E-voting Bozhidar Bozhanov
E-votingBozhidar Bozhanov
Vanity slide• Still a developer• http://blog.bozho.net• http://techblog.bozho.net• http://twitter.com/bozhobg• E-government adviser to the deputy prime
minister of Bulgaria
E-voting• e-voting / i-voting / machine voting / remote
e-voting• a.k.a. “let’s vote from home”• sounds tempting• ...and risky
Complicated task• uncontrolled environment• single vote AND vote secrecy• coercion prevention• verifiability• independent observers• results should not be replaceable• defence against attacks and viruses
Before technologyA fundamental question:
• Is it required that every voter understands the whole voting process?
• Does every voter understand fully the current process?
Identification• necessary precondition• e-id (“chip in the ID card”)• other practices
• preliminary registration• scratch-cards• TAN
Who would develop it?• companies with e-voting expertise
• Cybernetica AS (Estonia)• Scytle (Switzerland, France, Norway)• ...
• it’s “how” that’s important
How• open source from day 1• peer-reviewed• audited• with pilots
• in-person at first• 7 days before paper election day
Wait, wait...
There are unanswered questions.There are problems to be solved.There is a lot of noise...
Invalid arguments “for”• if e-banking works, then e-voting should
also work• breaches and fraud• different task
• if anyone can hack voting, why doesn’t he hack banks instead?• why not both?
Invalid arguments “for”• “what can happen”
• everything• we have many good software specialists
• the task is complicated and niche• it will solve the problems of our democracy
• no, it won’t (bit it can help)
Invalid arguments “against”• someone will buy your IP• it’s a devil’s creation• it must be 100% secure
• paper voting is not 100% secure• someone can change something• there is no guarnatee for ballot secrecy• there is no guarantee for one voter-one vote
Invalid arguments “against”• “It’s not being used in big countries”• “Germany banned it”• “The Estonian system doesn’t work”
• mainly OpSec problems• client malware• Press-conference a week prior to the elections
saying “it doesn’t work”? • “It will be developed by incompetent people”
Questions• vote secrecy and one voter = one vote• verifiability of the validity of the result• access for observers• coercion prevention• usability
Vote secrecy• double-envelope method
• identity is separated from the vote before counting• votes are encrypted with the public key of the
counting server• anonymized votes are sent to the counting server
on a CD• the private key is activated by multiple owners
Vote secrect• blind signature
• e.g. carbon paper envelope with your name used for blind stamping
• confirms the vote without knowledge of it• requires trust in the client software
Vote secrecy• Mixnets
• layers of decryption• receiver doesn’t know who the sender is• Tor-like
Revoting• е-voting before the paper voting
• manual removal of the e-vote• automatically guarantees 1 man = 1 vote• with double envelope
• the unanonymized (encrypted) ballot is replaced• with blind signature and mixnet
• using a receipt code?
Verifiability• E2E verifiable• “stored as cast”, “counted as stored”• receipt, incl. a mobile phone
• checking the vote for a limited period of time (risks the secrecy)
• checking if receipt codes are matching
Validity of the result• individual checks• independent counting• public bulletin board
• public ledger (blockchain, votecoin?)• push to registered observers?
Observers• monitoring public logs (or blockchain
transactions)• on-site in the server room• live streaming
Coercion prevention• panic/tamper PIN
• PIN written backwards :)• hard to implement
• webcam with face recognition• partial guarantee that nobody else is in front of the
monitor• cooldown period
• against multiple voting from a single machine
Usability• if paper voting is removed from polling
stations as well• touch-screen is very intuitive
• everyone can use it, even uneducated voters• UX-tests
Problems• client-side malware• DDoS attacks• network attacks (dropping packets)• remote penetration attacks• OpSec• insider attacks• 0-day vulnerabilities
Client-side malware• desktop client vs browser• vote changing, not sending votes,
compromising secrecy before encryption• solutions:
• 2 factor (sms, app)• biometric confirmation• card reader with hardware keypad and display• voting from a virtualized environment
DDoS attacks
DDoS attacks• DDoS prevention:
• preparedness and adequate procedures• tier 1 providers, telecoms• blocking of command & control servers• scrubbing centers• cutting external traffic
Network attacks• packet analysis => dropping the vote• solutions:
• retry• detectable (no receipt/confirmation sent)• Tor / mixnets• paper voting if e-voting doesn’t work for you
OpSec• operational security
• passwords• DMZ• HSM• intrusion detection, netflow anaylsis• audit trail
• main criticism against Estonia• verifiability of results exposes intrusions
Insider attacks• OpSec, audit trail• verifiable using “virtual paper trail” (e.g.
