An Electronic Voting System Based On Blind Signature Protocol
|
|
- Caren Morgan
- 8 years ago
- Views:
Transcription
1 CSMR, VOL. 1, NO. 1 (2011) An Electronic Voting System Based On Blind Signature Protocol Marius Ion, Ionuţ Posea University POLITEHNICA of Bucharest Faculty of Automatic Control and Computers, Computer Science Department s: marius.ion85@gmail.com ionutz.posea@gmail.com Abstract This paper presents e-vote, an electronic voting system solution for the process of governmental elections. The proposed solution ensures the accuracy, the privacy, the verifiability, the convenience, and the democracy of the electoral process. The application is based on open standards in order to achieve the transparency required for such a voting system. Because of this requirement, the solution uses the service oriented architecture paradigm and the cryptographic blind signature protocol. Keywords: electronic voting, blind signature, service oriented architecture. 1. Introduction Simultaneously achieving security and privacy in electronic polls is a problem that must be solved if electronic systems are to be used for serious large-scale governmental elections. As new technologies emerge which address these concerns, electronic voting is likely to become increasingly appealing as an alternative to the traditional paper ballots method. Electronic elections have the potential of being cheaper and less time consuming to administer than conventional elections. Eventually electronic voting may be a viable solution to increasing voter participation and maximizing security by decreasing the number of frauds in governmental elections. However, if not carefully designed, electronic voting systems can be easily compromised, thus corrupting results or violating voters' privacy. Based on the description of a viable electronic voting system by Cranor, L.F. and Cytron, R.K. in [1] we adopted the following objectives: The system must be accurate: (1) it is not possible for a vote to be altered, (2) it is not possible for a validated vote to be eliminated from the final tally, and (3) it is not possible for an invalid vote to be counted in the final tally. In the most accurate systems the final vote tally must be perfect, either because no inaccuracies can be introduced or because all inaccuracies introduced can be detected and corrected. Partially accurate systems can detect but not necessarily correct inaccuracies. The system must be democratic: (1) it permits only eligible voters to vote and (2) it ensures that each eligible voter can vote only once. The system must be private: (1) neither election authorities nor anyone else can link any ballot to the voter who cast it and (2) no voter can prove that he or she voted in a particular way. The second privacy factor is important for the prevention of vote buying and extortion. Voters can only sell their votes if they are able to prove to the buyer that they actually voted according to the buyer's wishes. The system must be verifiable: anyone can independently verify that all votes have been counted correctly. A weaker definition of verifiability used by some authors allows that a system is verifiable if it allows voters to verify their own votes and correct any mistakes they might find without sacrificing privacy. Less verifiable systems might allow mistakes to be pointed out -- but not corrected -- or might allow verification of the process by party
2 MARIUS ION, IONUT POSEA AN ELECTRONIC VOTING SYSTEM BASED ON BLIND SIGNATURE PROTOCOL representatives but not by individual voters. Traditional voting systems generally only allow for minimal verification by party representatives. The system must be convenient: it allows voters to cast their votes quickly, in one session, and with minimal equipment or special skills. The paper presents in section 2 a critical analysis on existing solutions and related work. In the third section we present the cryptographic voting protocol and the architecture of the proposed solution. The final section presents the conclusions of the paper and future work related topics. 2. Related Work In [2], Cranor L.F. presents a simple electronic voting protocol designed to meet the necessary requirements as follows: Figure 1: A Simple Electronic Voting Protocol [2] This protocol, illustrated in Figure 1, would require the voter to submit to an electronic validator an electronic ballot with a voter identification number attached. The validator would use the identification number to check the voter off on a list of registered voters. Then the validator would strip off the identification number and send the ballot to an electronic tallier. The tallier would record the votes and add them to the election tally. This protocol has several major problems: voters could stuff the ballot box by using other voters' identification numbers; second, voters cannot really be sure that the validator program does not violate their privacy; third, there is no way to ensure that the validator does not alter ballots before sending them to the tallier or manufacture ballots that were never actually submitted by voters; fourth, there is no way to ensure that the tallier accurately records the votes [2]. Nurmi, Salomaa, and Santean [3] proposed an improved approach called "Two Agency Protocol," shown in Figure 2. Figure 2: The Two Agency Protocol [3] The electronic validator distributes a secret identification tag to each voter and then sends the tallier a list of all identification tags, with no record of the corresponding voters. Each voter sends the tallier his or her identification tag and an encrypted file containing a copy of the tag and the voted ballot. At this point the tallier can make sure the identification tag is valid, but the program has no way of examining the contents of the ballot. The tallier publishes the encrypted file, and the voter responds by sending the tallier the key necessary to decrypt it. When the election is over, the tallier publishes a list of all voted ballots and the corresponding encrypted files. At this point the voters can confirm that their votes were counted properly. Any voter who finds an error can protest by submitting the encrypted file
