Auflistung nach Autor:in "Kulyk, Oksana"
1 - 10 von 18
Treffer pro Seite
Sortieroptionen
- TextdokumentAn Alternative Group for Applications of ElGamal in Cryptographic Protocols(E-Vote-ID 2023, 2023) Haenni, Rolf; Kořánová, Ilona StarýThe subgroup of quadratic residues modulo a large safe prime is the most common choice in practice for the ElGamal cryptosystem. Computations in this group are simple and sufficiently efficient for at least 128 bits of security, and the DDH problem seems to be hard. In its practical application, however, this particular group has also several disadvantages, for example the relatively high cost for testing group membership or the uneven message space. In this paper, we discuss an alternative group for ElGamal, called multiplicative group of absolute values modulo a safe prime, which is isomorphic to the subgroup of quadratic residues, but with a slightly different group operation and much better properties for practical applications such as e-voting.
- TextdokumentCoercion-resistant i-voting with short PIN and OAuth 2.0(E-Vote-ID 2023, 2023) Bitussi, M.; Longo, R.; Marino, F. Antonio; Morelli, U.; Sharif, A.; Spadafora, C.; Tomasi, A.This paper presents an architecture for an OAuth 2.0-based i-voting solution using a mobile native client in a variant of the Araújo-Traoré protocol. We follow a systematic approach by identifying relevant OAuth 2.0 specifications and best practices. Having defined our framework, we identify threats applicable to our proposed methodology and detail how our design mitigates them to provide a safer i-voting process.
- KonferenzbeitragComparative Usability Evaluation of Cast-as-Intended Verification Approaches in Internet Voting(SICHERHEIT 2018, 2018) Marky, Karola; Kulyk, Oksana; Volkamer, MelanieInternet Voting promises benefits like the support for voters from abroad and an overall improved accessibility. But it is accompanied by security risks like the manipulation of votes by malware. Enabling the voters to verify that their voting device casts their intended votes is a possible solution to address such a manipulation - the so-called cast-as-intended verifiability. Several different approaches for providing cast-as-intended verifiability have been proposed or put into practice. Each approach makes various assumptions about the voters' capabilities that are required in order to provide cast-as-intended verifiability. In this paper we investigate these assumptions of four chosen cast-as-intended approaches and report the impact if those are violated. Our findings indicate that the assumptions of cast-as-intended approaches (e.g. voters being capable of comparing long strings) have an impact on the security the Internet Voting systems. We discuss this impact and provide recommendations how to address the identified assumptions and give important directions in future research on usable and verifiable Internet Voting systems.
- TextdokumentE-Vote-ID 2023: Eight International Joint Conference on Electronic Voting(E-Vote-ID 2023, 2023) Pointcheval, David; Haenni, Rolf; Kořánová, Ilona Starý; Aranha, Diego F.; Battagliola, Michele; Roy, Lawrence; Bitussi, M.; Longo, R.; Marino, F. Antonio; Morelli, U.; Sharif, A.; Spadafora, C.; Tomasi, A.; Erb, Yannick; Duenas-Cid, David; Volkamer, Melanie; Serrano Iova, Radu Antonio; Duenas-Cid, David; Loeber, Leontine; Martin-Rozumiłowicz, Beata; Macias, Ryan; Rodríguez-Pérez, Adrià; Costa, Núria; Finogina, Tamara; Esseiva, Olivier; Høgåsen, Audhild; Monnat, Xavier; Cortier, Véronique; Gaudry, Pierrick; Glondu, Stéphane; Ruhault, Sylvain; Hilt, Tobias; Sein, Kati; Mällo, Tanel; Willemson, Jan; Hilt, Tobias; Kulyk, Oksana; Glazer, Amanda K.; Spertus, Jacob V.; Stark, Philip B.; Spycher, Oliver; Barrat Esteve, Jordi
- TextdokumentFaster coercion-resistant e-voting by encrypted sorting(E-Vote-ID 2023, 2023) Aranha, Diego F.; Battagliola, Michele; Roy, LawrenceCoercion resistance is one of the most challenging security properties to achieve when designing an e-voting protocol. The JCJ voting scheme, proposed in 2005 by Juels, Catalano and Jakobsson, is one of the first voting systems where coercion-resistance was rigorously defined and achieved, making JCJ the benchmark for coercion-resistant protocols. Recently, the coercion-resistance definition proposed in JCJ has been disputed and improved by Cortier, Gaudry, and Yang. They identified a major problem, related to leakage of the number of discarded votes by revoting; and proposed CHide, a new protocol that solves the issue and satisfies a stronger security notion. In this work we present an improved version of CHide, with complexity O(n log(n)) instead of O(n^2) in the number n of received ballots, that relies on sorting encrypted ballots to make the tallying phase faster. The asymptotic complexity of our protocol is competitive with other state-of-the-art coercion-resistant voting protocols satisfying the stronger notion for coercion resistance.
