1 / 73

6. Esoteric Protocols secure elections and multi-party computation

6. Esoteric Protocols secure elections and multi-party computation. Kim Hyoung-Shick. Contents. 1. Secure elections Introduction Protocols 2. Secure multiparty computation Introduction Examples 3. Conclusion. Contents. 1. Secure elections Introduction Protocols

anahid
Télécharger la présentation

6. Esoteric Protocols secure elections and multi-party computation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick

  2. Contents • 1. Secure elections • Introduction • Protocols • 2. Secure multiparty computation • Introduction • Examples • 3. Conclusion

  3. Contents • 1. Secure elections • Introduction • Protocols • 2. Secure multiparty computation • Introduction • Examples

  4. Voting What is the requirements ?

  5. Voting Secure Booth ?

  6. Voting Fair judge ?

  7. Voting Privacy ! Fairness ! We need two major requirements.

  8. Traditional Voting Vs Electronic Voting • Privacy • Fairness • Efficiency

  9. Problems with Electronic Voting • No physical audit trail • Who provides the system? • How are they audited? • High Tech: More dependencies • More ways to subvert the system • etc.

  10. Requirements for Electronic Voting • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. • Everyone knows who voted and who didn’t.

  11. Requirements for Electronic Voting • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. • Everyone knows who voted and who didn’t.

  12. Requirements for Electronic Voting • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. • Everyone knows who voted and who didn’t.

  13. Contents • 1. Secure elections • Introduction • Protocols • 2. Secure multiparty computation • Introduction • Examples

  14. Protocols 1. Simplistic voting protocols #1 2. Simplistic voting protocols #2 3. Voting with blind signatures 4. Voting with two central facilities 5. Voting with ANDOS 6. Improved voting with ANDOS 7. Voting without a central facility

  15. Idea of Simplistic Voting Protocol #1 secure booth = encryption

  16. 3. ECTF(V) Central Tabulating Facility Simplistic Voting Protocol #1 PCTF SCTF Voter Vi 1. Choose V 4. Tabulate V’s 5. Publish the result 2. Encrypt V into ECTF(V).

  17. Unsatisfied Requirements • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. (By intercept attack) • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. • Everyone knows who voted and who didn’t.

  18. Protocols 1. Simplistic voting protocols #1 2. Simplistic voting protocols #2 3. Voting with blind signatures 4. Voting with two central facilities 5. Voting with ANDOS 6. Improved voting with ANDOS 7. Voting without a central facility

  19. Idea of Simplistic Voting Protocol #2 secure booth = encryption identification card = sign

  20. 4. ECTF(Si(V)) Central Tabulating Facility Simplistic Voting Protocol #2 PCTF Pi SCTF Si Voter Vi 5. Decrypt, verify, tabulate V’s 1. Choose V 2. Sign V into Si(V) 6. Publish the result 3. Encrypt Si(V) into ECTF(Si(V))

  21. Unsatisfied Requirements • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. (CTF knows it.) • Everyone knows who voted and who didn’t.

  22. Protocols 1. Simplistic voting protocols #1 2. Simplistic voting protocols #2 3. Voting with blind signatures 4. Voting with two central facilities 5. Voting with ANDOS 6. Improved voting with ANDOS 7. Voting without a central facility

  23. Kim Problem with Signature

  24. Idea of Voting with Blind Signature 노 accept

  25. Idea of Voting with Blind Signature Be covered !

  26. 3. B(M) 5. SCTF(B(M)) Central Tabulating Facility Voting with Blind Signature PCTF Pi SCTF Si Voter Vi 4. Check if B(M) is valid 1. Generate M = (O1, … , On, IDr , i) 2. Blind M into B(M) 6. Choose SCTF(Oi) 7. Generate M’ = (SCTF(Oi), SCTF(IDr), SCTF(i))

  27. 8. M’ Central Tabulating Facility Voting with Blind Signature PCTF Pi SCTF Si B(M) Voter Vi 9. Verify, check ID duplication 10. Publish the result

  28. Unsatisfied Requirements • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. (CTF knows it.) – it need to provide anonymous channel. • Everyone knows who voted and who didn’t.