3 CSMR - COMPUTER SCIENCE MASTER RESEARCH, VOL. 1, NO. 1 (2011) and decryption key again. Because the encrypted file was published earlier, the tallier cannot deny having received it. This protocol is certainly an improvement, but it still has several problems: it does not protect voters' privacy if the tallier and validator collude and it does not solve the privacy problem completely because that would require voter to vote inside a voting booth [1]. Furthermore, the mechanism that allows voters to verify that their votes were counted correctly also allows them to prove that they voted in a particular way and the accuracy property is not completely satisfied because the tallier may cast votes for all the voters who have been assigned tags but do not exercise their right to vote. Another cryptographic voting protocol was proposed by Fujioka, A, Okamoto, T., and Ohta, K. in [4], shown in Figure 3. This protocol is based on blind signature scheme which is a class of digital signatures that allows documents to be signed without revealing its contents [5]. In this protocol, the voter prepares a voted ballot, encrypts it with a secret key, and blinds it. The voter then signs the ballot and sends it to the validator. The validator verifies that the signature belongs to a registered voter who has not yet voted. If the ballot is valid, the validator signs the ballot and returns it to the voter. The voter removes the blinding encryption layer, revealing an encrypted ballot signed by the validator. The voter then sends the resultant signed encrypted ballot to the tallier. The tallier checks the signature on the encrypted ballot. If the ballot is valid, the tallier places it on a list that is published after all voters vote. After the list has been published, voters verify that their ballots are on the list and send the tallier the decryption keys necessary to open their ballots. The tallier uses these keys to decrypt the ballots and add the votes to the election tally. After the election the tallier publishes the decryption keys along with the encrypted ballots so that voters may independently verify the election results. Figure 3: The Fujikota, Okamoto and Ohta Protocol [4] This protocol solves the issue raised by the colluding between the validator and the tallier. Unfortunately, it still has the same problems as the previous protocol: the validator could submit votes for the voters that haven t voted in their names and it also does not completely satisfy the verifiability property because the result of the elections cannot be verified by any interested party. 3. The e-vote Solution 3.1. The Cryptographic Voting Protocol The cryptographic voting protocol we proposed in this paper is based on blind signature protocol with several improvements. In our solution we started from the hypothesis that we have a secure authentication method which in this case is represented by an RSA key pair
4 MARIUS ION, IONUT POSEA AN ELECTRONIC VOTING SYSTEM BASED ON BLIND SIGNATURE PROTOCOL which was issued by a certified authority to each voter. Other authentications methods could be based on an ID card, biometric cards, etc. Another characteristic of the system is that the voter needs to exercise his voting right from a certified voting machine thus preventing vote selling or extortion. Figure 4: The evote Protocol First the voter prepares a voted ballot, and blinds it. This prepared package is sent afterwards using SSL secured channel to the validator entity. The validator verifies whether the voter is registered and has not yet voted and decides if the ballot is valid or not. The verification is done using the information extracted from the X509 certificate used for SSL communication for an accurate decision. In this way the validator can decide based on data extracted from a governmental database such a police or DMV database. If the ballot is valid, the tallier signs in blind the ballot and returns it to the voter through the SSL secured channel. The next step is that the voter removes the blinding factor, revealing a ballot signed by the validator. The voter then sends the resultant signed ballot to the tallier. The tallier checks the signature on the ballot and if the ballot is valid, the tallier records the vote. Otherwise, it signals an attempted fraud. In order to protect the voting process from fraud by replaying the messages containing the ballot to the tallier, we introduced a hash of the voter s public key which prevents the intruder from repeating a valid vote signed by the validator. The tallier will reject ballots which have the same hash number and have been received in the past. Using hash for the public key solves the problem above and also enforces the system privacy criterion by keeping the identity of the voter anonymous. One of the most important features is that we use SSL secure channels for communications between the voting entities and this ensures a new layer of security in the