6. Esoteric Protocols - PowerPoint PPT Presentation

1 / 73
About This Presentation
Title:

6. Esoteric Protocols

Description:

(But, the collusion is possible.) Everyone knows who voted and who didn't. ... As stated above, the collusion is possible. Protocols. 1. Simplistic voting protocols #1 ... – PowerPoint PPT presentation

Number of Views:24
Avg rating:3.0/5.0
Slides: 74
Provided by: knotKa
Category:

less

Transcript and Presenter's Notes

Title: 6. Esoteric Protocols


1
6. Esoteric Protocols secure elections and
multi-party computation
Kim Hyoung-Shick
2
Contents
  • 1. Secure elections
  • Introduction
  • Protocols
  • 2. Secure multiparty computation
  • Introduction
  • Examples
  • 3. Conclusion

3
Contents
  • 1. Secure elections
  • Introduction
  • Protocols
  • 2. Secure multiparty computation
  • Introduction
  • Examples

4
Voting
What is the requirements ?
5
Voting
Secure Booth ?
6
Voting
Fair judge ?
7
Voting
Privacy !
Fairness !
We need two major requirements.
8
Traditional Voting Vs Electronic Voting
  • Privacy
  • Fairness
  • Efficiency

9
Problems with Electronic Voting
  • No physical audit trail
  • Who provides the system?
  • How are they audited?
  • High Tech More dependencies
  • More ways to subvert the system
  • etc.

10
Requirements for Electronic Voting
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

11
Requirements for Electronic Voting
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

12
Requirements for Electronic Voting
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

13
Contents
  • 1. Secure elections
  • Introduction
  • Protocols
  • 2. Secure multiparty computation
  • Introduction
  • Examples

14
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
15
Idea of Simplistic Voting Protocol 1
secure booth encryption
16
Simplistic Voting Protocol 1
PCTF
SCTF
Voter Vi
1. Choose V
4. Tabulate Vs
5. Publish the result
2. Encrypt V into ECTF(V).
17
Unsatisfied Requirements
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered. (By intercept attack)
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

18
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
19
Idea of Simplistic Voting Protocol 2
secure booth encryption
identification card sign
20
Simplistic Voting Protocol 2
PCTF Pi
SCTF
Si
Voter Vi
5. Decrypt, verify, tabulate Vs
1. Choose V
2. Sign V into Si(V)
6. Publish the result
3. Encrypt Si(V) into ECTF(Si(V))
21
Unsatisfied Requirements
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
    (CTF knows it.)
  7. Everyone knows who voted and who didnt.

22
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
23
Problem with Signature
24
Idea of Voting with Blind Signature
?
accept
25
Idea of Voting with Blind Signature
Be covered !
26
Voting with Blind Signature
PCTF Pi
SCTF
Si
Voter Vi
4. Check if B(M) is valid
1. Generate M (O1, , On, IDr , i)
2. Blind M into B(M)
6. Choose SCTF(Oi)
7. Generate M (SCTF(Oi), SCTF(IDr), SCTF(i))
27
Voting with Blind Signature
PCTF Pi
SCTF
Si
B(M)
Voter Vi
9. Verify, check ID duplication
10. Publish the result
28
Unsatisfied Requirements
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
    (CTF knows it.) it need to provide anonymous
    channel.
  7. Everyone knows who voted and who didnt.

29
Additional Some Problems
  1. CTF can generate a large number of signed, valid
    votes and cheat by submitting those itself.
  2. If voter discovers that the CTF changed his or
    her vote, he or she has no way to prove it.

30
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
31
Review of Traditional Voting
1. Check voters identification by checker.
voter
checker
32
Review of Traditional Voting
2. Count votes in the ballot boxes by counter.
counter
33
Review of Traditional Voting
There are two positions in the voting.
counter
checker
34
Idea of Voting with Two Central Facilities
35
Voting with Two Central Facilities
PCLA Pi
SCLA
Si
VN list
Voter Vi
2. Maintain VN list for voters
36
Voting with Two Central Facilities
PCLA PCTF
SCLA
SCTF
VN list
37
Voting with Two Central Facilities
PCTF Pi
SCTF
Si
VNr
VN list
Voter Vi
9. Check if M is valid and maintain VN list
5. Choose IDr
6. Generate M (V, IDr, VNr)
10. Publish the result
6. Choose SCTF(Oi)
7. Generate M (SCTF(Oi), SCTF(IDr), SCTF(i))
38
Unsatisfied Requirements
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
    (But, the collusion is possible.)
  7. Everyone knows who voted and who didnt.

39
Additional Some Problems
  1. CLA can generate a large number of signed, valid
    votes and cheat by submitting those itself. It
    solve that CLA publish a list of certified
    voters.
  2. As stated above, the collusion is possible.

