[en] One of the major problems that prevent the widespread of
Internet voting is the vulnerability of the voter’s computer. A computer
connected to the Internet is exposed to virus, worms, spyware, malware
and other threats that can endanger the election’s integrity. For instance,
it is possible to write a virus that changes the voter’s vote to one predetermined
vote on election’s day. It is possible to write such a virus so that
the voter would not notice anything wrong with the voting application.
This attack is very dangerous because it may pass undetected. To prevent
such attack it is necessary to prevent automatic vote manipulation
at voter’s computer. Here we present CodeVoting, a technique to create
a secure communication channel to a smart card that prevents vote manipulation
by the voter’s PC, while at the same time allows the use of
any cryptographic voting protocol to protect the election’s integrity at
the server side of the voting application.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
JOAQUIM, Rui ; Inesc-ID and Instituto Politécnico de Lisboa - IPL > GSD and Instituto Superior de Engenharia de Lisboa - ISEL
Ribeiro, Carlos; Inesc-ID and Universidade Técnica de Lisboa - UTL > GSD and Instituto Superior Técnico - IST
Langue du document :
Anglais
Titre :
CodeVoting Protection Against Automatic Vote Manipulation in an Uncontrolled Environment
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, NewYork, USA, pp. 132-145 (2004)
California Internet Voting Task Force: A report on the feasibility of Internet voting (January 2000), http://www.ss.ca.gov/executive/ivote
Chaum, David: SureVote. September 2007.// International patent WO 01/55940 Al (02 August 2001), http://www.surevote.com/home.html
Clarkson, M., Myers, A.: Coercion-Resistant Remote Voting Using Decryption Mixes. In: Workshop on Frontiers in Electronic Elections, Milan, Italy (September 2005)
Estonian Internet Voting System (July 2007), http://www.vvk.ee
Hirt, M., Sako, K.: Efficient Receipt-Free Voting Based on Homomorphic Encryption. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 539-556. Springer, Heidelberg (2000)
Internet Policy Institute: Report of the National Workshop on Internet Voting: Issues and Research Agenda (March 2001), http://www.diggov.org/archive/ library/dgo2000/dir/PDF/vote.pdf
Jefferson, D., Rubin, A., Simons, B., Wagner, D.: A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE) (January 2004), http ://www.servesecurityreport.org/paper.pdf
Juels, A., Catalano, D., Jakobsson, M.: Coercion-Resistant Electronic Elections. In: Workshop on Privacy in the Electronic Society, Alexandria, Virginia, pp. 61-70 (November 2005)
Kutylowski, M., Zagórski, F.: Coercion-Free Internet Voting with Receipts. In: Workshop on e-Voting and e-Govrnment in the UK. Edinburgh (February 2006)
Lee, B., Kim, K.: Receipt-Free Electronic Voting Scheme with a Tamper-Resistant Randomizer. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 389-406. Springer, Heidelberg (2003)
Okamoto, T.: Receipt-Free Electronic Voting Schemes for Large Scale Elections. In: Security Protocols Workshop, Paris, France, pp. 25-35 (April 1997)
Rubin, A.: Security Considerations for Remote Electronic Voting Over the Internet. Communications of the ACM 45(12) (2002)
Sadeghi, A., Selhorst, M., Stüble, C., Wachsmann, C., Winandy, M.: TCG Inside? - A Note on TPM Specification Compliance. In: STC 2006: Proceedings of the 1st ACM Workshop on Scalable Trusted Computing, Virginia, USA (November 2006)
Sako, K., Kilian, J.: Receipt-Free Mix-Type Voting Scheme A Practical Solution to the Implementation of a Voting Booth. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 393-403. Springer, Heidelberg (1995)
UK's National Technical Authority for Information Assurance: e-Voting Security Study (July 2002), http://www.ictparliament.org/CDTunisi/ict. compendium/paesi/uk/uk54.pdf
Volkamer, M., Alkassar, A., Sadeghi, A., Schulz, S.: Enabling the Application of the Open Systems like PCs for Online Voting. In: FEE 2006: Proceedings of the Frontiers in Electronic Elections Workshop, Germany ( September 2006)
Zúquete, A., Costa, C., Romao, M.: An Intrusion-tolerant e-Voting Client System. In: WRAITS 2007: 1st Workshop on Recent Advances on Intrusion-Tolerant Systems, Lisbon, Portugal ( March 2007)
