Nikos Chondros,Bingsheng Zhang,Thomas Zacharias,Panos Diamantopoulos,Stathis Maneas,Christos Patsonakis,Alex Delis,Aggelos Kiayias,Mema Roussopoulos

DOI: https://doi.org/10.1109/icdcs.2016.56

2015-01-01

Abstract:E-voting systems have emerged as a powerful technology for improving democracy by reducing election cost, increasing voter participation, and even allowing voters to directly verify the entire election procedure. Prior internet voting systems have single points of failure, which may result in the compromise of availability, voter secrecy, or integrity of the election results. In this paper, we present the design, implementation, security analysis, and evaluation of D-DEMOS, a complete e-voting system that is distributed, privacy-preserving and end-to-end verifiable. Our system includes a fully asynchronous vote collection subsystem that provides immediate assurance to the voter her vote was recorded as cast, without requiring cryptographic operations on behalf of the voter. We also include a distributed, replicated and fault-tolerant Bulletin Board component, that stores all necessary election-related information, and allows any party to read and verify the complete election process. Finally, we also incorporate trustees, i.e., individuals who control election result production while guaranteeing privacy and end-to-end-verifiability as long as their strong majority is honest. Our system is the first e-voting system whose voting operation is human verifiable, i.e., a voter can vote over the web, even when her web client stack is potentially unsafe, without sacrificing her privacy, and still be assured her vote was recorded as cast. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. Finally, as the number of auditors increases, the probability of election fraud going undetected is diminished exponentially. We provide a model and security analysis of the system. We implement a prototype of the complete system, we measure its performance experimentally, and we demonstrate its ability to handle large-scale elections.

Nikos Chondros,Bingsheng Zhang,Thomas Zacharias,Panos Diamantopoulos,Stathis Maneas,Christos Patsonakis,Alex Delis,Aggelos Kiayias,Mema Roussopoulos

DOI: https://doi.org/10.1016/j.cose.2019.03.001

IF: 5.105

2019-01-01

Computers & Security

Abstract:We present the D-DEMOS suite of distributed, privacy-preserving, and end-to-end verifiable e-voting systems; one completely asynchronous and one with minimal timing assumptions but better performance. Their distributed voting operation is human verifiable; a voter can vote over the web, using an unsafe web client stack, without sacrificing her privacy, and get recorded-as-cast assurance. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. We provide a model and security analysis of the systems, implement prototypes of the complete systems, measure their performance experimentally, demonstrate their ability to handle large-scale elections, and demonstrate the performance trade-offs between the two versions.

Qinyuan Feng,Yan Lindsay Sun,Ling Liu,Yafei Yang,Yafei Dai

DOI: https://doi.org/10.1109/tkde.2009.214

IF: 9.235

2010-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:With the popularity of voting systems in cyberspace, there is growing evidence that current voting systems can be manipulated by fake votes. This problem has attracted many researchers working on guarding voting systems in two areas: relieving the effect of dishonest votes by evaluating the trust of voters, and limiting the resources that can be used by attackers, such as the number of voters and the number of votes. In this paper, we argue that powering voting systems with trust and limiting attack resources are not enough. We present a novel attack named as Reputation Trap (RepTrap). Our case study and experiments show that this new attack needs much less resources to manipulate the voting systems and has a much higher success rate compared with existing attacks. We further identify the reasons behind this attack and propose two defense schemes accordingly. In the first scheme, we hide correlation knowledge from attackers to reduce their chance to affect the honest voters. In the second scheme, we introduce robustness-of-evidence, a new metric, in trust calculation to reduce their effect on honest voters. We conduct extensive experiments to validate our approach. The results show that our defense schemes not only can reduce the success rate of attacks but also significantly increase the amount of resources an adversary needs to launch a successful attack.

