An Analysis of the Wombat Voting

erosjellySecurity

Feb 23, 2014 (3 years and 3 months ago)

83 views

An Analysis of the
Wombat Voting
System Model

By Eitan Grundland

The System Goals


Integrity



Privacy



Transparency

Why Change to Digital
?


Computers are faster!


Computers are more accurate!


As days go by, digital interfaces are more intuitive
to the public
!


The evolution in inevitable!

From Paper to Digital

From Paper to Digital

From Paper to Digital

From Paper to Digital

From Paper to Digital

Security

Components

Overview

Security Components

A weak identification procedure can
compromise the entire election
process.


Security Components



Live
CD
OS


Encryption


Randomness Generation


Zero Knowledge
1
of
L


Security Components



Voter's Receipt


Digital
Signatures


Security Components



Paper
Ballots


Serial Number


Security Components


Threshold Encryption


Hash
for Tallying
Verification

Audit Ballot

Security Components

Security Components


Mixnet


Mixnet

Zero Knowledge

The

Participating

Parties

The Participating Parties


Ballot
Stuffing


Voter
Exposure


Authentication
Disabling


Smart Card
Forgery

The Participating Parties

Actions That Pose No Threat When Carried Out by
a Single Party

The Participating Parties


False Results
Publishing

The Participating Parties


False Accusation

The Participating Parties


Registration
Frauds

The Participating Parties


Vote Buyers
Motivation


Voter Exposure

The Participating Parties

Actions That Pose No Threat When Carried Out by
a Single Party

The Participating Parties


Voter
Exposure


Printing
Subliminal
Channel


Booth
Denial of Service

The Participating Parties


Partial
Voter Exposure

The Participating Parties


Booth OS Built
-
in
Backdoor


Altering
Ballots


Subliminal
Channel


Printing Subliminal
Channel

The Participating Parties


Collecting External
Information

Threats

of
Attackers
Collaboration


Attackers
Collaboration

Registration
Frauds

Attackers
Collaboration

Repeating

Attackers
Collaboration

Booth's OS CD
Manufacturers Capabilities
Identity

Attackers
Collaboration


Partial Exposure
Voter


Voter Exposure by the
Ability to Decrypt the
Votes

Attackers
Collaboration

Voter Exposure by the
Ability to Decrypt the Votes

Attackers
Collaboration

Ballot Stuffing

Attackers
Collaboration

Voter Exposure

Attackers
Collaboration

Chain Voting

Attackers
Collaboration

Chain Voting

Attackers
Collaboration

Voter Exposure by the
Ability to Decrypt the Votes

Attackers
Collaboration

Subliminal Channel

Attackers
Collaboration

Voter Exposure by the
Ability to Decrypt the Votes

Conclusion

Identification Process


People
can vote anywhere



Biometric identification


Limit each scanned vote
to a single identification
by software.

Live OS CD

The CD should be
digitally signed

Booth Machine

The booth machine
should be checked for
suspicious components

Physical Stamp

Each stamp should
contain
poll's digital
signature

Bulletin Board

A digitally signed
list of all the cipher
votes

Booth Machine Auditing

An audit every two
hours in each
booth

Ballot Scanning Authentications

Auditing

A special
"authentication audit
ballot"

Conclusion

An
audit OCR
program