E-voting

E-votingBozhidar Bozhanov

Vanity slide• Still a developer• http://blog.bozho.net• http://techblog.bozho.net• http://twitter.com/bozhobg• E-government adviser to the deputy prime

minister of Bulgaria

E-voting• e-voting / i-voting / machine voting / remote

e-voting• a.k.a. “let’s vote from home”• sounds tempting• ...and risky

Complicated task• uncontrolled environment• single vote AND vote secrecy• coercion prevention• verifiability• independent observers• results should not be replaceable• defence against attacks and viruses

Before technologyA fundamental question:

• Is it required that every voter understands the whole voting process?

• Does every voter understand fully the current process?

Identification• necessary precondition• e-id (“chip in the ID card”)• other practices

• preliminary registration• scratch-cards• TAN

Who would develop it?• companies with e-voting expertise

• Cybernetica AS (Estonia)• Scytle (Switzerland, France, Norway)• ...

• it’s “how” that’s important

How• open source from day 1• peer-reviewed• audited• with pilots

• in-person at first• 7 days before paper election day

Wait, wait...

There are unanswered questions.There are problems to be solved.There is a lot of noise...

Invalid arguments “for”• if e-banking works, then e-voting should

also work• breaches and fraud• different task

• if anyone can hack voting, why doesn’t he hack banks instead?• why not both?

Invalid arguments “for”• “what can happen”

• everything• we have many good software specialists

• the task is complicated and niche• it will solve the problems of our democracy

• no, it won’t (bit it can help)

Invalid arguments “against”• someone will buy your IP• it’s a devil’s creation• it must be 100% secure

• paper voting is not 100% secure• someone can change something• there is no guarnatee for ballot secrecy• there is no guarantee for one voter-one vote

Invalid arguments “against”• “It’s not being used in big countries”• “Germany banned it”• “The Estonian system doesn’t work”

• mainly OpSec problems• client malware• Press-conference a week prior to the elections

saying “it doesn’t work”? • “It will be developed by incompetent people”

Questions• vote secrecy and one voter = one vote• verifiability of the validity of the result• access for observers• coercion prevention• usability

Vote secrecy• double-envelope method

• identity is separated from the vote before counting• votes are encrypted with the public key of the

counting server• anonymized votes are sent to the counting server

on a CD• the private key is activated by multiple owners

Vote secrect• blind signature

• e.g. carbon paper envelope with your name used for blind stamping

• confirms the vote without knowledge of it• requires trust in the client software

Vote secrecy• Mixnets

• layers of decryption• receiver doesn’t know who the sender is• Tor-like

Revoting• е-voting before the paper voting

• manual removal of the e-vote• automatically guarantees 1 man = 1 vote• with double envelope

• the unanonymized (encrypted) ballot is replaced• with blind signature and mixnet

• using a receipt code?

Verifiability• E2E verifiable• “stored as cast”, “counted as stored”• receipt, incl. a mobile phone

• checking the vote for a limited period of time (risks the secrecy)

• checking if receipt codes are matching

Validity of the result• individual checks• independent counting• public bulletin board

• public ledger (blockchain, votecoin?)• push to registered observers?

Observers• monitoring public logs (or blockchain

transactions)• on-site in the server room• live streaming

Coercion prevention• panic/tamper PIN

• PIN written backwards :)• hard to implement

• webcam with face recognition• partial guarantee that nobody else is in front of the

monitor• cooldown period

• against multiple voting from a single machine

Usability• if paper voting is removed from polling

stations as well• touch-screen is very intuitive

• everyone can use it, even uneducated voters• UX-tests

Problems• client-side malware• DDoS attacks• network attacks (dropping packets)• remote penetration attacks• OpSec• insider attacks• 0-day vulnerabilities

Client-side malware• desktop client vs browser• vote changing, not sending votes,

compromising secrecy before encryption• solutions:

• 2 factor (sms, app)• biometric confirmation• card reader with hardware keypad and display• voting from a virtualized environment