Adam Dorian Wong

2024-09-14

Abstract:Faith in the US electoral system is at risk. This issue stems from trust or lack thereof. Poor leaders ranted and attempted to sew discord in the democratic process and even tried to influence election results. Historically, the US has relied on paper ballots to cast private votes. Votes are watered down by the Electoral College. Elections are contested due to voter IDs and proof of citizenship. Methods of voting are nonsensically complex. In the technology age, this can be solved with a Smartcard National ID backed by Public-Key Infrastructure (PKI). This could be a method to restore hope in democracy and move the country back towards elections under a Popular Vote. Numbers are empirical and immutable and can solve the issue of Election Security in a bipartisan way. NATO allies like Estonia have already broken ground in using technology for eDemocracy or (Internet-based) iVoting. Acknowledging cyber attacks will happen, this is an opportunity for DHS and DOD (CYBERCOM) to collaborate on domestic operations and protect critical election infrastructure. This idea will not fix malicious information operations or civil stupidity. However, this is the way forward to securing elections now and forever. The views expressed by this whitepaper are those of the author and do not reflect the official policy or position of Dakota State University, the N.H. Army National Guard, the U.S. Army, the Department of Defense, or the U.S. Government. Cleared for release by DOPSR on 13 SEP 2024.

Cryptography and Security,Computers and Society

Robert Riemann,Stéphane Grumbach

DOI: https://doi.org/10.5220/0006228504990505

2017-05-12

Abstract:While online services emerge in all areas of life, the voting procedure in many democracies remains paper-based as the security of current online voting technology is highly disputed. We address the issue of trustworthy online voting protocols and recall therefore their security concepts with its trust assumptions. Inspired by the Bitcoin protocol, the prospects of distributed online voting protocols are analysed. No trusted authority is assumed to ensure ballot secrecy. Further, the integrity of the voting is enforced by all voters themselves and without a weakest link, the protocol becomes more robust. We introduce a taxonomy of notions of distribution in online voting protocols that we apply on selected online voting protocols. Accordingly, blockchain-based protocols seem to be promising for online voting due to their similarity with paper-based protocols.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

J. Alex Halderman,Vanessa Teague

DOI: https://doi.org/10.48550/arXiv.1504.05646

2015-06-06

Abstract:In the world's largest-ever deployment of online voting, the iVote Internet voting system was trusted for the return of 280,000 ballots in the 2015 state election in New South Wales, Australia. During the election, we performed an independent security analysis of parts of the live iVote system and uncovered severe vulnerabilities that could be leveraged to manipulate votes, violate ballot privacy, and subvert the verification mechanism. These vulnerabilities do not seem to have been detected by the election authorities before we disclosed them, despite a pre-election security review and despite the system having run in a live state election for five days. One vulnerability, the result of including analytics software from an insecure external server, exposed some votes to complete compromise of privacy and integrity. At least one parliamentary seat was decided by a margin much smaller than the number of votes taken while the system was vulnerable. We also found protocol flaws, including vote verification that was itself susceptible to manipulation. This incident underscores the difficulty of conducting secure elections online and carries lessons for voters, election officials, and the e-voting research community.

Cryptography and Security

Nazmul Islam,Soomin Kim,Mohammad Pirooz,Sasha Shvetsov

2024-10-08

Abstract:As Canada prepares for the 2025 federal election, ensuring the integrity and security of the electoral process against cyber threats is crucial. Recent foreign interference in elections globally highlight the increasing sophistication of adversaries in exploiting technical and human vulnerabilities. Such vulnerabilities also exist in Canada's electoral system that relies on a complex network of IT systems, vendors, and personnel. To mitigate these vulnerabilities, a threat assessment is crucial to identify emerging threats, develop incident response capabilities, and build public trust and resilience against cyber threats. Therefore, this paper presents a comprehensive national cyber threat assessment, following the NIST Special Publication 800-30 framework, focusing on identifying and mitigating cybersecurity risks to the upcoming 2025 Canadian federal election. The research identifies three major threats: misinformation, disinformation, and malinformation (MDM) campaigns; attacks on critical infrastructure and election support systems; and espionage by malicious actors. Through detailed analysis, the assessment offers insights into the capabilities, intent, and potential impact of these threats. The paper also discusses emerging technologies and their influence on election security and proposes a multi-faceted approach to risk mitigation ahead of the election.

