|Article title||PROTOCOL SECURITY ANALYSIS OF ELECTRONIC VOTING SYSTEM BASED ON BLIND INTERMEDIARIES WITH THE AVISPA TOOL|
|Authors||L. K. Babenko, I. A. Pisarev|
|Section||SECTION V. INFORMATION TECHNOLOGIES AND PROTECTION OF INFORMATION|
|Month, Year||07, 2017 @en|
|Abstract||The development of electronic voting systems is an important problem in the modern world. Such systems are more reliable and convenient than traditional methods of voting. However, their development is much more complicated and to prove that any system is reliable at a sufficient level is also extremely difficult. In this paper, we analyze the security of a cryptographic protocol, which is used in the electronic voting system created by the authors on the basis on blind intermediaries. The protocol is analyzed at the most crucial stage of the system - voting. Protocol is described. Data transformation during interaction of the parties in the voting stage is shown. Specifications are given regarding the use of certain techniques to ensure the security of information throughout the voting stage. Cryptographic protocol security is checked at this stage. The Avispa system is used as a tool for protocol security verification. The article describes protocol in the special language CAS+, which is converted to HLPSL (High−Level Protocol Specification Language) and analyzed by this tool. Security analysis goals of the developed protocol are set, such as: parties authentication, data privacy verification, protection against replay-attacks. The description features of protocols with the Avispa tool are given. Protocol security of electronic voting system based on blind intermediaries is checked, parties’ interaction scheme is examined, including messages analysis that the attacker could intercept. The effectiveness of cryptographic protocol protection from the attackers’ actions is shown. Conclusions are drawn on Avispa tool using for protocol security analyzing.|
|Keywords||Electronic voting; cryptographic protocols; cryptographic protection; security verification of cryptographic protocols.|
|References||1. Overview of e-voting systems, NICK Estonia. Estonian National Electoral Commission.
– Tallinn 2005.
2. Dossogne J., Lafitte F. Blinded additively homomorphic encryption schemes for self-tallying voting, Journal of Information Security and Applications, 2015.
3. Ben Adida. Mixnets in Electronic Voting. Cambridge University, 2005.
4. Electronic elections: fear of falsification of the results. Kazakhstan today, 2004.
5. Lipen V.Y., Voronetsky M.A. Lipen DV technology and results of testing electronic voting systems. United Institute of Informatics Problems NASB, 2002.
6. David L Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms, Com-munications of the ACM, 1981, Vol. 24 (2), pp. 84-90.
7. Ali S. T., Murray J. An Overview of End-to-End Verifiable Voting Systems, arXiv preprint arXiv: 1605.08554, 2016.
8. Smart M., Ritter E. True trustworthy elections: remote electronic voting using trusted computing, International Conference on Autonomic and Trusted Computing. Springer Berlin Heidelberg, 2011, pp. 187-202.
9. Bruck S., Jefferson D., Rivest R.L. A modular voting architecture ("frog voting"). Toward strustworthy elections. Springer Berlin Heidelberg, 2010.
10. Jonker H., Mauw S., Pang J. Privacy and verifiability in voting systems: Methods, develop-ments and trends, Computer Science Review, 2013.
11. Shubhangi S. Shinde, Sonali Shukla, Prof. D.K. Chitre. Secure E-voting Using Homomorphic Technology, International Journal of Emerging Technology and Advanced Engineering, 2013.
12. Neumann S., Volkamer M. Civitas and the real world: problems and solutions from a practical point of view, Availability, Reliability and Security (ARES), 2012. Seventh International Con-ference on. IEEE, 2012, pp. 180-185.
13. Yi X., Okamoto E. Practical remote end-to-end voting scheme, International Conference on Electronic Government and the Information Systems Perspective. Springer Berlin Heidelberg, 2011, pp. 386-400.
14. Hirt M., Sako K. Efficient receipt-free voting based on homomorphic encryption, International Conference on the Theory and Applications of Cryptographic Techniques. Springer Berlin Heidelberg, 2000, pp. 539-556.
15. Rivest L. R. et al. Lecture notes 15: Voting, homomorphic encryption. 2002.
16. Izabachene M. A Homomorphic LWE Based E-voting Scheme, Post-Quantum Cryptography: 7th International Workshop, PQCrypto 2016, Fukuoka, Japan, February 24-26, 2016.
17. Drew Springall, Travis Finkenauer, Zakir Durumeric, Jason Kitcat, Harri Hursti, Margaret MacAlpine J. Alex Halderman. Security Analysis of the Estonian Internet Voting System, University of Michigan, Ann Arbor, MI, U.S.A. 2014.
18. Basin D., M¨odersheim S., and Vigan`o L. OFMC: A Symbolic Model-Checker for Security Protocols, International Journal of Information Security, 2004.
19. Babenko L.K., Pisarev I.A., Makarevich O.B. Zashchishchennoe elektronnoe golosovanie s ispol'zovaniem slepykh posrednikov [Protected electronic voting system with the use of blind intermediaries], Izvestiya YuFU. Tekhnicheskie nauki [Izvestiya SFedU. Engineering Sciences], 2017, No. 5 (190), pp. 6-15.
20. The AVISPA team, The High Level Protocol Specification Language. Available at: http://www.avispa-project.org/. – 2006.
21. Ronan Saillard, Thomas Genet. CAS+, March 21, 2011.