Logo des Repositoriums

Auflistung nach Autor:in "Volkamer, Melanie"

1 - 10 von 74
  • Editiertes Buch
  • Konferenzbeitrag
    A supervised verifiable voting protocol for the victorian electoral commission
    (5th International Conference on Electronic Voting 2012 (EVOTE2012), 2012) Burton, Craig; Culane, Chris; Heather, James; Peacock, Thea; Ryan, Peter Y. A.; Schneider, Steve; Srinivasan, Sriramkrishnan; Teague, Vanessa; Wen, Roland; Xia, Zhe
    This paper describes the design of a supervised, verifiable voting protocol suitable for use for elections in the state of Victoria, Australia. We provide a brief overview of the style and nature of the elections held in Victoria and associated challenges. Our protocol, based on Prêt à Voter, presents a new ballot overprinting front-end design, which assists the voter in completing the potentially complex ballot. We also present and analyze a series of modifications to the backend that will enable it to handle the large number of candidates, 35 +, with ranking single transferable vote (STV), which some Victorian elections require. We conclude with a threat analysis of the scheme and a discussion on the impact of the modifications on the integrity and privacy assumptions of Prêt à Voter.
  • Konferenzbeitrag
    A user-centred approach to facilitate locating company security policies; Nutzerzentrierter Ansatz zur Vereinfachung des Auffindens von Security Policies
    (Mensch und Computer 2023 - Tagungsband, 2023) Aldag, Lukas; Ballreich, Fabian; Berens, Benjamin; Volkamer, Melanie
    English: An important factor for the effectiveness of security awareness measures in companies is awareness and consistency of security policies. As part of a case study, a document was created using a user-centred approach that gives an overview of all relevant individual documents (so-called overview document). In addition, a process for publication was developed and evaluated iteratively. The case study took place at a medium-sized energy company in Germany. General lessons learned are derived from the case study. For example, distributing important documents via e-mail carries the risk that this is perceived as less important or is not perceived at all. Deutsch: Ein wichtiger Faktor für die Effektivität von Security Awareness-Maßnahmen in Unternehmen sind die Bekanntheit und Konsistenz von Security Policies. Im Rahmen einer Case Study wurde mit einem nutzerzentrierten Ansatz ein Dokument, das den Nutzenden eine Übersicht über alle relevanten Einzeldokumente (sog. Übersichtsdokument) gibt und ein Prozess zur Bekanntmachung iterativ entwickelt und evaluiert. Die Case Study fand bei einem mittelgroßen Energieversorgungsunternehmen in Deutschland statt. Aus der Case Study werden allgemeine Lessons Learned abgeleitet. Beispielsweise birgt eine Verteilung von wichtigen Dokumenten über E-Mail die Gefahr, dass diese gar nicht oder als weniger wichtig wahrgenommen wird.
  • Konferenzbeitrag
    Achieving meaningful efficiency in coercion-resistant, verifiable Internet voting
    (5th International Conference on Electronic Voting 2012 (EVOTE2012), 2012) Spycher, Oliver; Koenig, Reto; Haenni, Rolf; Schläpfer, Michael
    In traditional voting schemes with paper, pens, and ballot-boxes, appropriate procedures are put in place to reassure voters that the result of the tally is correct. Considering that in Internet voting errors or fraud will generally scale over a much greater fraction of votes, the demand to get strong reassurances as well, seems more than justified. With the ambition of offering a maximum degree of transparency, so-called verifiable schemes have been proposed. By publishing the relevant information, each voter may verify that her vote is included in the final tally and that accepted votes have been cast using proper voting material. Remarkably, this can be done while guaranteeing the secrecy of the ballot at the same time. On the negative side, high transparency will generally make it easier for voters to reveal how they voted, e.g., to a coercer. In this paper we propose an Internet voting protocol that is verifiable and simultateously makes it practically impossible for vote buyers or coercers to elicit the voters' behaviour. We compare its efficiency with existing work under equal degrees of coercion-resistance using an appropriate measure (δ). The contribution of our scheme lies in its efficiency during the most critical phases of the voting procedure, i.e., vote casting and tallying. Moreover, during these phases, efficiency is insensitive to the desired degree of coercion-resistance.