Cryptography and Security

Šimon Schierreich

DOI: https://doi.org/10.48550/arXiv.2403.05273

2024-03-08

Abstract:The election, a cornerstone of democracy, is one of the best-recognizable symbols of democratic governance. Voters' confidence in elections is essential, and these days, we can watch practically in live broadcast what consequences distrust in the fairness of elections may have. From the times of the celebrated Gibbard-Satterthwaite theorem, it is well-known in the social-choice community that most voting systems are vulnerable to the efforts of various players to influence elections. Luckily for us, computing such influence to affect election outcomes is a hard problem from the computational complexity perspective. This intractability is regarded as a ``complexity shield'' that secures voting rules against this malicious behavior. In this work, we consider quantum computers to be a new threat to the complexity shield described above, as they break out of standard computing paradigms and unlock additional computational resources. To this end, we provide an overview of possible attacks on election, discuss the abilities of quantum computing, and chart possible directions for future research in this area.

Cryptography and Security,Computers and Society,Computer Science and Game Theory

David Duenas-Cid

DOI: https://doi.org/10.1145/3657054.365726

2024-12-06

Abstract:This paper focuses on the complex dynamics of trust and distrust in digital government technologies by approaching the cancellation of machine voting in the Netherlands (2006-07). This case describes how a previously trusted system can collapse, how paradoxical the relationship between trust and distrust is, and how it interacts with adopting and managing electoral technologies. The analysis stresses how, although being a central component, technology's trustworthiness dialogues with the socio-technical context in which it is inserted, for example, underscoring the relevance of public administration in securing technological environments. Beyond these insights, the research offers broader reflections on trust and distrust in data-driven technologies, advocating for differentiated strategies for building trust versus managing distrust. Overall, this paper contributes to understanding trust dynamics in digital government technologies, with implications for policymaking and technology adoption strategies.

Computers and Society

Mark Eldridge

DOI: https://doi.org/10.48550/arXiv.1805.02202

2018-05-06

Abstract:The existing system for determining election results in Australia is, for the most part, secure, accurate and understandable by the average voter. This thesis explores the design of electronic voting systems designed to achieve these same goals, while also improving on the existing system in the areas of counting speed, accuracy, tamper resistance and accessibility. Electronic voting systems have seen limited use within Australian elections, most prominently for State Elections in Victoria (2014), New South Wales (2015) and Western Australia (2017), along with trials of electronic voting systems in federal elections in 2007. This thesis presents an analysis of the iVote electronic voting system used for the 2017 Western Australian State Election (iVote WA), outlining a number of security risks introduced by the use of cloud-based distributed denial of service mitigation. In addition, this thesis presents the results of a cross-sectional survey of Australian voters regarding levels of trust for three voting systems: the existing paper-based system used for Australian federal elections, the iVote WA system, and the vVote system used for the 2014 Victorian State Election. The analysis of iVote, combined with the survey results, are used to inform a recommendation for future research and public policy regarding the use of electronic voting systems in Australian federal elections.

Cryptography and Security

Sunny Consolvo,Patrick Gage Kelley,Tara Matthews,Kurt Thomas,Lee Dunn,Elie Bursztein

DOI: https://doi.org/10.48550/arXiv.2106.00236

2021-06-01

Abstract:People who are involved with political campaigns face increased digital security threats from well-funded, sophisticated attackers, especially nation-states. Improving political campaign security is a vital part of protecting democracy. To identify campaign security issues, we conducted qualitative research with 28 participants across the U.S. political spectrum to understand the digital security practices, challenges, and perceptions of people involved in campaigns. A main, overarching finding is that a unique combination of threats, constraints, and work culture lead people involved with political campaigns to use technologies from across platforms and domains in ways that leave them--and democracy--vulnerable to security attacks. Sensitive data was kept in a plethora of personal and work accounts, with ad hoc adoption of strong passwords, two-factor authentication, encryption, and access controls. No individual company, committee, organization, campaign, or academic institution can solve the identified problems on their own. To this end, we provide an initial understanding of this complex problem space and recommendations for how a diverse group of experts can begin working together to improve security for political campaigns.