solution. Furthermore, this solution eliminates the need for the last three steps in the Fujioka, Okamoto, and Ohta [4] protocol. Because of this no voter can prove that he or she voted in a certain manner thus avoiding vote selling or extortion. Also the voter benefit because this method is more convenient since they don t need to return to the election booth in order to submit the private keys after the end of the elections. A major drawback of purely electronic voting systems is that they don t provide a physical audit record that can be used for verifying the vote count. Because these machines record votes internally, in computer software, vote fraud may be difficult to detect. Also this weakens the system accuracy and verifiability characteristics. These problems can be solved using the Mercuri method [6], in which a paper vote is recorded inside a glass or clear plastic container after the voter indicates their vote. The voter is instructed to verify that the paper record correctly indicates their vote. They then finalize their vote by pressing a button or pulling a lever, and the paper record is stored. At no point is there an opportunity for the voter to remove the paper record from the voting area, since to do so would allow for there to be a receipt which could be used to coerce the voter into voting for a candidate or to allow selling of votes The Architecture of the Solution The most important characteristic of the model is that is open source, a feature which greatly increases the confidence of the voters in the fairness of the electoral process. Another characteristic of the proposed solution is that the model is based on a client-server architecture based on socket communication.
5 CSMR - COMPUTER SCIENCE MASTER RESEARCH, VOL. 1, NO. 1 (2011) The system is made up of three types of entities: the tallier, the validator and several voters which communicate over Secure Sockets Layer channels The Voter Entity The voter entity is deployed on the voting machine and performs the authentication of the voter, constructs a valid ballot from the option of the voter, and communicates with the validator and with the tallier over a secure channel. The person that votes must authenticate in the system using their own keystore which contains the RSA key pair issued by a certified authority The Validator Entity The validator entity performs a check to verify the eligibility of a voter and replies with the signed ballot vote with his private RSA key. This ensures that the ballot is not after-wards altered by any entity and that it belongs to a valid voter. The voter is authenticated using the data from the X509 certificate used for SSL communication. The decision of the eligibility is made based on the information extracted from a governmental database such as the police or DMV database, and the own records of the validator, which are stored in a local mysql repository The Tallier Entity The tallier entity determines the authenticity of the ballot and counts the votes. A message is authentic if: a) it is signed by the validator and b) if the hash associated with the ballot is unique. If the tallier detects an invalid message it will signal a fraud attempt and rejects the vote. The list of partial votes is kept in a mysql repository. All communications between entities are made using SSL technology based on the RSA key pair assigned by a certified authority. This increases the security of the system and dramatically decreases the chances of a successfully foreign intrusion into the voting process. 4. Conclusions and Further Work This solution addresses the sensitive election process and respects the basic principles for fair elections. It enforces the requirements of a correct electronic polling system described in the electronic voting literature [1]: accuracy, democracy, privacy, verifiability and convenience. The solution could be further improved by migrating to a distributed architecture without single points of failure and performance bottlenecks. This could be done by having multiple tallier entities, one for each voting section, multiple validator entities which coordinate when taking decisions as well as multiple voting booths. The validator entities could be organized in a structure similar to the DNS tree structure, i.e. each validator is an authority on a designated geographical area. This will greatly improve the ability of the system to handle multiple requests simultaneously thus allowing the solution to be deployed for large-scale elections. 5. Acknowledgments We would like to thank Sl.Dr.Ing. Florin Pop who coordinated the realization of this project. References [1] Cranor, L.F. and Cytron, R.K. Design and Implementation of a Security-Conscious Electronic Polling System. Washington University Computer Science Technical Report WUCS February 1996.
6 MARIUS ION, IONUT POSEA AN ELECTRONIC VOTING SYSTEM BASED ON BLIND SIGNATURE PROTOCOL [2] Cranor, L. F. Electronic voting: computerized polls may save money, protect privacy. Crossroads 2, 4 (Apr. 1996), [3] Nurmi, H., Salomaa, A., and Santean, L. Secret ballot elections in computer networks. Computers and Security, 36, 10 (1991), pp [4] Fujioka, A, Okamoto, T., and Ohta, K. A practical secret voting scheme for large scale elections. In Advances in Cryptology - AUSCRYPT '92, Springer-Verlag, Berlin. 1993, pp [5] Chaum, D. Blind signatures for untraceable payments. In Proceedings of Crypto 82, Plenum Press, New York. 1983, pp [6] Rebecca T Mercuri, "Electronic vote tabulation checks and balances" (January 1, 2001). Dissertations available from ProQuest.
