How Not to Prove Your Election Outcome
Earlier this year we (Lewis, Pereira and Teague) examined the source code for the SwissPost e-voting system, intended to be used for Swiss elections in May. The system was in the process of certification for use by up to 100% of Swiss voters in the cantons that chose to use it.
We found three different ways in which a compromised computer could manipulate votes while pretending to provide a proof that no manipulation had taken place. One was a cryptographic trapdoor which allowed a cheating authority to provide a perfectly-verifying proof that it had shuffled the votes correctly, even if the votes had been manipulated. This would leave no way for anyone to detect the fraud. In the light of our findings, the Swiss authorities decided not to offer
their e-voting system for upcoming elections in May, citing the need for further
reassessment of its security properties.
Although numerous serious security problems have been found in e-voting systems before, this was the first discovery of a fundamental weakness in a cryptographic correctness proof in a system advertised to offer a form of verifiability. This is significant because verification potentially allows a way out of the inscrutability of computers, and perhaps a way forward for securing electronic elections.
In order to explain the importance of this failure, we need to explain what verifiability is, and what it isn’t, and how to tell when you can trust an election outcome even when you don’t trust the computers, administrators, or vendors.
Speaker Bios
Vanessa Teague is an Associate Professor in the School of Computing and Information Systems at The University of Melbourne. Her research focuses primarily on cryptographic methods for achieving security and privacy, particularly for issues of public interest such as election integrity and the protection of government data. She was part of the team (with Chris Culnane and Ben Rubinstein) who discovered the easy re-identification of doctors and patients in the Medicare/PBS open dataset released by the Australian Department of Health. She has co-designed numerous protocols for improved election integrity in e-voting systems, and co-discovered serious weaknesses in the cryptography of deployed e-voting systems in NSW, Western Australia and Switzerland.
- Séries:
- Microsoft Research Talks
- Date:
- Haut-parleurs:
- Vanessa Teague
- Affiliation:
- University of Melbourne
Taille: Microsoft Research Talks
-
Decoding the Human Brain – A Neurosurgeon’s Experience
Speakers:- Pascal Zinn,
- Ivan Tashev
-
-
-
-
Galea: The Bridge Between Mixed Reality and Neurotechnology
Speakers:- Eva Esteban,
- Conor Russomanno
-
Current and Future Application of BCIs
Speakers:- Christoph Guger
-
Challenges in Evolving a Successful Database Product (SQL Server) to a Cloud Service (SQL Azure)
Speakers:- Hanuma Kodavalla,
- Phil Bernstein
-
Improving text prediction accuracy using neurophysiology
Speakers:- Sophia Mehdizadeh
-
-
DIABLo: a Deep Individual-Agnostic Binaural Localizer
Speakers:- Shoken Kaneko
-
-
Recent Efforts Towards Efficient And Scalable Neural Waveform Coding
Speakers:- Kai Zhen
-
-
Audio-based Toxic Language Detection
Speakers:- Midia Yousefi
-
-
From SqueezeNet to SqueezeBERT: Developing Efficient Deep Neural Networks
Speakers:- Sujeeth Bharadwaj
-
Hope Speech and Help Speech: Surfacing Positivity Amidst Hate
Speakers:- Monojit Choudhury
-
-
-
-
-
'F' to 'A' on the N.Y. Regents Science Exams: An Overview of the Aristo Project
Speakers:- Peter Clark
-
Checkpointing the Un-checkpointable: the Split-Process Approach for MPI and Formal Verification
Speakers:- Gene Cooperman
-
Learning Structured Models for Safe Robot Control
Speakers:- Ashish Kapoor
-