Computers and Society

Aggelos Kiayias,Thomas Zacharias,Bingsheng Zhang

DOI: https://doi.org/10.1145/2810103.2813727

2015-01-01

Abstract:Recently, Kiayias, Zacharias and Zhang proposed a new E2E verifiable e-voting system called 'DEMOS' that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, DEMOS comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to precompute a number of cipher texts for each voter and each possible choice of the voter. This approach clearly does not scale to elections that have a complex ballot and voters have an exponential number of ways to vote in the number of candidates. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext.In contrast to the above, in this work, we construct a new e-voting system that retains the strong E2E characteristics of DEMOS (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. We achieve this via a new cryptographic construction that has the EA produce and prove, using voters' coins, the security of a common reference string (CRS) that voters subsequently can use to affix non-interactive zero knowledge (NIZK) proofs to their ciphertexts. The EA itself uses the CRS to prove via a NIZK the tally correctness at the end. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging.

Jasmeen Kaur Chahal,Abhinav Bhandari,Sunny Behal

DOI: https://doi.org/10.1080/13614576.2019.1611468

2019-01-02

New Review of Information Networking

Abstract:In today's cyber world, the Internet has become a vital resource for providing a plethora of services. Unavailability of these services due to any reason leads to huge financial implications or even consequences on society. Distributed Denial of Service (DDoS) attacks have emerged as one of the most serious threats to the Internet whose aim is to completely deny the availability of different Internet based services to legitimate users. The attackers compromise a large number of Internet enabled devices and gain malicious control over them by exploiting their vulnerabilities. Simplicity of launching, traffic variety, IP spoofing, high volume traffic, involvement of numerous agent machines, and weak spots in Internet topology are important characteristics of DDoS attacks and makes its defense very challenging. This article provides a survey with the enhanced taxonomies of DDoS attacks and defense mechanisms. Additionally, we describe the timeline of DDoS attacks to date and attempt to discuss its impact according to various motivations. We highlighted the general issues, challenges, and current trends of DDoS attack technology. The aim of the article is to provide complete knowledge of DDoS attacks and defense mechanisms to the research community. This will, in turn, help to develop a powerful, effective, and efficient defense mechanism by filling the various research gaps addressed in already proposed defense mechanisms.

Vitaly Zuevsky

DOI: https://doi.org/10.48550/arXiv.2207.07446

2022-06-30

Abstract:Electronic voting consistently fails to supplant conventional paper ballot due to a plethora of security shortcomings. Not only are traditional voting methods mediocre in terms of convenience and interface, they also encompass principal-agent problem, where the state may have vested interest in the outcome of the ballot. Electronic voting protocol using cryptography to deliver in zero trust environments is long overdue. Here I propose using Proof of Work algorithm at user devices in combination with other well-known security primitives to build a zero-trust voting system. The state would only issue single-use voting authorizations to its citizens, while zero trust design would allow conducting elections by an open-source platform with enhanced observability. It is also hypothesized that the heighten availability of plebiscite by means of the proposed design may ultimately change the way our society participates in the policy making.

Cryptography and Security

Se Elnour,William J Buchanan,Paul Keating,Mwrwan Abubakar,Sirag Elnour

DOI: https://doi.org/10.48550/arXiv.2403.05275

2024-03-08

Abstract:The vSPACE experimental proof-of-concept (PoC) on the TrueElect[Anon][Creds] protocol presents a novel approach to secure, private, and scalable elections, extending the TrueElect and ElectAnon protocols with the integration of AnonCreds SSI (Self-Sovereign Identity). Such a protocol PoC is situated within a Zero-Trust Architecture (ZTA) and leverages confidential computing, continuous authentication, multi-party computation (MPC), and well-architected framework (WAF) principles to address the challenges of cybersecurity, privacy, and trust over IP (ToIP) protection. Employing a Kubernetes confidential cluster within an Enterprise-Scale Landing Zone (ESLZ), vSPACE integrates Distributed Ledger Technology (DLT) for immutable and certifiable audit trails. The Infrastructure as Code (IaC) model ensures rapid deployment, consistent management, and adherence to security standards, making vSPACE a future-proof solution for digital voting systems.