Electronic Voting Protocol Analysis with the Inductive Method
Electronic Voting Protocol Analysis with the Inductive Method Introduction E-voting use is spreading quickly in the EU and elsewhere Sensitive, need for formal guarantees Inductive Method: protocol verification
More informationAnalysis of Security Requirements for Cryptographic Voting Protocols (Extended Abstract)
Analysis of Security Requirements for Cryptographic Voting Protocols (Extended Abstract) Orhan Cetinkaya Institute of Applied Mathematics, METU, Ankara, Turkey e113754@metu.edu.tr Abstract Electronic voting
More informationE-Democracy and e-voting
E-Democracy and e-voting How to make them secure and transparent August 2013 Jordi Puiggali CSO and SVP R&D Jordi.puiggali@scytl.com Index Introduction e-democracy Security and Transparency in e-voting
More informationEfficient construction of vote-tags to allow open objection to the tally in electronic elections
Information Processing Letters 75 (2000) 211 215 Efficient construction of vote-tags to allow open objection to the tally in electronic elections Andreu Riera a,,joseprifà b, Joan Borrell b a isoco, Intelligent
More informationOnline Voting Project. New Developments in the Voting System an Consequently Implemented Improvements in the Representation of Legal Principles.
New Developments in the Voting System an Consequently Implemented Improvements in the Representation of Legal Principles. Introduction. Since 2001 T-Systems made research on secure online voting systems
More informationA New Receipt-Free E-Voting Scheme Based on Blind Signature (Abstract)
A New Receipt-Free E-Voting Scheme Based on Blind Signature (Abstract) Zhe Xia University of Surrey z.xia@surrey.ac.uk Steve Schneider University of Surrey s.schneider@surrey.ac.uk May 25, 2006 Abstract
More informationVerification and Validation Issues in Electronic Voting
Verification and Validation Issues in Electronic Voting Orhan Cetinkaya 1, and Deniz Cetinkaya 2 1 Institute of Applied Mathematics, METU, Ankara, Turkey 2 Computer Engineering, METU, Ankara, Turkey e113754@metu.edu.tr
More informationCryptography: Authentication, Blind Signatures, and Digital Cash
Cryptography: Authentication, Blind Signatures, and Digital Cash Rebecca Bellovin 1 Introduction One of the most exciting ideas in cryptography in the past few decades, with the widest array of applications,
More informationMobile implementation and formal verification of an e-voting system
Mobile implementation and formal verification of an e-voting system Stefano Campanelli, Alessandro Falleni, Fabio Martinelli, Marinella Petrocchi, Anna Vaccarelli IIT CNR, Via G. Moruzzi 1, 56124 Pisa,
More informationSecure Electronic Voting
7 th Computer Security Incidents Response Teams Workshop Syros,, Greece, September 2002 Secure Electronic Voting New trends, new threats... Prof.. Dr. Dimitris Gritzalis Dept. of Informatics Athens University
More informationVoteID 2011 Internet Voting System with Cast as Intended Verification
VoteID 2011 Internet Voting System with Cast as Intended Verification September 2011 VP R&D Jordi Puiggali@scytl.com Index Introduction Proposal Security Conclusions 2. Introduction Client computers could
More informationThe Design of Web Based Secure Internet Voting System for Corporate Election
The Design of Web Based Secure Internet Voting System for Corporate Election Jagdish B. Chakole 1, P. R. Pardhi 2 \ 1 Deptt. of Computer Science & Engineering, R.C.O.E.M., Nagpur, Maharashtra (India) 2
More informationhttp://www.cisjournal.org Implementation of Electronic Voting System in Mobile Phones with Android Operating System 1
Implementation of Electronic Voting System in Mobile Phones with Android Operating System 1 Eliver Pérez Villegas, 2 Gina Gallegos-García, 3 Gualberto Aguilar Torres, 4 Héctor Flores Gutiérrez 1, 4 Universidad
More informationCryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol. Vahid Jahandideh and Amir S.