  29. Additional Some Problems • CTF can generate a large number of signed, valid votes and cheat by submitting those itself. • If voter discovers that the CTF changed his or her vote, he or she has no way to prove it.

  30. Protocols 1. Simplistic voting protocols #1 2. Simplistic voting protocols #2 3. Voting with blind signatures 4. Voting with two central facilities 5. Voting with ANDOS 6. Improved voting with ANDOS 7. Voting without a central facility

  31. Review of Traditional Voting 1. Check voter’s identification by checker. voter checker

  32. Review of Traditional Voting 2. Count votes in the ballot boxes by counter. counter

  33. Review of Traditional Voting There are two positions in the voting. counter checker

  34. Central Legitimization Agency Central Tabulating Facility Idea of Voting with Two Central Facilities

  35. 1. Ask for VN 3. VNr Central Legitimization Agency Voting with Two Central Facilities PCLA Pi SCLA Si VN list Voter Vi 2. Maintain VN list for voters

  36. 4. VN list Central Legitimization Agency Central Tabulating Facility Voting with Two Central Facilities PCLA PCTF SCLA SCTF VN list

  37. 8. M Central Tabulating Facility Voting with Two Central Facilities PCTF Pi SCTF Si VNr VN list Voter Vi 9. Check if M is valid and maintain VN list 5. Choose IDr 6. Generate M = (V, IDr, VNr) 10. Publish the result 6. Choose SCTF(Oi) 7. Generate M’ = (SCTF(Oi), SCTF(IDr), SCTF(i))

  38. Unsatisfied Requirements • Only authorized voters can vote. • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. (But, the collusion is possible.) • Everyone knows who voted and who didn’t.

  39. Additional Some Problems • CLA can generate a large number of signed, valid votes and cheat by submitting those itself. – It solve that CLA publish a list of certified voters. • As stated above, the collusion is possible.

  40. Protocols 1. Simplistic voting protocols #1 2. Simplistic voting protocols #2 3. Voting with blind signatures 4. Voting with two central facilities 5. Voting with ANDOS 6. Improved voting with ANDOS 7. Voting without a central facility

  41. What is ANDOS (All-Or-Nothing Disclosure of Secrets) Sender Receiver - Sender doesn’t know that receiver has gained the one. - As soon as receiver has gained anyone, he can’t receive other messages.

  42. 1. Ask for VN 3. VNr by ANDOS Central Tabulating Facility Voting with ANDOS PCLA Pi SCLA Si VN list Voter Vi 2. Maintain VN list for voters

  43. Unsatisfied Requirements • Only authorized voters can vote. – we solve it by blinded signagture • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. • Everyone knows who voted and who didn’t.

  44. Protocols 1. Simplistic voting protocols #1 2. Simplistic voting protocols #2 3. Voting with blind signatures 4. Voting with two central facilities 5. Voting with ANDOS 6. Improved voting with ANDOS 7. Voting without a central facility

  45. Idea of Improved Voting with ANDOS Voter is also checker for CTF

  46. 1. Join within T 3. IDr by using ANDOS Central Tabulating Facility Voting with Blind Signature PCTF Pi SCTF Si Voter Vi 2. Publish a list of participants

  47. 5. IDr, Ei(IDr, V) 7. IDr Si Central Tabulating Facility Voting with Blind Signature PCTF Pi SCTF Si IDr Voter Vi 6. Publish Ei(IDr, V) 8. Decrypt, publish the result. (For each candidate, the list of all Ei(IDr, V) that voted for a candidate)

  48. 9. IDr, Ei(IDr, V), Si Central Tabulating Facility Voting with Blind Signature PCTF Pi SCTF Si IDr or 9. IDr, Ei(IDr, V’), Si Voter Vi Within time T, voter can change the vote.

  49. Central Tabulating Facility The Reason of the possibility for protest 6. Publish Ei(IDr, V) CTF should be examined for performing his duty by voter Vi

  50. Unsatisfied Requirements • Only authorized voters can vote. – we solve it by blinded signagture • No one can vote more than once. • No one can duplicate anyone else’s vote. • No one can change anyone else’s vote without being discovered. • Every voter can make sure that his vote has been taken into account in the final tabulation. • No one can determine for whom anyone else voted. • Everyone knows who voted and who didn’t.

More Related