1 / 23

Internet Voting

Internet Voting. a menace to society? Jan Meijer. POWER. You exercise your right to vote. If you are elligable Anonymous In private, it’s YOUR vote, leave your consultant at home to elect well defined subject(s). According to a well defined process. Water boards & RIES.

mari
Download Presentation

Internet Voting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Voting a menace to society? Jan Meijer

  2. POWER

  3. You exercise your right to vote... • If you are elligable • Anonymous • In private, it’s YOUR vote, leave your consultant at home • to elect well defined subject(s) According to a well defined process

  4. Water boards & RIES • 2003, Water board Rijnland, Rijnland Internet Election System • 1.2 million voters • 300k for Internet voting Postal + Internet

  5. RIES: The ”Robers” protocol • Herman Robers. Electronic elections employing DES smartcards. Master's thesis, Delft University of Technology, December 1998. http://www.iscit.surfnet.nl/team/Herman/election.ps. • http://www.cs.ru.nl/W.Pieters/compsac2005.pdf • Virtual ballot using DES

  6. 3 phase system • Phase 1: Prepare. • Distribute pseudo Id and voter secret to each voter • Phase 2: Voting window • Phase 3: Tally

  7. Network paradigm process stage network (internet) server (polling station) client (voter) unsecured vote contact vote materials vote process secured vote result vote confirmation verification processing

  8. Security is a mindset

  9. Know your goal: won the battle..

  10. Know your risks

  11. shit will happen

  12. Know when it’s good enough...

  13. System characteristics • Peak performance 2004: 23 voters/s over SSL • Holistic approach • Compartimentalized security • Layered security • Sustain multiple component failure • BCP, common sense • ”Lazy running” • Dirt cheap

  14. Not in outer space • You scavenge... • A network • Existing services (DNS, RPS, NTP, ...) • SURFnet-CERT • ...

  15. Architecture overview

  16. Our dashboard

  17. Resource usage Rijnland elections It worked…

  18. No peak? vote server 1, Rijnland vote server 1, Dommel vote server 1, 2006 vote server 2, 2006

  19. So, a menace to society? ONLY IF DONE BADLY

  20. Easiest to monitor 10.000 polling stations (Nigeria, UK, NL?) or 1 station

  21. /me? • Voting by the people, for the people: it’s democracy stupid! • Internet age opportunity • Publicly owned system, open source • End commercial incompetence • Power to the people! State of our eVoting systems is a professional disgrace!

  22. Still not convinced? http://www.theregister.co.uk/2007/05/17/sarasota_county_network_breached/ “Slammer turns Florida election result into worm food” …The county server was breached on the first day of early voting in the 2006 election, which included a now-disputed race for a seat in the US House of Representatives. The attack code was a variant of the infamous Slammer worm that penetrated the county's server, which unbelievably, was missing five years worth of security patches…

More Related