72 Int. J. Electronic Governance, Vol. 3, No. 1, 2010 Cryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol Vahid Jahandideh and Amir S. Mortazavi Department
More informationAn Anonymous Endorsement System
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 18, 107-114 (2002) Short Paper An Anonymous Endorsement System Department of Electrical Engineering National Taiwan University Taipei, 106 Taiwan E-mail:
More informationVolume I, Appendix C Table of Contents
Appendix C for Voting Officials (Informative) Volume I, Appendix C Table of Contents C Appendix for Voting Officials.... 1 C.1 for Human Factors.... 1 C.2 for Security... 4 i May 9, 2005 Appendix C for
More informationOnline Voting for Better Government State IT Management Initiative
Nomination: Marshall University s On-line Voting for Better Government Online Voting for Better Government State IT Management Initiative Nomination Form May 23, 2003 extension to deadline granted. Title
More informationAn Implementation of Secure Online Voting System
An Implementation of Secure Online Voting System Prof. Anisaara Nadaph 1, Rakhi Bondre 2, Ashmita Katiyar 3, Durgesh Goswami 4, Tushar Naidu 5 1 Pune University, Trinity college of Eng. And res., anisaaranadaph@gmail.com
More informationA Survey on Untransferable Anonymous Credentials
A Survey on Untransferable Anonymous Credentials extended abstract Sebastian Pape Databases and Interactive Systems Research Group, University of Kassel Abstract. There are at least two principal approaches
More informationCHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS
70 CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 4.1 INTRODUCTION In this research work, a new enhanced SGC-PKC has been proposed for improving the electronic commerce and
More informationA Survey of Current Secret-Ballot Systems David Chaum
A Survey of Current Secret-Ballot Systems David Chaum WOTE ANALYSIS Outline Models, Taxonomy of Tools, Key Technologies, Paradigms, Composition, etc SYSTEMS Mainstream US deployed (with comparison) New/proposed
More informationA Secure and Efficient Voter-Controlled Anonymous Election Scheme
A Secure and Efficient Voter-Controlled Anonymous Election Scheme Thomas E. Carroll Dept. of Computer Science Wayne State University 5143 Cass Avenue, Detroit, MI 48202. tec@cs.wayne.edu Daniel Grosu Dept.
More informationE-voting System: Specification and Design Document
1 E-voting System: Specification and Design Document March 6, 2003 Jamie Brown Domari Dickinson Carl Steinebach Jeff Zhang 2 Introduction During the 2000 General Elections, America realized that our election
More informationGeneral Framework of Electronic Voting and Implementation thereof at National Elections in Estonia
Electronic Voting Committee General Framework of Electronic Voting and Implementation thereof at National Elections in Estonia Document: IVXV-ÜK-0.98 Date: 23 May 2016 Tallinn 2016 Annotation This paper
More informationTable of Contents. Click on heading to navigate directly to that section. Introduction... 3
Election Guide Table of Contents Click on heading to navigate directly to that section. Introduction... 3 Part One: Pre-Election Set-Up... 3 Step 1: Logging into Your Simply Voting User Account... 3 Step
More informationGI-Edition. Electronic Voting 2006. Proceedings. Lecture Notes in Informatics P-86. Robert Krimmer (Ed.)
GI, the Gesellschaft für Informatik, publishes this series in order to make available to a broad public recent findings in informatics (i.e. computer science and information systems) to document conferences
More informationCS 356 Lecture 28 Internet Authentication. Spring 2013
CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationUnderstanding Digital Certificates and Secure Sockets Layer (SSL)
Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?
More informationComputer Security. Draft Exam with Answers. 2009.