blockchain)• Security agencies should catch it
0-day vulnerabilities• ...well, crap
• general procedures for cancelling or postponing elections
• if intrusions are detectable => patch
General procedures• annulling online results• notification of online voters• postponing the eleciton
(not as hard and expensive as they are in paper voting)
Paper voting?• some of the problems above are valid for
paper voting as well• results of paper voting are ultimately
aggregated on a computer• with checks and paper trail• …but what if it doesn’t match?
We must be paranoid• everything can go wrong• viruses are real• state-level attacks are real• manipulation attempts are real• “it just works” doesn’t work• “election security is national security”
The way forward?• not all problems are addressed 100%• there is no 100% secure solution• we are looking for a solution that doesn’t
allow large-scale manipulations• looks like such a solution is possible
• need for more R&D• dynamic/direct democracy• we are obligated to do it, sooner or later
Sourceshttps://eprint.iacr.org/2015/809.pdfhttps://www.usvotefoundation.org/sites/default/files/E2EVIV_full_report.pdfhttp://static.usenix.org/legacy/events/evtwote11/tech/slides/haenni.pdfhttp://www.e-voting.cc/wp-content/uploads/Proceedings%202010/8.1.Spycher_2010.pdfhttp://www.chaum.com/publications/Remotegrity-Design-and-Use-of-an-End-to-End-Verifiable-Remote-Voting-System.pdfhttp://www.scytl.com/wp-content/uploads/2014/11/IDC-report_Implementing-End-to-End-Verifiable-Online-Voting_Enabling-Secure-Transparent-and-Tamper-Proof-Elections.pdfhttps://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_SECUSO/Papers/GI_Workshop_2014.pdfhttp://download.springer.com/static/pdf/730/chp%253A10.1007%252F3-540-45961-8_15.pdf?originUrl=http%3A%2F%2Flink.springer.com%2Fchapter%2F10.1007%2F3-540-45961-8_15&token2=exp=1446764746~acl=%2Fstatic%2Fpdf%2F730%2Fchp%25253A10.1007%25252F3-540-45961-8_15.pdf%3ForiginUrl%3Dhttp%253A%252F%252Flink.springer.com%252Fchapter%252F10.1007%252F3-540-45961-8_15*~hmac=a7540fc29317746377a541091e07619a274e2048dbbfeb46f2abf76a58bf9918https://vote.heliosvoting.org/http://e-collection.library.ethz.ch/eserv/eth:3046/eth-3046-01.pdfhttp://followmyvote.comhttp://www.scytl.com/wp-content/uploads/2014/11/IDC-report_Implementing-End-to-End-Verifiable-Online-Voting_Enabling-Secure-Transparent-and-Tamper-Proof-Elections.pdfhttp://www.bitcongress.orghttps://bitcoinmagazine.com/21031/blockchain-technology-key-secure-online-voting/https://people.csail.mit.edu/rivest/voting/papers/JakobssonJuelsRivest-MakingMixNetsRobustForElectronicVotingByRandomizedPartialChecking.pdfhttp://arxiv.org/abs/1401.4151https://www.regjeringen.no/globalassets/upload/krd/kampanjer/valgportal/valgobservatorer/2013/rapport_cartersenteret2013.pdfhttp://techblog.bozho.net/why-all-the-fear-in-electronic-voting/
Thank you