SlideShare une entreprise Scribd logo

E-voting Risks and Solutions

Christian Wernberg-Tougaard
Christian Wernberg-Tougaard
1  sur  24
Télécharger pour lire hors ligne
E-voting: An Acceptable Risk? Project CSO Christian Bull
Background
Background …or not. We don’t have time for that!
Remote Voting Over The Internet
Legal requirements for remote e-voting • The secrecy of the ballot can not be compromised! • Secrecy is retained by implementing the following: – Allowing unlimited re-voting – Votes cast in a controlled environment always supersede those cast uncontrolled (paper votes may supersede electronic votes) – An e-voting system that does not reveal or retain any connection between voter and vote – A good authentication mechanism – E-voting only in the advance voting period – Remote voting only as a supplement to paper voting
A quick overview of the solution - Log on - Submit vote E-voting system Receipt code Polling card
How does the system know who I am?
Authentiwhat? • When you turn up at the polling station, you are required to identify yourself. • Only since 2007 have you been required to produce an ID-card. • This is analogous to the process of authentication to a computer system, for instance using an eID.
Important properties of a good eID • It must be obvious to the user that this is an identity document. • A voter should not be tempted to sell his voting credentials. – It must have other uses than just e-voting. – These other uses must be familiar and of value to the voter
The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote • Attacks scale
The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
Transparent e-voting? • Complete openness and transparecy in all aspects of the project • Available source code – Unfourtunately cryptography is really, really hard. • Cryptographic proofs of correctness – Even the voter gets one – The good thing about crypto is that it’s all just maths • Logging of all system events
Transparent e-voting? • Obviously open source won’t make the system understandable to ”everyone” • …and extensive use of esoteric cryptography makes things worse… • ..but at least the lay person can choose which expert to trust. • Besides, paper voting really isn’t that easy to understand either!
Communicating the crypto protocol • The cryptographer behind it is working on a conceptual description which should be understandable for anyone with high school maths • Amongst other things, we will try to integrate the protocol into maths education in high school.
The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
Buying and selling of votes • In practice this doesn’t scale • The seller can re-vote – Receipt for all cast votes, not only the final • Votes submitted from a polling station will supersede any vote cast remotely • Buyer would have to control seller’s eID – Would require the voter to give up a lot more than his vote
The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
Coercion/family voting • The coerced can re-vote – Receipt for all cast votes, not only the final • Votes submitted from a polling station will supersede any vote cast remotely • The system will never divulge that a previous vote has allready been recorded • If you accept that bastards are evenly distributed across the political spectrum, this doesn’t scale either.
The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
Encryption and storage of the vote
Conceptual model Distribution of secrets Vote Voting Internet Administrative Voter Collection system client Server Return Code Air gap Vote verification Generator Mix and count M of N key shares from parties with competing interests
”Cleansing service” Counting e-votes Parti A 2 Parti B 1 Decryption service Mixing service

Recommandé

National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...
National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...
National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...National Civic Summit
 
Features of blockchain voting
Features of blockchain votingFeatures of blockchain voting
Features of blockchain votingSatyamAnand32
 
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014Christian Wernberg-Tougaard
 
Carsten schürmann eVoting
Carsten schürmann eVotingCarsten schürmann eVoting
Carsten schürmann eVotingChristian Wernberg-Tougaard
 
миний цүнх хамгийн чамин
миний цүнх хамгийн чаминминий цүнх хамгийн чамин
миний цүнх хамгийн чаминbattogtokh48
 
Dr ulrich wiesner
Dr ulrich wiesnerDr ulrich wiesner
Dr ulrich wiesnerChristian Wernberg-Tougaard
 
Oracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardOracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardChristian Wernberg-Tougaard
 
Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Christian Wernberg-Tougaard
 

Recommandé

National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...
National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...
National Civic Summit - Operation BRAVO Foundation - Carol Paquette and Pat H...National Civic Summit
 
Features of blockchain voting
Features of blockchain votingFeatures of blockchain voting
Features of blockchain votingSatyamAnand32
 
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014Christian Wernberg-Tougaard
 
Carsten schürmann eVoting
Carsten schürmann eVotingCarsten schürmann eVoting
Carsten schürmann eVotingChristian Wernberg-Tougaard
 
миний цүнх хамгийн чамин
миний цүнх хамгийн чаминминий цүнх хамгийн чамин
миний цүнх хамгийн чаминbattogtokh48
 