Computer Security Draft Exam with Answers. 2009. Please note that the questions written here are a draft of the final exam. There may be typos in the questions that were corrected in the final version
More informationThe Role of Digital Signature Cards in Electronic Voting
The Role of Digital Signature Cards in Electronic Voting Robert Kofler, Robert Krimmer, Alexander Prosser, Martin-Karl Unger WU Vienna University of Economics and Business Administration Department of
More informationAn Approach to Enhance in Group Signature Scheme with Anonymous Revocation
An Approach to Enhance in Group Signature Scheme with Anonymous Revocation Thu Thu Mon Oo, and Win Htay Abstract This paper concerns with the group signature scheme. In this scheme, anyone who can access
More informationAn electronic scheme for the Farnel paper-based voting protocol
An electronic scheme for the Farnel paper-based voting protocol R. Araújo 1, R. Custódio 2, A. Wiesmaier 1, and. akagi 3 1 echnische Universität Darmstadt, Germany 2 George Washington University, USA 3
More informationSecurity Policy Revision Date: 23 April 2009
Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure
More informationWeb Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn
Web Payment Security A discussion of methods providing secure communication on the Internet Group Members: Peter Heighton Zhao Huang Shahid Kahn 1. Introduction Within this report the methods taken to
More informationChapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory
There are actually two distinct aspects to the use of public-key encryption in this regard: The distribution of public keys. The use of public-key encryption to distribute secret keys. 9.1 Distribution
More informationSecurity & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173
Security & Privacy on the WWW Briefing for CS4173 Topic Outline 1. Information Security Relationship to safety Definition of important terms Where breaches can occur Web techniques Components of security
More informationSecurity in Electronic Payment Systems
Security in Electronic Payment Systems Jan L. Camenisch, Jean-Marc Piveteau, Markus A. Stadler Institute for Theoretical Computer Science, ETH Zurich, CH-8092 Zurich e-mail: {camenisch, stadler}@inf.ethz.ch
More informationTestimony of Edward W. Felten Professor of Computer Science and Public Affairs, Princeton University
Testimony of Edward W. Felten Professor of Computer Science and Public Affairs, Princeton University United States House of Representatives, Committee on House Administration Subcommittee on Elections
More informationInternational Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015.
Android Based E-Voting. Harshad Velapure, Saurabh Rai, Saransh Sharma, Preetam Naiknavre, Pranali Jadhav, Kalyan Bamane Department of Information Technology, D. Y. Patil College of Engineering, Akurdi,
More informationA Secure Anonymous E-Voting System based on Discrete Logarithm Problem
Appl. Math. Inf. Sci. 8, No. 5, 2571-2578 (2014) 2571 Applied Mathematics & Information Sciences An International Journal http://dx.doi.org/10.12785/amis/080556 A Secure Anonymous E-Voting System based
More informationVoting with confidence
Voting with confidence Report of the Election Process Advisory Commission Summary, Conclusions and Recommendations 27 September 2007 Summary The Commission considers that the election process in the Netherlands
More informationSpeaker s Commission on Digital Democracy Consultation on Electronic Voting
UKCRC/2014/4 Speaker s Commission on Digital Democracy Consultation on Electronic Voting UKCRC Response The UK Computing Research Committee (UKCRC), an Expert Panel of the British Computer Society (BCS),
More informationSecret Ballot Elections in Computer Networks
Secret Ballot Elections in Computer Networks Hannu Nurmi Department of Political Science University of Turku SF-20500 Turku Finland Arto Salomaa Academy of Finland and Department of Mathematics University
More informationclosed primary A primary in which only party members can vote to choose that party's candidates.
Australian ballot A secret ballot that is prepared, distributed, and counted by government officials at public expense; used by all states in the United States since 1888. campaign strategy The comprehensive
More informationModule 7 Security CS655! 7-1!
Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationInternet Programming. Security
Internet Programming Security Introduction Security Issues in Internet Applications A distributed application can run inside a LAN Only a few users have access to the application Network infrastructures
More informationCommon security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon
1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly
More informationDesign and Implementation of a Secure Online Lottery System
Design and Implementation of a Secure Online Lottery System Pramote Kuacharoen Department of Computer Science, Graduate School of Applied Statistics National Institute of Development Administration 118
More informationHow To Secure Cloud Computing
Next Generation Cloud Computing Issues and Solutions Jeon SeungHwan 1, Yvette E. Gelogo 1 and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon,
More informationAn Introduction to Cryptography and Digital Signatures
An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationStatement of Daniel D. Castro Senior Analyst. Information Technology and Innovation Foundation
Statement of Daniel D. Castro Senior Analyst Information Technology and Innovation Foundation The Importance of Functional Standards to Promote Innovation in Voting System Technology U.S. Election Assistance
More informationInductive Analysis of Security Protocols in Isabelle/HOL with Applications to Electronic Voting
Inductive Analysis of Security Protocols in Isabelle/HOL with Applications to Electronic Voting Denis Butin 1 / 37 2 / 37 Introduction Network communication sensitive: banking, private correspondence,
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationVinodu George 1 and M P Sebastian 2. vinodu.george@gmail.com. sebasmp@nitc.ac.in
Vinodu George 1 and M P Sebastian 2 1 LBS College of Engineering, Kasaragod, Kerala, India vinodu.george@gmail.com 2 National Institute of Technology, Calicut, Kerala, India sebasmp@nitc.ac.in ABSTRACT
More informationRemote (Internet) Voting in Digital India
Remote (Internet) Voting in Digital India Ideas for today and tomorrow National Conference on Remote Voting (NCRV) 2015 20-21 st July 2015 @IITM, Meghdoot, Pune The fundamental challenge in public voting
More informationOracle WebCenter Content
Oracle WebCenter Content 21 CFR Part 11 Certification Kim Hutchings US Data Management Phone: 888-231-0816 Email: khutchings@usdatamanagement.com Introduction In May 2011, US Data Management (USDM) was
More informationUnderstanding Digital Certificates and Wireless Transport Layer Security (WTLS)
Understanding Digital Certificates and Wireless Transport Layer Security (WTLS) Author: Allan Macphee January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What
More informationA Secure RFID Ticket System For Public Transport
A Secure RFID Ticket System For Public Transport Kun Peng and Feng Bao Institute for Infocomm Research, Singapore Abstract. A secure RFID ticket system for public transport is proposed in this paper. It
More informationComments on the Report e-voting Security Study Written by the Communications-Electronics Security Group
Comments on the Report e-voting Security Study Written by the Communications-Electronics Security Group Andreu Riera CEO Scytl Online World Security, S.A. Barcelona, Spain 28 August 2002 Table of Contents
More informationController of Certification Authorities of Mauritius
Contents Pg. Introduction 2 Public key Infrastructure Basics 2 What is Public Key Infrastructure (PKI)? 2 What are Digital Signatures? 3 Salient features of the Electronic Transactions Act 2000 (as amended)
More informationA Study on Secure Electronic Medical DB System in Hospital Environment
A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133
More informationElements of Security
Elements of Security Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: April 15, 2015 Slideset 8: 1 Some Poetry Mary had a little key (It s all she could export)
More informationUnderstanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions
Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions February 2005 All rights reserved. Page i Entrust is a registered trademark of Entrust,
More informationUnderstanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions
A Fundamental Requirement for Internet Transactions May 2007 Copyright 2007 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationSecure cloud access system using JAR ABSTRACT:
Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that
More informationElectronic Cash Payment Protocols and Systems
Electronic Cash Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University email: jerrygao@email.sjsu.edu URL: http://www.engr.sjsu.edu/gaojerry May, 2000 Presentation Outline - Overview
More informationAuthentication is not Authorization?! And what is a "digital signature" anyway?
Authentication is not Authorization?! And what is a "digital signature" anyway? Prepared by R. David Vernon Revised 12/01 Introduction REV 1A As part of the IT Architecture Initiative, the Office of Information
More informationElection Activity Watchers Colorado law & regulations
Election Activity Watchers Colorado law & regulations Activity Statute or Rule Allows: Definition of Watcher 1-1-104(51) "Watcher" means an eligible elector other than a candidate on the ballot who has
More informationEfficient Integrity Checking Technique for Securing Client Data in Cloud Computing
International Journal of Electrical & Computer Sciences IJECS-IJENS Vol: 11 No: 05 41 Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing Abstract-- It has been widely observed
More informationWhat is an SSL Certificate?
Security is of the utmost importance when doing business on the Web. Your customers want to know that their information is protected when crossing data lines. A Thawte SSL Web Server Certificate or SuperCert
More informationTELECOMMUNICATION NETWORKS
THE USE OF INFORMATION TECHNOLOGY STANDARDS TO SECURE TELECOMMUNICATION NETWORKS John Snare * Manager Telematic and Security Systems Section Telecom Australia Research Laboratories Victoria TELECOMMUNICATIONS
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationAuthentication Protocols Using Hoover-Kausik s Software Token *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 691-699 (2006) Short Paper Authentication Protocols Using Hoover-Kausik s Software Token * WEI-CHI KU AND HUI-LUNG LEE + Department of Computer Science
More informationSingle Sign-On Secure Authentication Password Mechanism
Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationPayment Systems for E-Commerce. Shengyu Jin 4/27/2005
Payment Systems for E-Commerce Shengyu Jin 4/27/2005 Reference Papers 1. Research on electronic payment model,2004 2. An analysis and comparison of different types of electronic payment systems 2001 3.
