Defeating Malicious Terminals in an Electronic Voting System
Resumo
The advent of electronic voting gives rise to a new threat: Adversaries may execute undetectable, automated attacks against the system. Elections are often secured through complex policies, which may be difficult to enforce; Completely Automated Public Turing Tests to Tell Computers and Humans Apart (CAPTCHAs) provide an inexpensive alternative. The goal of this study is to introduce a unique application of CAPTCHAs that allows a human to transmit a message securely across an untrusted medium, and this has direct implications in the domain of electronic voting. We assume that the voter is equipped with a trusted voting device capable of digitally signing the vote. A trusted tallier generates a CAPTCHA-encrypted ballot, which contains a one-time pad, a mapping of candidates to values. This CAPTCHA is sent to the user across an untrusted voting terminal. The user transmits to the trusted device a value corresponding to his chosen candidate, which is signed using a blind signature scheme and transmitted to the tallier. Finally, the tallier then translates this value into the voter’s selected candidate. All steps of such a protocol must be defined such that they are usable by all voters, and we will consider the usability of some example CAPTCHA-based voting systems.
Referências
Hirt, M. and Sako, K. (2000). Efficient receipt-free voting based on homomorphic encryption. In Advances in Cryptology - EUROCRYPT '2000, pages 539-556. Springer-Verlag.
King, J. and dos Santos, A. (2005). A user-friendly approach to human authentication of messages. In Proceedings of FC05, Financial Cryptography and Data Security.
King, J., dos Santos, A., and Xuan, C. (2004). KHAP: Using keyed hard AI problems to secure human interfaces. In Proceedings of IV Workshop em Seguranca de Sistemas Computacionais, Gramado, RS, Brasil.
Kockhanski, G., Lopresti, D., and Shih, C. (2002). A reverse turing test using speech. In Proceedings of the International Conference on Language Processing, Denver, Colorado.
Okamoto, T. (1997). Receipt-free electronic voting schemes for large scale elections. Proc. of Workshop on Security Protocols '97, pages 25-35.
Ryan, P. Y. A. (2005). A variant of the chaum voter-verifiable scheme. In WITS '05: Proceedings of the 2005 workshop on Issues in the theory of security, pages 81-88, New York, NY, USA. ACM Press.
Stabell-Kulø, T., Arild, R., and Myrvang, P. H. (1999). Providing authentication to messages signed with a smart card in hostile environments. In USENIX Workshop on Smartcard Technology.
von Ahn, L., Blum, M., Hopper, N., and Langford, J. (2003). CAPTCHA: Using hard AI problems for security. In Proceedings of Eurocrypt 2003.