Dr ulrich wiesner
Dr ulrich wiesnerDr ulrich wiesner
Dr ulrich wiesnerChristian Wernberg-Tougaard
 
Oracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardOracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardChristian Wernberg-Tougaard
 
Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Christian Wernberg-Tougaard
 
Digitizing Social Welfare
Digitizing Social WelfareDigitizing Social Welfare
Digitizing Social WelfareChristian Wernberg-Tougaard
 
VDAB Employment Services
VDAB Employment ServicesVDAB Employment Services
VDAB Employment ServicesChristian Wernberg-Tougaard
 
WCC Unemployment Presentation
WCC Unemployment PresentationWCC Unemployment Presentation
WCC Unemployment PresentationChristian Wernberg-Tougaard
 
Jordi barrat
Jordi barratJordi barrat
Jordi barratChristian Wernberg-Tougaard
 
Christian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting SummaryChristian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting SummaryChristian Wernberg-Tougaard
 
GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014Christian Wernberg-Tougaard
 
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Christian Wernberg-Tougaard
 
Christian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard
 
Digital Impact On Labor
Digital Impact On LaborDigital Impact On Labor
Digital Impact On LaborChristian Wernberg-Tougaard
 
Uwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment ServicesUwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment ServicesChristian Wernberg-Tougaard
 
Keynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationKeynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationChristian Wernberg-Tougaard
 
E-Voting Technology
E-Voting TechnologyE-Voting Technology
E-Voting TechnologyGautam Kumar
 
THE RIDDLERS
THE RIDDLERSTHE RIDDLERS
THE RIDDLERSRishabh Daga
 
Polys | Online voting system
Polys | Online voting systemPolys | Online voting system
Polys | Online voting systemTimur Kildigulov
 
project.pptx
project.pptxproject.pptx
project.pptxabdallah76803
 
igloovote
igloovoteigloovote
igloovoteJuanjo Bermudez
 
Merle King, Elections Administrators are IT Managers
Merle King, Elections Administrators are IT ManagersMerle King, Elections Administrators are IT Managers
Merle King, Elections Administrators are IT Managersbriandnewby
 
E-Voting Using Blockchain Technology for Security
E-Voting Using Blockchain Technology for SecurityE-Voting Using Blockchain Technology for Security
E-Voting Using Blockchain Technology for Securitysmeetramteke
 
Meet The SBS Team
Meet The SBS TeamMeet The SBS Team
Meet The SBS TeamSurvey & Ballot Systems
 
Electronic voting machine
Electronic voting machine Electronic voting machine
Electronic voting machine SonyKhan8
 
project presentation -2 nov (2).pptx
project presentation -2 nov (2).pptxproject presentation -2 nov (2).pptx
project presentation -2 nov (2).pptxmuralimurali239921
 
Platform for online voting
Platform for online voting Platform for online voting
Platform for online voting Artur Gurau
 

Contenu connexe

En vedette

GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014Christian Wernberg-Tougaard
 
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Christian Wernberg-Tougaard
 
Christian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard
 
Keynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationKeynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationChristian Wernberg-Tougaard
 

En vedette (11)

Digitizing Social Welfare
Digitizing Social WelfareDigitizing Social Welfare
Digitizing Social Welfare
 
VDAB Employment Services
VDAB Employment ServicesVDAB Employment Services
VDAB Employment Services
 
WCC Unemployment Presentation
WCC Unemployment PresentationWCC Unemployment Presentation
WCC Unemployment Presentation
 
Jordi barrat
Jordi barratJordi barrat
Jordi barrat
 
Christian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting SummaryChristian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting Summary
 
GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014
 
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
 
Christian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting Introduction
 
Digital Impact On Labor
Digital Impact On LaborDigital Impact On Labor
Digital Impact On Labor
 
Uwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment ServicesUwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment Services
 
Keynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationKeynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovation
 

Similaire à E-voting Risks and Solutions

E-Voting Technology
E-Voting TechnologyE-Voting Technology
E-Voting TechnologyGautam Kumar
 
Polys | Online voting system
Polys | Online voting systemPolys | Online voting system
Polys | Online voting systemTimur Kildigulov
 