More informationSecure Large-Scale Bingo
Secure Large-Scale Bingo Antoni Martínez-Ballesté, Francesc Sebé and Josep Domingo-Ferrer Universitat Rovira i Virgili, Dept. of Computer Engineering and Maths, Av. Països Catalans 26, E-43007 Tarragona,
More informationComplying with PCI Data Security
Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationStrengthen RFID Tags Security Using New Data Structure
International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University
More informationEntrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003
Entrust Secure Web Portal Solution Livio Merlo Security Consultant September 25th, 2003 1 Entrust Secure Web Portal Solution Only the Entrust Secure Web Portal solution provides Security Services coupled
More informationCommunication Security for Applications
Communication Security for Applications Antonio Carzaniga Faculty of Informatics University of Lugano March 10, 2008 c 2008 Antonio Carzaniga 1 Intro to distributed computing: -server computing Transport-layer
More informationSWFP: Secure Web Feed Protocol
SWFP: Secure Web Feed Protocol Frédérick Giasson fred [at] fgiasson.com Abstract SWFP ensures the secure broadcasting of web feeds content over a local network or the Internet. The protocol is built to
More informationSecuring your Online Data Transfer with SSL
Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does
More informationOn Coercion-Resistant Electronic Elections
On Coercion-Resistant Electronic Elections with Linear Work Stefan G. Weber, Roberto Araújo, Johannes Buchmann Darmstadt University of Technology Department of Computer Science Hochschulstrasse 10, 64289
More informationINTEGRATION OF DIGITAL SIGNATURES INTO THE EUROPEAN BUSINESS REGISTER. Abstract:
INTEGRATION OF DIGITAL SIGNATURES INTO THE EUROPEAN BUSINESS REGISTER Helmut Kurth Industrieanlagen Betriebsgesellschaft mbh Einsteinstr. 20 D-85521 Ottobrunn, Germany kurth@iabg.de Abstract: In the INFOSEC
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationSecuring your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.
More informationSecure Data Transfer
Secure Data Transfer INSTRUCTIONS 3 Options to SECURELY TRANSMIT DATA 1. FTP 2. WinZip 3. Password Protection Version 2.0 Page 1 Table of Contents Acronyms & Abbreviations...1 Option 1: File Transfer Protocol
More informationData Integrity Check using Hash Functions in Cloud environment
Data Integrity Check using Hash Functions in Cloud environment Selman Haxhijaha 1, Gazmend Bajrami 1, Fisnik Prekazi 1 1 Faculty of Computer Science and Engineering, University for Business and Tecnology
More informationA blind digital signature scheme using elliptic curve digital signature algorithm
A blind digital signature scheme using elliptic curve digital signature algorithm İsmail BÜTÜN * and Mehmet DEMİRER *Department of Electrical Engineering, University of South Florida, Tampa, FL, USA Department
More informationKeywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption
Partitioning Data and Domain Integrity Checking for Storage - Improving Cloud Storage Security Using Data Partitioning Technique Santosh Jogade *, Ravi Sharma, Prof. Rajani Kadam Department Of Computer
More informationEballot Software Storage Solutions
Protecting Your Elections Through a World-Class Security Infrastructure 1420 K St. NW Suite 200 Washington, D.C.20005 www.votenet.com 1-800-VOTENETTM 2010 Votenet Solutions, Inc. ELECTION AND VOTING
More informationN TH THIRD PARTY AUDITING FOR DATA INTEGRITY IN CLOUD. R.K.Ramesh 1, P.Vinoth Kumar 2 and R.Jegadeesan 3 ABSTRACT
N TH THIRD PARTY AUDITING FOR DATA INTEGRITY IN CLOUD R.K.Ramesh 1, P.Vinoth Kumar 2 and R.Jegadeesan 3 1 M.Tech Student, Department of Computer Science and Engineering, S.R.M. University Chennai 2 Asst.Professor,
More information