1 / 22

Electronic Voting A Challenge for CC Certification

5th ICCC, Berlin. Electronic Voting A Challenge for CC Certification. Roland Vogt Deutsches Forschungszentrum für German Research Center for Künstliche Intelligenz (DFKI) Artificial Intelligence – Prüfstelle für IT-Sicherheit – – CLEF for IT Security –.

umeko
Télécharger la présentation

Electronic Voting A Challenge for CC Certification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 5th ICCC, Berlin Electronic VotingA Challenge for CC Certification Roland Vogt Deutsches Forschungszentrum für German Research Center for Künstliche Intelligenz (DFKI) Artificial Intelligence – Prüfstelle für IT-Sicherheit – – CLEF for IT Security – 5th ICCC, Berlin

  2. e-voting:an e-election or e-referendum that involves the use of electronic means in at least the casting of the vote remote e-voting:e-voting where the casting of the vote is done by a device not controlled by an election official network e-voting:e-voting that involves the use of networks in the casting of the vote or in the voter identification open network e-voting:network e-voting where the networks are open to public access e-voting … what is it? 5th ICCC, Berlin

  3. e-voting … where is it? • Ireland • Since 2000: testing of kiosk e-Voting • Not introduced for the 2004 EP elections • United Kingdom • Piloting internet e-Voting at municipal level • Expected extension to the 2004 EP elections not realised • France • May 2003: internet e-Voting of the „High Council of French Citizens Abroad“ • Italy & France • Testing internet e-Voting in polling and police stations at the 2004 EP elections 5th ICCC, Berlin

  4. e-voting … where is it? • Austria • Testing e-voting in large-scale university projects • Planning to pilot remote e-voting for expatriates • Switzerland • Piloting remote e-voting at 3 local referenda and, recently, a federal referendum • Germany • Since 1999: Piloting e-voting at non-parliamentary elections, e.g. public and private employees councils • Spain • Testing internet e-voting for Catalonians abroad at the 2003 regional parliament election 5th ICCC, Berlin

  5. e-voting … where is it? • Estonia • Planning to pilot internet e-voting at local elections in autumn 2005 • Netherlands • Running e-voting at polling stations • Piloting internet and telephone e-voting at the 2004 EP elections • USA • Running e-voting at polling stations • Plans of internet e-voting for expatriotes at the Nov. 2004 presidential election stopped 5th ICCC, Berlin

  6. e-voting … why is it? • Mobility of Voters • Increasing turnout • Reducing overall election costs • Correct counting • Megatrend: Doing everything electronically! Why not voting? 5th ICCC, Berlin

  7. e-voting tasks • Voter registration • Voter identification • Vote casting • Vote counting • Vote archiving 5th ICCC, Berlin

  8. Construction of e-voting systems Many variations in • Architecture (components, connections, …) • Protocols (Identification, Auditing, …) • Mechanisms (Crypto, Anonymity, …) 5th ICCC, Berlin

  9. Security of e-voting systems • Many vulnerabilities and flaws have been discovered … … which is not surprising: • Complex design • Complex legal framework • Complex social debate 5th ICCC, Berlin

  10. Security of e-voting systems Election should be … • Universal • Equal • Free • Secret • Direct 5th ICCC, Berlin

  11. Security of e-voting systems Council of Europe security principles: Prevent the identity of the voter being disclosed to others during • Authentication • Vote cast • Vote storage and counting 5th ICCC, Berlin

  12. Security of e-voting systems Geneva 11 commandments for internet voting • Votes cannot be intercepted nor modified • Votes cannot be known before the official ballot reading • Only registered voters will be able to vote • Each voter will have one and only one vote • Vote secrecy is guaranteed; it never will be possible to link a voter to his/her vote • The voting website will resist any denial of service attack • The voter will be protected against identity theft • The number of cast votes will be equal to the number of received ballots • It will be possible to prove that a given citizen has voted • The system will not accept votes outside the ballot opening period • The system will be audible 5th ICCC, Berlin

  13. The challenge US DoD:“Concerns were raised that, given the current security vulnerabilities of the Internet and voters’ personal computers, no Internet voting system could be 100% secure. Rather than potentially bringing the integrity of the election results into doubt, the Department of Defense has decided not to deploy the SERVE system for use in 2004.” 5th ICCC, Berlin

  14. The challenge SERVE security report:„There is no good way to build such a voting system without a radical change in overall architecture of the Internet and the PC, or some unforeseen security breakthrough.“ 5th ICCC, Berlin

  15. The challenge • Why not reusing the huge experience in building e-business systems? • Because e-voting is different! 5th ICCC, Berlin

  16. The challenge • There are conflicting security objectives: • It will be possible to prove that a given citizen has voted • Vote secrecy is guaranteed; it never will be possible to link a voter to his/her vote • Challenge part 1: Balancing election principles 5th ICCC, Berlin

  17. The challenge • There are conflicting trust policies • Voter verifiable audit trail • Voter will not be able to prove his/her vote decision (no vote receipts) • Challenge Part 2: Resolving trust obligations 5th ICCC, Berlin

  18. CC approach Election Principles Universal Equal Free Secret Direct Protection Profile: E-voting security policy 5th ICCC, Berlin

  19. Existing work • Council of Europe:Integrated Projekt 1 „Making democratic institutions work“ • Recommendation on legal and operational standards for e-enabled voting • Explanatory Memorandum on technical standards has been developed along the Common Criteria Methodology 5th ICCC, Berlin

  20. Existing work • IEEE P1583: „Standard for the Evaluation of Voting Equipment” (current draft 5.0; V5.3 to be finalized in October 2004) • Annex C “Generic Protection Profile For Vote Recording Equipment” • Critic: “We also support the idea of modernizing our election process using digital technology, as long as we maintain, or better yet, increase the trustworthiness of the election processes along the way. But this standard does not do this, and it must be reworked.” 5th ICCC, Berlin

  21. Existing work • PTB Catalog of Requirements„Online Voting Systems for Non-parliamentary elections“ • Current German requirements • Amendment with a Protection Profile for vote casting equipment in perparation 5th ICCC, Berlin

  22. Conclusion E-voting is an important field forCommon Criteria certification 5th ICCC, Berlin

More Related