Merle King, Elections Administrators are IT Managers
Merle King, Elections Administrators are IT ManagersMerle King, Elections Administrators are IT Managers
Merle King, Elections Administrators are IT Managersbriandnewby
 
E-Voting Using Blockchain Technology for Security
E-Voting Using Blockchain Technology for SecurityE-Voting Using Blockchain Technology for Security
E-Voting Using Blockchain Technology for Securitysmeetramteke
 
Electronic voting machine
Electronic voting machine Electronic voting machine
Electronic voting machine SonyKhan8
 
project presentation -2 nov (2).pptx
project presentation -2 nov (2).pptxproject presentation -2 nov (2).pptx
project presentation -2 nov (2).pptxmuralimurali239921
 
Platform for online voting
Platform for online voting Platform for online voting
Platform for online voting Artur Gurau
 
ELECTRONICE VOTING MACHINE AND OLD BALLOT
ELECTRONICE VOTING MACHINE AND OLD BALLOTELECTRONICE VOTING MACHINE AND OLD BALLOT
ELECTRONICE VOTING MACHINE AND OLD BALLOTGurpreetKaur447706
 
BLOCKCHAIN BASED voting system-an evoting.pptx
BLOCKCHAIN BASED voting system-an evoting.pptxBLOCKCHAIN BASED voting system-an evoting.pptx
BLOCKCHAIN BASED voting system-an evoting.pptxAlbiMathew4
 
Global wireless e-voting
Global wireless e-votingGlobal wireless e-voting
Global wireless e-votingPREMKUMAR
 
Blockchain-Based Voting System.pptx
Blockchain-Based Voting System.pptxBlockchain-Based Voting System.pptx
Blockchain-Based Voting System.pptxssuser561dc11
 
IRJET - Decentralized E-Voting System using Blockchain
IRJET - Decentralized E-Voting System using BlockchainIRJET - Decentralized E-Voting System using Blockchain
IRJET - Decentralized E-Voting System using BlockchainIRJET Journal
 

Similaire à E-voting Risks and Solutions (20)

E-Voting Technology
E-Voting TechnologyE-Voting Technology
E-Voting Technology
 
THE RIDDLERS
THE RIDDLERSTHE RIDDLERS
THE RIDDLERS
 
Polys | Online voting system
Polys | Online voting systemPolys | Online voting system
Polys | Online voting system
 
project.pptx
project.pptxproject.pptx
project.pptx
 
igloovote
igloovoteigloovote
igloovote
 
Merle King, Elections Administrators are IT Managers
Merle King, Elections Administrators are IT ManagersMerle King, Elections Administrators are IT Managers
Merle King, Elections Administrators are IT Managers
 
E-Voting Using Blockchain Technology for Security
E-Voting Using Blockchain Technology for SecurityE-Voting Using Blockchain Technology for Security
E-Voting Using Blockchain Technology for Security
 
Meet The SBS Team
Meet The SBS TeamMeet The SBS Team
Meet The SBS Team
 
Electronic voting machine
Electronic voting machine Electronic voting machine
Electronic voting machine
 
project presentation -2 nov (2).pptx
project presentation -2 nov (2).pptxproject presentation -2 nov (2).pptx
project presentation -2 nov (2).pptx
 
Platform for online voting
Platform for online voting Platform for online voting
Platform for online voting
 
ELECTRONICE VOTING MACHINE AND OLD BALLOT
ELECTRONICE VOTING MACHINE AND OLD BALLOTELECTRONICE VOTING MACHINE AND OLD BALLOT
ELECTRONICE VOTING MACHINE AND OLD BALLOT
 
BLOCKCHAIN BASED voting system-an evoting.pptx
BLOCKCHAIN BASED voting system-an evoting.pptxBLOCKCHAIN BASED voting system-an evoting.pptx
BLOCKCHAIN BASED voting system-an evoting.pptx
 
Global wireless e-voting
Global wireless e-votingGlobal wireless e-voting
Global wireless e-voting
 
EVM.pptx
EVM.pptxEVM.pptx
EVM.pptx
 
Blockchain-Based Voting System.pptx
Blockchain-Based Voting System.pptxBlockchain-Based Voting System.pptx
Blockchain-Based Voting System.pptx
 
E-voting
E-votingE-voting
E-voting
 
Security and trust in e payment
Security and trust in e paymentSecurity and trust in e payment
Security and trust in e payment
 