  • Textdokument
    An Alternative Group for Applications of ElGamal in Cryptographic Protocols
    (E-Vote-ID 2023, 2023) Haenni, Rolf; Kořánová, Ilona Starý
    The subgroup of quadratic residues modulo a large safe prime is the most common choice in practice for the ElGamal cryptosystem. Computations in this group are simple and sufficiently efficient for at least 128 bits of security, and the DDH problem seems to be hard. In its practical application, however, this particular group has also several disadvantages, for example the relatively high cost for testing group membership or the uneven message space. In this paper, we discuss an alternative group for ElGamal, called multiplicative group of absolute values modulo a safe prime, which is isomorphic to the subgroup of quadratic residues, but with a slightly different group operation and much better properties for practical applications such as e-voting.
  • Konferenzbeitrag
    Cast-as-intended verification in Norway
    (5th International Conference on Electronic Voting 2012 (EVOTE2012), 2012) Puigallí Allepuz, Jordi; Guasch Castelló, Sandra
    The Norwegian Ministry started an initiative to implement Internetvoting trials during the municipal elections in 2011. One of the security requirements of the chosen e-voting system to not to put any trust in the voting client: a malicious application controlling the voting client should not be able to modify the voting options selected by the voter without being detected. This paper describes the voter verification return-code scheme that was implemented for this project. Furthermore, this paper explains the implementation details of the final solution and the workflow of the system during the different election phases. The aim of this paper is to provide a general overview of the cast-as-intended scheme implemented in eValg2011.
  • Konferenzbeitrag
    Classifying privacy and verifiability requirements for electronic voting
    (Informatik 2009 – Im Focus das Leben, 2009) Langer, Lucie; Schmidt, Axel; Volkamer, Melanie; Buchmann, Johannes
  • Konferenzbeitrag
    Coercion-freeness in e-voting via multi-party designated verifier schemes
    (5th International Conference on Electronic Voting 2012 (EVOTE2012), 2012) Dossogne, Jérôme; Lafitte, Frédéric; Markowitch, Olivier
    In this paper we present how multi-party designated verifier signatures can be used as generic solution to provide coercion-freeness in electronic voting schemes. We illustrate the concept of multi-party designated verifier signatures with an enhanced version of Ghodosi and Pieprzyk [GP06]'s threshold signature scheme. The proposed scheme is efficient, secure, allows distributed computations of the signature on the ballot receipt, and can be parameterized to set a threshold on the number of required signers. The security of the designated verifier property is evaluated using the simulation paradigm [Gol00] based on the security analysis of [GHKR08]. Unlike previously provable schemes, ours is ideal, i.e. the bit-length of each secret key share is bounded by the bit-length of the RSA modulus.
  • Textdokument
    Coercion-resistant i-voting with short PIN and OAuth 2.0
    (E-Vote-ID 2023, 2023) Bitussi, M.; Longo, R.; Marino, F. Antonio; Morelli, U.; Sharif, A.; Spadafora, C.; Tomasi, A.
    This paper presents an architecture for an OAuth 2.0-based i-voting solution using a mobile native client in a variant of the Araújo-Traoré protocol. We follow a systematic approach by identifying relevant OAuth 2.0 specifications and best practices. Having defined our framework, we identify threats applicable to our proposed methodology and detail how our design mitigates them to provide a safer i-voting process.
  • Konferenzbeitrag
    Coercion-Resistant Internet Voting in Practice
    (Informatik 2014, 2014) Feier, Christian; Neumann, Stephan; Volkamer, Melanie
    Internet voting continues to raise interest both among research and society. Throughout the last decades, many Internet voting schemes have been developed, each one providing particular properties such as receipt-freeness or end-to-end verifiability. One attractive scheme is the JCJ / Civitas scheme due to its property of making coercion attacks ineffective. Neumann and Volkamer [NV12] analyzed the scheme and identified significant usability issues. To overcome these drawbacks, the authors extended the original work by integrating smart cards. In a follow-up work, Neumann et al. [NFVK13] conducted a theoretical performance analysis for this extension and improved the extension towards its applicability in real-world elections. Their analysis left several real-world considerations open for future work. The present work addresses these gaps: We present a prototype implementation of the revised extension and assess its real-world performance. Based on this contribution, we are able to conclude that the revised extension is feasible to be used in real-world elections.