40
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
41
What is ANDOS (All-Or-Nothing Disclosure of
Secrets)
Sender
Receiver
- Sender doesnt know that receiver has gained
the one. - As soon as receiver has gained anyone,
he cant receive other messages.
42
Voting with ANDOS
PCLA Pi
SCLA
Si
VN list
Voter Vi
2. Maintain VN list for voters
43
Unsatisfied Requirements
  1. Only authorized voters can vote. we solve it by
    blinded signagture
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

44
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
45
Idea of Improved Voting with ANDOS
Voter is also checker for CTF
46
Voting with Blind Signature
PCTF Pi
SCTF
Si
Voter Vi
2. Publish a list of participants
47
Voting with Blind Signature
PCTF Pi
SCTF
Si
IDr
Voter Vi
6. Publish Ei(IDr, V)
8. Decrypt, publish the result. (For each
candidate, the list of all Ei(IDr, V) that voted
for a candidate)
48
Voting with Blind Signature
PCTF Pi
SCTF
Si
IDr
or
9. IDr, Ei(IDr, V), Si
Voter Vi
Within time T, voter can change the vote.
49
The Reason of the possibility for protest
6. Publish Ei(IDr, V)
CTF should be examined for performing his duty by
voter Vi
50
Unsatisfied Requirements
  1. Only authorized voters can vote. we solve it by
    blinded signagture
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

51
Additional Satisfied Requirements
  1. A voter can change his mind within a given period
    of time.
  2. If a voter find out that his vote is miscounted,
    he can identify and correct the problem without
    jeopardzing the secrecy of his ballot.

52
Protocols
1. Simplistic voting protocols 1 2. Simplistic
voting protocols 2 3. Voting with blind
signatures 4. Voting with two central
facilities 5. Voting with ANDOS 6. Improved
voting with ANDOS 7. Voting without a central
facility
53
Idea of Voting without a Central Facility
The problem of source is CTF.
54
Idea of Voting without a Central Facility
Everyone is checker.
55
Voting without a Central Facility
1. Generate each public/private key pair. 2.
Publish order of voters and each public key.
56
Voting without a Central Facility
Si
Pi
IDr
1. Generate IDr 2. Generate E1(En(V, IDr)) 3.
Generate En(E1(En(V, IDr)), Rn) 4. Generate M
E1(En(E1(En(V, IDr))), R1) and record Rn
R1 and the intermediate results.
57
Voting without a Central Facility
P1 Pi
S1
Si
Voter V1
Voter Vi
6. Decrypt, removes all of the random strings at
that level.
58
Voting without a Central Facility
P1 P2
S2
S1
(M2 is the decrypted message)
Voter V2
Voter V1
8. Decrypt, check to see that his vote is among
the set of votes, removes all of the random
strings at that level.
59
Voting without a Central Facility
Pn P1
S1
Sn
( M E1(En(V, IDr)) )
Voter V1
Voter Vn
10. Decrypt, check to see that his vote is among
the set of votes, removes all of the random
strings at that level.
11. Sign all the votes.
60
Voting without a Central Facility
Voter V1
12. Broadcast all signed votes to everyone.
61
Voting without a Central Facility
Voter Vn
13. Publish the result.
62
Unsatisfied Requirements
  1. Only authorized voters can vote.
  2. No one can vote more than once.
  3. No one can duplicate anyone elses vote.
  4. No one can change anyone elses vote without
    being discovered.
  5. Every voter can make sure that his vote has been
    taken into account in the final tabulation.
  6. No one can determine for whom anyone else voted.
  7. Everyone knows who voted and who didnt.

63
Additional Some Problems
  1. An enormous amount of computation
  2. Vn learns the results of the election before
    anyone else does.
  3. Message duplication. (Ex There are three people.)

64
Contents
  • 1. Secure elections
  • Introduction
  • Protocols
  • 2. Secure multiparty computation
  • Introduction
  • Examples

65
Introduction
Xj ,, Xk
Pi
f(x1, x2, , Xm)
A protocol in which a group can compute any
function securely.
66
Introduction
f(x1, x2, , Xm) is public ! But, no one learns
anything about the inputs of any other members
other than what is obvious from the output of the
function.
67
Contents
  • 1. Secure elections
  • Introduction
  • Protocols
  • 2. Secure multiparty computation
  • Introduction
  • Examples

68
Compute Average Value
2. E2(M)
P1
P2
1. Generate M S1 r
3. Decrypt, M S2 M
69
Compute Average Value
5. E1(M)
Pn
P1
4. Generate M Sn M
6. Decrypt.
7. Compute
8. Publish it
70
Problems
  1. Participants can lie Si
  2. V1 can misrepresent the result to everyone. It
    is solved by bit commit for r, but V2 knows S1.

71
Check the equality
0, if a b
1, otherwise
b
a
2. h(a)
P1
P2
3. Compute h(b) 4. Check if h(a) h(b)
1. Compute h(a)
72
Problems
  1. B has a chosen plaintext attack if size of domain
    is small.

73
Additional Examples
  • Electronic elections
  • Bidding protocols
  • Lotteries
  • Distributed games over the internet
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "6. Esoteric Protocols" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!