubles faced by each electionCryptographic FoundationsBlind Ballot using Public Key Cryptography (PKC)Voting Protocol using PKCBlind Ballot using Public Key Infrastructure (PKI)Modified Voting Protocol using PKITechnology Risks Facing Online VotingElection Risk & SecuritySuggested security measures for online votingJuly 25, 2011Jhernandez/Online Voting System2Paper ReviewThe Security of Remote Online Voting [1]Paper Discusses two cases of Internet VotingArizona Democratic Party Election in 2000 Student Council Elections @ University of VirginiaThe internet will solve typical voting problemsEliminate “Hanging Chad” Speed up counting processEliminate lengthy recountsIncrease voter turnoutGuarantee the intent of the voter (simplify voting)July 25, 2011Jhernandez/Online Voting System3Case Studies2000 Arizona Democratic PrimaryFirst major use of internet voting A legally binding political electionConsidered a “Private” election Not subject to voting standardsContracted out to election.comVendor claimed success (financial motivation)Many things went wrong!!July 25, 2011Jhernandez/Online Voting System4What went wrong?Failed to heed warnings from Tech ExpertsVoters forgot, lost, received wrong PIN #’s Violated “Secret Ballot” by assigning PINsMinority access to internet/computers Computer/Browser compatibility issuesSite down for an hour on election dayNo customer service / limited help desk supportMultiple lawsuits filedViolated 1965 Voting Rights ActBelief security was “Airtight”Used proprietary encryption algorithm July 25, 2011Jhernandez/Online Voting System5Case StudyUniversity of Virginia Student Council ElectionsSmall, simple, successfulPaper ballots not effectiveEase of Internet access among campus population Minimal hardware/software necessaryEase of authentication with a small populationSimilar problems to Arizona ElectionJuly 25, 2011Jhernandez/Online Voting System6What went wrong here?Believed in community of “Trust”Servers crashed within minutes of the electionStudent information was publically availableMaking it easy to hijack someone's voteVotes were not encrypted in transmissionStudents restricted from votingBased on departmentOverseas students could not voteBased on “Class Status” determined by credit hoursAlphabetical ordering of candidatesStudent’s on top appeared to be favoredFundamental tradeoff between security and convenienceJuly 25, 2011Jhernandez/Online Voting System7Cryptographic FoundationsOnline voting depends upon Public Key CryptographyDiffe-Hellman public key exchange 1976 Changed cryptography foreverAllows for two people to generate a secret key RSA allowed for use of two keys (Public & Private)RSA also allows for digital signature of messagesPKC used for Authentication and ConfidentialityMakes (theoretical) online voting possibleCan be used to generate “Blind Ballots”Blind Ballots – Voters right to keep vote privateJuly 25, 2011Jhernandez/Online Voting System8Blind Ballot using PKCMessage(M)M * rBlindingFactor(r)EKR (M*r)BlindedDoc(M * r)Notary’sSignature(KR)SignedBlindedDocEKR (M*r)Divide byBlindingFactor(r)EKR (M*r)SignedMessageEKR (M)Is something wrong with this methodJuly 25, 2011Jhernandez/Online Voting System9Is message/vote truly blinded?Voter received a PIN DuringRegistrationPINBlinded BallotAnd PINSent to ValidatorPIN DatabaseRegistrationServerValidates VotersPin Signs Ballot &Sends back to VoterBlinded BallotSigned by ValidatorVoter removes blindingAnd passes signed ballotTo tallier anonymously*EKR (M*r) + PIN EKV(EKR (M*r))EKV(M)ValidatedVote talliedJuly 25, 2011Jhernandez/Online Voting System10Modified Blind Ballot using PKIMessage(M)EEPK(M)Election PublicKey (EPK)EPK (M) + PINEncrypted VoteEPK(M)(Blinded)Voters PINFrom Registration Process(EVPK ((EEPK (M) + PIN))Validators Public Key (VPK)Vote blinded from ValidatorConfidentiality and Integrity Provided between voter and ValidatorJuly 25, 2011Jhernandez/Online Voting System11Modified Voting ProtocolEncryptedBlinded Ballot With PINPIN DatabaseDecrypts & Validates Vote, Removes PIN Signs Ballot with Private KeySends to VoterDatabaseBlinded BallotSigned by Validator(EVPK ((EEPK (M) + PIN))ValidatedVotes tallied(Must have ElectionPrivate Key)VoteDatabaseVoting DatabaseSigned Blinded Ballot Entered Into Database(EVPRK (EEPK (M)))(EVPRK (EEPK (M)))Is PIN ValidJuly 25, 2011Jhernandez/Online Voting System12Comparison of electionsArizona Election•Large scale election•Traditional methods-Status Quo•Legally binding•Internet not available to everyone•Lawsuits filled•Some voters could not vote•Large target audience (State)•Authorization req. Registration•Large political target for hackers•Undisclosed funds spent•Security a major concern •Trust a major issue!!•Considered a failureUniversity of Virginia •Small scale election•Traditional methods to costly•Not legally binding •Everyone had internet access•No legal requirements•Voters unable to vote•Small targeted group (Campus)•Authorization via Registration•Small target for hackers (No gain)•Managed in house by IT Dep.•Trade security for convenience•Trust within community!!•Considered a successJuly 25, 2011Jhernandez/Online Voting System13Technology Risks for Online VotingSecurity Risks associated with Online VotingInternet is still a very insecure mediumSpyware, Malicious Code, Botnets, Hackers, Oh My!!!Spam – Bogus e-mails or links to Bogus Voter WebsitesPoorly developed applicationsDistribute / Denial of Service Attacks (DOS / DDOS) Physical attacks possible Insider threat, intentional or unintentionalRarely a brute force attack against crypto algorithmsJuly 25,
View Full Document