Cryptography and Security,Computers and Society

Bryan Wilder,Yevgeniy Vorobeychik

DOI: https://doi.org/10.1609/aaai.v33i01.33012213

2019-07-17

Proceedings of the AAAI Conference on Artificial Intelligence

Abstract:The integrity of democratic elections depends on voters’ access to accurate information. However, modern media environments, which are dominated by social media, provide malicious actors with unprecedented ability to manipulate elections via misinformation, such as fake news. We study a zerosum game between an attacker, who attempts to subvert an election by propagating a fake new story or other misinformation over a set of advertising channels, and a defender who attempts to limit the attacker’s impact. Computing an equilibrium in this game is challenging as even the pure strategy sets of players are exponential. Nevertheless, we give provable polynomial-time approximation algorithms for computing the defender’s minimax optimal strategy across a range of settings, encompassing different population structures as well as models of the information available to each player. Experimental results confirm that our algorithms provide nearoptimal defender strategies and showcase variations in the difficulty of defending elections depending on the resources and knowledge available to the defender.

English Else

Nicholas Stedmon

DOI: https://doi.org/10.48550/arXiv.2012.08968

2020-12-15

Abstract:This paper will investigate the literature surrounding cyber security threats in the 2020 US Elections. It begins with a brief overview of cyber security and the current state of cyber security regarding elections. In the main body of the paper, the focus will be on the literature review of three main areas: voter suppression, voter fraud, and disinformation, considering their impacts on the outcome of the election and on the voting public. Having evaluated sources on each this paper concludes by summarising the areas which have had the greatest impact on the 2020 US elections.

Cryptography and Security,Computers and Society

Melissa-Ellen Dowling

DOI: https://doi.org/10.1080/10361146.2021.2023093

2022-01-07

Australian Journal of Political Science

Abstract:As liberal democracies intensify their efforts to digitise democracy, more governance services and processes are shifting online. Malign foreign entities (MFEs) are exploiting this phenomenon of digital era governance (DEG) to weaken democracies through information warfare operations. Australia is not immune to this, yet there is limited research exploring the relationship between digital democracy and foreign interference in the Australian context. Addressing this lacuna, this paper identifies the ways in which DEG might inadvertently produce opportunities for MFEs to target the Nation’s core democratic infrastructure. Through the implicit application of a tri-theoretical framework of DEG, democratic theory, and institutional theory, I argue that DEG has induced a series of new vulnerabilities in Australia’s political processes and institutions that challenge the legitimacy of decision-making inputs and outputs. MFEs may exploit these potential vulnerabilities by tapping into key digitally-amplified problems such as inauthenticity, data insecurity, and disinformation, thereby threatening Australia’s democratic sovereignty.

political science

Brij B. Gupta,Anshuman Singh

DOI: https://doi.org/10.4018/ijswis.297143

2022-01-01

Abstract:The demand for Internet security has escalated in the last two decades because the rapid proliferation in the number of Internet users has presented attackers with new detrimental opportunities. One of the simple yet powerful attack, lurking around the Internet today, is the Distributed Denial-of-Service (DDoS) attack. The expeditious surge in the collaborative environments, like IoT, cloud computing and SDN, have provided attackers with countless new avenues to benefit from the distributed nature of DDoS attacks. The attackers protect their anonymity by infecting distributed devices and utilizing them to create a bot army to constitute a large-scale attack. Thus, the development of an effective as well as efficient DDoS defense mechanism becomes an immediate goal. In this exposition, we present a DDoS threat analysis along with a few novel ground-breaking defense mechanisms proposed by various researchers for numerous domains. Further, we talk about popular performance metrics that evaluate the defense schemes. In the end, we list prevalent DDoS attack tools and open challenges.

Computer Science,Engineering

Meng Liu,Wanchun Dou,Shui Yu

DOI: https://doi.org/10.1504/ijaacs.2017.082734

2017-01-01

Abstract:Cloud computing has become a hot spot in both industry and academia due to its rapid elasticity and on demand service. However, with outsourcing the data and business applications to a third party, security and privacy issues have become a critical concern. To decrease cloud availability, which is one of the most representative security attributes, DDoS attacks can be launched. In this paper, we try to show how a hacker can launch a DDoS attack based on virtual machine (VM) co-residence to deny the service of cloud data centre in a private infrastructure-as-a-service (IaaS) cloud. We first introduce how to launch this attack. Then we build a Markov-chain model to simulate this attack and analyse performance of cloud data centre. Finally, we also conduct several experiments to show how VM co-residence has impact on performance of physical machines (PMs).