IRJET - Decentralized E-Voting System using Blockchain
IRJET - Decentralized E-Voting System using BlockchainIRJET - Decentralized E-Voting System using Blockchain
IRJET - Decentralized E-Voting System using Blockchain
 
Online Voting
Online VotingOnline Voting
Online Voting
 

Plus de Christian Wernberg-Tougaard

Public Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg TougaardPublic Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg TougaardChristian Wernberg-Tougaard
 

Plus de Christian Wernberg-Tougaard (7)

Agenda
AgendaAgenda
Agenda
 
Tarvi martens eVoting Estonia
Tarvi martens eVoting EstoniaTarvi martens eVoting Estonia
Tarvi martens eVoting Estonia
 
Robert krimmer reduced
Robert krimmer reducedRobert krimmer reduced
Robert krimmer reduced
 
Skagestein cp hjune2010_static
Skagestein cp hjune2010_staticSkagestein cp hjune2010_static
Skagestein cp hjune2010_static
 
Servei De Ocupaci
Servei De OcupaciServei De Ocupaci
Servei De Ocupaci
 
OPA For Unemployment
OPA For UnemploymentOPA For Unemployment
OPA For Unemployment
 
Public Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg TougaardPublic Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg Tougaard
 

E-voting Risks and Solutions

  • 1. E-voting: An Acceptable Risk? Project CSO Christian Bull
  • 3. Background …or not. We don’t have time for that!
  • 4. Remote Voting Over The Internet
  • 5. Legal requirements for remote e-voting • The secrecy of the ballot can not be compromised! • Secrecy is retained by implementing the following: – Allowing unlimited re-voting – Votes cast in a controlled environment always supersede those cast uncontrolled (paper votes may supersede electronic votes) – An e-voting system that does not reveal or retain any connection between voter and vote – A good authentication mechanism – E-voting only in the advance voting period – Remote voting only as a supplement to paper voting
  • 6. A quick overview of the solution - Log on - Submit vote E-voting system Receipt code Polling card
  • 7. How does the system know who I am?
  • 8. Authentiwhat? • When you turn up at the polling station, you are required to identify yourself. • Only since 2007 have you been required to produce an ID-card. • This is analogous to the process of authentication to a computer system, for instance using an eID.
  • 9. Important properties of a good eID • It must be obvious to the user that this is an identity document. • A voter should not be tempted to sell his voting credentials. – It must have other uses than just e-voting. – These other uses must be familiar and of value to the voter
  • 10.
  • 11. The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote • Attacks scale
  • 12.
  • 13. The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
  • 14. Transparent e-voting? • Complete openness and transparecy in all aspects of the project • Available source code – Unfourtunately cryptography is really, really hard. • Cryptographic proofs of correctness – Even the voter gets one – The good thing about crypto is that it’s all just maths • Logging of all system events
  • 15. Transparent e-voting? • Obviously open source won’t make the system understandable to ”everyone” • …and extensive use of esoteric cryptography makes things worse… • ..but at least the lay person can choose which expert to trust. • Besides, paper voting really isn’t that easy to understand either!
  • 16. Communicating the crypto protocol • The cryptographer behind it is working on a conceptual description which should be understandable for anyone with high school maths • Amongst other things, we will try to integrate the protocol into maths education in high school.
  • 17. The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
  • 18. Buying and selling of votes • In practice this doesn’t scale • The seller can re-vote – Receipt for all cast votes, not only the final • Votes submitted from a polling station will supersede any vote cast remotely • Buyer would have to control seller’s eID – Would require the voter to give up a lot more than his vote
  • 19. The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
  • 20. Coercion/family voting • The coerced can re-vote – Receipt for all cast votes, not only the final • Votes submitted from a polling station will supersede any vote cast remotely • The system will never divulge that a previous vote has allready been recorded • If you accept that bastards are evenly distributed across the political spectrum, this doesn’t scale either.
  • 21. The Challenges of Remote e- voting • Auditability / transparency to the lay person • The buying and selling of votes • Coercion / family voting • Home computer security • Anonymity of the vote
  • 22. Encryption and storage of the vote
  • 23. Conceptual model Distribution of secrets Vote Voting Internet Administrative Voter Collection system client Server Return Code Air gap Vote verification Generator Mix and count M of N key shares from parties with competing interests
  • 24. ”Cleansing service” Counting e-votes Parti A 2 Parti B 1 Decryption service Mixing service