Advertisement

Cryptographic Protocol Security Verification of the Electronic Voting System Based on Blinded Intermediaries

  • Liudmila Babenko
  • Ilya Pisarev
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 875)

Abstract

During developing secure systems the security analysis of the main algorithms is a priority goal. This paper considers the analysis of the improved cryptographic voting protocol, which is used in the electronic voting system based on blind intermediaries. The protocol of voting is described, the messages transmitted between the parties are shown and their contents are explained. The Dolev-Yao threat model is used during protocols modeling. The Avispa tool is used for analyzing the security of the selected protocol. The protocol is described in CAS+ and subsequently translated into the HLPSL (High-Level Protocol Specification Language) special language with which Avispa work. The description of the protocol includes roles, data, encryption keys, the order of transmitted messages between parties, parties’ knowledge include attacker, the purpose of verification. The verification goals of the cryptographic protocol for resistance to attacks on authentication, secrecy and replay attacks are set. The data that a potential attacker may possess is detected. The security analysis of the voting protocol was made. The analysis showed that the objectives of the audit were put forward. A detailed diagram of the messages transmission and their contents is displayed in the presence of an attacker who performs a MITM-attack (Man in the middle). The effectiveness of protocol protection from the attacker actions is shown.

Keywords

e-voting Cryptographic protocols Cryptographic security Cryptographic protocols security verification 

Notes

Acknowledgments

The work was supported by the Ministry of Education and Science of the Russian Federation grant № 2.6264.2017/8.9.

References

  1. 1.
    Overview of e-voting systems, NICK Estonia. Estonian National Electoral Commission, Tallinn (2005)Google Scholar
  2. 2.
    Dossogne, J., Lafitte, F.: Blinded additively homomorphic encryption schemes for self-tallying voting. J. Inf. Secur. Appl. (2015) Google Scholar
  3. 3.
    Izabachene, M.A.: Homomorphic LWE based e-voting scheme. In: Post-quantum Cryptography: 7th International Workshop, PQCrypto 2016, Fukuoka, Japan, 24–26 February 2016Google Scholar
  4. 4.
    Hirt, M., Sako, K.: Efficient receipt-free voting based on homomorphic encryption. In: International Conference on the Theory and Applications of Cryptographic Techniques, 539–556. Springer, Berlin (2000)Google Scholar
  5. 5.
    Rivest, L.R., et al.: Lecture notes 15: Voting, homomorphic encryption (2002)Google Scholar
  6. 6.
    Adida, B.: Mixnets in Electronic Voting. Cambridge University, Cambridge (2005)Google Scholar
  7. 7.
    Electronic elections: fear of falsification of the results. Kazakhstan today 2004Google Scholar
  8. 8.
    Lipen, V.Y., Voronetsky, M.A.: Lipen DV technology and results of testing electronic voting systems. United Institute of Informatics Problems NASB (2002) Google Scholar
  9. 9.
    Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)CrossRefGoogle Scholar
  10. 10.
    Ali, S.T., Murray J.: An Overview of End-to-End Verifiable Voting Systems (2016). arXiv preprint arXiv:1605.08554
  11. 11.
    Smart, M., Ritter, E.: True trustworthy elections: remote electronic voting using trusted computing. In: International Conference on Autonomic and Trusted Computing, 187–202. Springer, Berlin (2011)Google Scholar
  12. 12.
    Bruck, S., Jefferson, D., Rivest, R.L.: A modular voting architecture (“frog voting”). In: Toward Strustworthy Elections. Springer, Berlin (2010)CrossRefGoogle Scholar
  13. 13.
    Jonker, H., Mauw, S., Pang, J.: Privacy and verifiability in voting systems: methods, developments and trends. Comput. Sci. Rev. 10, 1–30 (2013)CrossRefGoogle Scholar
  14. 14.
    Shinde, S.S., Shukla, S., Chitre, D.K.: Secure E-voting using homomorphic technology. Int. J. Emerg. Technol. Adv. Eng. 3(8), 203–206 (2013)Google Scholar
  15. 15.
    Neumann, S., Volkamer, M.: Civitas and the real world: problems and solutions from a practical point of view. In: Availability, Reliability and Security (ARES), 2012 Seventh International Conference on IEEES, 180–185 (2012)Google Scholar
  16. 16.
    Yi, X., Okamoto, E.: Practical remote end-to-end voting scheme. In: International Conference on Electronic Government and the Information Systems Perspective, 386–400. Springer, Berlin (2011)Google Scholar
  17. 17.
    The AVISPA team, the high level protocol specification language (2006). http://www.avispa-project.org/
  18. 18.
    Babenko, L.K., Pisarev, I.A., Makarevich, O.B.: Secure electronic voting using blinded intermediaries. Journal “Isvestiya SFedU”. Technical Sciences, pp. 6–15. Publishing House of ITA SFedU, No. 5, Taganrog (2017)Google Scholar
  19. 19.
    Saillard, R., Genet, T.: CAS+, 21 March 2011Google Scholar
  20. 20.
    Basin, D., Mödersheim, S., Viganò, L.: OFMC: a symbolic model-checker for security protocols. Int. J. Inf. Secur. 4(3), 181–208 (2004)CrossRefGoogle Scholar
  21. 21.
    Babenko, L.K., Pisarev, I.A.: Protocol security analysis of electronic voting system based on blind intermediaries with the Avispa tool. Journal “Isvestiya SFedU”. Technical sciences, pp. 227–238. Publishing house of ITA SFedU, No. 7 (192), Taganrog (2017)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Information Security DepartmentSouthern Federal UniversityTaganrogRussian Federation

Personalised recommendations