24 Jul - Yvo Desmedt - Internet Voting on Insecure Platforms

ABSTRACT: Due to massive hacking and the Snowden leak, the public at large is aware that modern computers and ``secure'' communication over the Internet cannot be fully trusted. The research on booth based voting (where one can trust the voting equipment) has been going on for more than 35 years. However, the legislature and the public want voting over the Internet. In such setting, to be realistic, one has to assume the voter's platform might be hacked. Chaum introduced code voting as a solution for using a possibly infected-by-malware device to cast a vote in an electronic voting application. He trusted the postal mail system. However, a conspiracy between the mail system and the recipient of the cast ballots breaks privacy. Moreover Chaum's system is also unpopular because the voting procedure is different from what is currently used. To deal with these problems, we consider a t-bounded passive adversary and we remove the trust in the mail system.  We propose both single and multi-seat elections, using PSMT (Perfectly Secure Message Transmission) protocols where with the help of visual aids, humans can carry out mod 10 addition correctly with a 99% degree of accuracy. We introduce an unconditionally secure MIX based on the combinatorics of set systems. We also briefly discuss how to extend this work to include active adversaries.

SHORT BIO: Yvo Desmedt is the Jonsson Distinguished Professor at the University of Texas at Dallas, a Fellow of the International Association of Cryptologic Research (IACR) and a Member of the Belgium Academy of Science. He received his Ph.D. (1984, Summa cum Laude) from the University of Leuven, Belgium. He held positions at: Universite de Montreal, University of Wisconsin - Milwaukee (founding director of the Center for Cryptography, Computer and Network Security), and Florida State University (Director of the Laboratory of Security and Assurance in Information Technology, one of the first 14 NSA Centers of Excellence). He was BT Chair and Chair of Information Communication Technology at University College London. He has held numerous visiting appointments. He is the Editor-in-Chief of IET Information Security and Chair of the Steering Committees of CANS and ICITS. He was Program Chair of e.g., Crypto 1994, the ACM Workshop on Scientific Aspects of Cyber Terrorism 2002, and ISC 2013. He has authored over 200 refereed papers, primarily on cryptography, computer security, and network security. He has made important predictions, such as his 1983 technical description how cyber could be used to attack control systems (realized by Stuxnet), and his 1996 prediction hackers will target Certifying Authorities (DigiNotar was targeted in 2011).