- TextdokumentFrench 2022 legislatives elections(E-Vote-ID 2023, 2023) Cortier, Véronique; Gaudry, Pierrick; Glondu, Stéphane; Ruhault, SylvainFor the 2022 legislative elections, France made use of Internet voting for a fraction of its voters, namely French voters from abroad. For the first time, France introduced the notion of verifiability and third party. We report here the role of the third party, its interaction with the ANSSI, what it meant in terms of verifiability, as well as its limitations.
- TextdokumentGerman Social Elections in 2023(E-Vote-ID 2023, 2023) Hilt, Tobias; Kulyk, Oksana; Volkamer, MelanieIn 2023, the third largest election in German, the social elections (in German Sozialwahlen), offered an online channel for the first time. Of particular interest is the fact that the system provides a form of cast-as-intended verifiability, allowing the voter to verify that their vote was cast as intended and not manipulated by the device they used to cast their vote. This paper describes a first analysis of the overall voter experience with a special focus on this verifiability functionality. We utilize a cognitive walkthrough method, with three people having different levels of expertise regarding online voting, including a layman, a security expert, and a voting expert. Our findings reveal a number of issues with the system in terms of communication and presented information, and highlight areas in need of improvement to enhance user experience in particular with respect to the verifiability functionality.
- TextdokumentIdentifying Factors Studied for Voter Trust in E-Voting - Review of Literature(E-Vote-ID 2023, 2023) Erb, Yannick; Duenas-Cid, David; Volkamer, MelanieTrust is a precondition for the adoption of novel technologies (see, e.g., Ehin et. al.). As more and more electoral commissions consider introducing e-voting solutions, research into voter trust in these systems grows in importance. As a basis for future research on trust in e-voting, we conducted a literature review. We identified 13 papers researching various factors influencing voters' trust in e-voting. In these papers, we determined a total of 64 potential factors, while the direction of their influence on voter trust may be either positive, negative, or both (positive/negative). These factors were subsequently systemized into five categories, ranging from socio-political to technology-related factors. These are then described and discussed. We also find shortcomings in the current empirical research on voter trust and propose directions for future research in order to address these.
- TextdokumentImproving the Swiss Post Voting System(E-Vote-ID 2023, 2023) Esseiva, Olivier; Høgåsen, Audhild; Monnat, XavierThe Swiss Post Voting System has undergone over the past few years a rigorous independent examination by experts mandated by the Swiss Federal Chancellery. Following the examination, Swiss Post has made improvements in several areas, including for voter authentication, synchronization, input validation, and universal verifiability. On 18 June 2023, the Swiss Post Voting System was put to trial in its first productive election event. 4,239 voters cast their vote online during the approximately one month that the e-voting channel was open. The adoption rate of the e-voting channel was high, especially among Swiss residents living abroad, with an adoption rate of more than 50%. Swiss Post extensively monitored the voting servers during the whole election period and did not detect any anomalies during the system's operation. The feedback collected regarding the voters' user experience was largely positive. A few voters experienced confusion with regard to the voting process or with browser compatibility issues. Swiss Post has learned important lessons from the independent examination and from the first productive election event, and will continue the work improving the Swiss Post Voting System.
- TextdokumentLinearly-Homomorphic Signatures for Short Randomizable Proofs of Subset Membership(E-Vote-ID 2023, 2023) Pointcheval, DavidElectronic voting is one of the most interesting application of modern cryptography, as it involves many innovative tools (such as homomorphic public-key encryption, non-interactive zero-knowledge proofs, and distributed cryptography) to guarantee several a priori contradictory security properties: the integrity of the tally and the privacy of the individual votes. While many efficient solutions exist for honest-but-curious voters, that follow the official procedure but try to learn more than just the public result, preventing attacks from malicious voters is much more complex: when voters may have incentive to send biased ballots, the privacy of the ballots is much harder to satisfy, whereas this is the crucial security property for electronic voting. We present a new technique to prove that an ElGamal ciphertext contains a message from a specific subset (quasi-adaptive NIZK of subset membership), using linearly-homomorphic signatures. The proofs are both quite efficient to generate, allowing the use of low-power devices to vote, and randomizable, which is important for the strong receipt-freeness property. They are well-suited to prevent vote-selling and replay attacks, which are the main threats against the privacy in electronic voting, with security proofs in the generic group model and the random oracle model.