[attachment=8840]
e-voting, security issues
Postal voting vs. e-Voting
• What distinguishes e-voting from postal voting?
– the concept of an “original document” (i.e. ballot paper) is no longer given
– data traces shall not jeopardize anonymity
– various denial-of-service attack paths
• Aside these considerations, there is little reason to argue, that e-Voting is less secure than postal voting
– e.g. family voting is possible in both
Security requirements/solutions Paper- vs. electronic-world
Conventional e-Government
• Based on conventional technologies
– communication security
– unique identification
– el. signatures
e-Voting: Challenge vote secrecy
Various proposals
• Organizational measures
– Rely on / trust the election authorities
• Specific cryptographic protocols
– Blind signatures
• One phase: Fujioka/Okamota/Ohta
• Two phase: Prosser/Krimmer
– Secure Multiparty Communication
– Homomorphic cryptography
– Cryptographic mixes
• Specialized hardware
– cf. hardware security module
Typical voting channels
• Phone (Pilots in UK, NL, …)
– e.g. „long“ DTMF codes
• Cell phones
– dial-tone
– SMS / WAP
– Future: Build-in crypto
• e.g Telenor: mobile phones with cryptographic co-processor
• Initiatives such as WIM, S/WIM
• Computer
– Cryptography in software / hardware tokens
• e.g. Citizen cards
Council of Europe
• Integrated project on
 legal
 operational
 technical standards for e-enabled voting
• State of technical security standards