DDoS attacks

DDoS attacks• DDoS prevention:

• preparedness and adequate procedures• tier 1 providers, telecoms• blocking of command & control servers• scrubbing centers• cutting external traffic

Network attacks• packet analysis => dropping the vote• solutions:

• retry• detectable (no receipt/confirmation sent)• Tor / mixnets• paper voting if e-voting doesn’t work for you

OpSec• operational security

• passwords• DMZ• HSM• intrusion detection, netflow anaylsis• audit trail

• main criticism against Estonia• verifiability of results exposes intrusions

Insider attacks• OpSec, audit trail• verifiable using “virtual paper trail” (e.g.

blockchain)• Security agencies should catch it

0-day vulnerabilities• ...well, crap

• general procedures for cancelling or postponing elections

• if intrusions are detectable => patch

General procedures• annulling online results• notification of online voters• postponing the eleciton

(not as hard and expensive as they are in paper voting)

Paper voting?• some of the problems above are valid for

paper voting as well• results of paper voting are ultimately

aggregated on a computer• with checks and paper trail• …but what if it doesn’t match?

We must be paranoid• everything can go wrong• viruses are real• state-level attacks are real• manipulation attempts are real• “it just works” doesn’t work• “election security is national security”

The way forward?• not all problems are addressed 100%• there is no 100% secure solution• we are looking for a solution that doesn’t

allow large-scale manipulations• looks like such a solution is possible

• need for more R&D• dynamic/direct democracy• we are obligated to do it, sooner or later

Sourceshttps://eprint.iacr.org/2015/809.pdfhttps://www.usvotefoundation.org/sites/default/files/E2EVIV_full_report.pdfhttp://static.usenix.org/legacy/events/evtwote11/tech/slides/haenni.pdfhttp://www.e-voting.cc/wp-content/uploads/Proceedings%202010/8.1.Spycher_2010.pdfhttp://www.chaum.com/publications/Remotegrity-Design-and-Use-of-an-End-to-End-Verifiable-Remote-Voting-System.pdfhttp://www.scytl.com/wp-content/uploads/2014/11/IDC-report_Implementing-End-to-End-Verifiable-Online-Voting_Enabling-Secure-Transparent-and-Tamper-Proof-Elections.pdfhttps://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_SECUSO/Papers/GI_Workshop_2014.pdfhttp://download.springer.com/static/pdf/730/chp%253A10.1007%252F3-540-45961-8_15.pdf?originUrl=http%3A%2F%2Flink.springer.com%2Fchapter%2F10.1007%2F3-540-45961-8_15&token2=exp=1446764746~acl=%2Fstatic%2Fpdf%2F730%2Fchp%25253A10.1007%25252F3-540-45961-8_15.pdf%3ForiginUrl%3Dhttp%253A%252F%252Flink.springer.com%252Fchapter%252F10.1007%252F3-540-45961-8_15*~hmac=a7540fc29317746377a541091e07619a274e2048dbbfeb46f2abf76a58bf9918https://vote.heliosvoting.org/http://e-collection.library.ethz.ch/eserv/eth:3046/eth-3046-01.pdfhttp://followmyvote.comhttp://www.scytl.com/wp-content/uploads/2014/11/IDC-report_Implementing-End-to-End-Verifiable-Online-Voting_Enabling-Secure-Transparent-and-Tamper-Proof-Elections.pdfhttp://www.bitcongress.orghttps://bitcoinmagazine.com/21031/blockchain-technology-key-secure-online-voting/https://people.csail.mit.edu/rivest/voting/papers/JakobssonJuelsRivest-MakingMixNetsRobustForElectronicVotingByRandomizedPartialChecking.pdfhttp://arxiv.org/abs/1401.4151https://www.regjeringen.no/globalassets/upload/krd/kampanjer/valgportal/valgobservatorer/2013/rapport_cartersenteret2013.pdfhttp://techblog.bozho.net/why-all-the-fear-in-electronic-voting/

Thank you