80 likes | 107 Vues
Proposal to develop a secure remote voting system within the crypto community, built by diverse members for flexible improvement. Based on SVIS voting details from a Japanese conference, suggestions for user authentication, web security, and system design are discussed for implementation in international voting processes.
 
                
                E N D
Kazue’s Proposal 2008.8.19 2:00PM(CA) 8.20 6:00AM (Japan) Kazue Sako
My Standpoint • I think it is a great idea to carry out remote voting within this CRYPTO community, so that we can learn how cryptography serve the world, and how better can we make it. • Using one organization’s system maybe one solution, but why not WE build our own, so that WE can try and learn and fix more flexibly.
My Proposal • Form a project with a group of developers, and within it, build a system that group members are comfortable with. • not a single company, diversity of members • open discussions among group members during development and improvement of the system • We have taken a similar approach in SVIS voting held in a Japanese conference, Jan. 2008.
Secure Voting in Symposiums what is SVIS voting • SVIS is a mix-net based remote voting system where the participants of the symposium vote for SCIS paper award (young researcher award). • SCIS: Symposium on Cryptography and Information Security • SVIS: Secure Voting In Symposiums • Each voter selects maximum of 5 out of 200 eligible papers (among 350 presentations ) • 18 members from 15 organizations discussed the system design • Five members served as mixers
Secure Voting in Symposiums SVIS details • NEC offered a mix-net computation library. • Have newly developed software for user Interface. • Mixer’s applications run on Windows XP only. • Encryption software written in Java 1.6. • 159 votes were collected & tallied. (3/4 of registered voters) • Due to Java version mismatch, 3 votes failed to receive. • Voter verification was based on ID/passwd distributed in a paper envelope at the registration. • Similar (but improved) voting system is to be used in Computer Security Symposium this year and hopefully next year SCIS. • Can try Japanese Interface at https://svis.z.nitech.ac.jp/Digishuff_vote/Digishuff_Top_Action (after installing Sun’s Java 1.6)
Implications to IACR voting • User authentication means would be the largest issue to debate among project members. • Suggestions for typical voting environment in various parts of the world would be necessary. • Experts on running web sites securely and stably is a must. (May need budgets for the professional service) • Designing the system comparative to a conventional IACR voting with physical mail would help deciding the security policy. One can claim thus it is different from national election systems where physical mail procedure do not exist. • NEC is willing to offer the library if necessary.
NEC mix-net library (digishuff) • based on FC02 scheme. • Furukawa, Miyauchi, Mori, Obana, Sako: An Implementation of a Universally Verifiable Electronic Voting Scheme based on Shuffling. Financial Cryptography 2002 • has 4 yrs experience in bind voting system in private organizations, held 5-6 times a year, with more than 22,000 voters. • The source code may be dis- closed to limited members under NDA. • Use of NEC library would help speed up the development since the testing and debugging the computation is the most time-consuming part.
Conclusion • I propose to carry a project where multiple members from different background cooperate not only in evaluating, but also throughout designing the system. • I personally would like to take part in the project with my experiences with SVIS project and voting in private organizations. • Use of NEC library is optional.