sen-material: comparison slides04.tex

equal deleted inserted replaced

-:00fd79e0c41a
+:de3e32e10628
 \item<3->How well does the security solution mitigate those risks?\\
 \only<3>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright
 It prevents problems when passwords are stolen. Man-in-the-middle attacks
 still possible.\end{tabular}}
 \item<4->What other risks does the security solution cause?
-\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Your mobile phone or creditcard/pin might
+\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Your mobile phone or credit card/pin might
 be stolen. SIM card become valuable.\end{tabular}}
 \item<5->What costs and trade-offs does the security solution impose?
 \only<5>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright
 Banks need to establish an infrastructure. For you it might be inconvenient.\end{tabular}}
 \item<7>[]{\bf\large Yes!}
 \begin{itemize}
 \item mean time to break the seals for a trained person: 100 s
 \end{itemize}\bigskip
 \item Andrew Appel defeated all security seals which were supposed to keep
-voting machines safe.
+voting machines safe
 \end{itemize}
 \only<2>{
 \begin{textblock}{11}(1,1)
 \begin{itemize}
 \item<1->What assets are you trying to protect?\\
 \only<1>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}Voting machines, doors.\end{tabular}}
 \item<2->What are the risks to these assets?\\
-\only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Casual thiefs, insider attacks.\end{tabular}}
+\only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Casual thieves, insider attacks.\end{tabular}}
 \item<3->How well does the security solution mitigate those risks?\\
 \only<3>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright
 Needs a quite complicated security regiment.\end{tabular}}
 \item<4->What other risks does the security solution cause?
 \only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright You might not notice tampering.\end{tabular}}
 \item<5->What costs and trade-offs does the security solution impose?
 \only<5>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright
 The ``hardware'' is cheap, but indirect costs can be quite high.\end{tabular}}
-\item<7>[]{\bf\large No!} {\textcolor{gray}{Though in some areas they work: airport.}}
+\item<7>[]{\bf\large No!} {\textcolor{gray}{Though in some areas they work: airport, swimming pool}}
 \end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Ex: Security by Obscurity\end{tabular}}
+You might think it is a good idea to keep a security relevant algorithm or
+software secret.
+\begin{itemize}
+\item<1->What assets are you trying to protect?\\
+\only<1>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}source code, an algorithm\end{tabular}}
+\item<2->What are the risks to these assets?\\
+\only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright
+Can be pretty high (Oystercards).\end{tabular}}
+\item<3->How well does the security solution mitigate those risks?\\
+\only<3>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright
+Not really. The source code can be reverse engineered, stolen\ldots{}\end{tabular}}
+\item<4->What other risks does the security solution cause?
+\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright You prevent
+scrutiny and independent advice. You also more likely than not,
+get it wrong.\end{tabular}}
+\item<5>[]{\bf\large No!}
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Voting as Security Problem\end{tabular}}
+What are the security requirements of a voting system?\bigskip
+\begin{itemize}
+\item<2->Integrity
+\item<3->Ballot Secrecy
+\item<5->Voter Authentication
+\item<6->Enfranchisement
+\item<7->Availability
+\end{itemize}
+\only<2>{
+\begin{textblock}{5.5}(8,5)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered]
+{\small
+\begin{minipage}{5cm}\raggedright
+\begin{center}
+\begin{minipage}{4.5cm}
+\begin{itemize}
+\item The outcome matches with the voter intend.
+\item There might be gigantic sums at stake.
+\end{itemize}
+\end{minipage}
+\end{center}
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+\only<4>{
+\begin{textblock}{5.5}(8,5)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered]
+{\small
+\begin{minipage}{5cm}\raggedright
+\begin{center}
+\begin{minipage}{4.5cm}
+\begin{itemize}
+\item Nobody can find out how you voted.
+\item (Stronger) Even if you try, you cannot prove how you voted.
+\end{itemize}
+\end{minipage}
+\end{center}
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+\only<5>{
+\begin{textblock}{5.5}(8,5)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered]
+{\small
+\begin{minipage}{5cm}\raggedright
+\begin{center}
+\begin{minipage}{4.5cm}
+\begin{itemize}
+\item Only authorised voters can vote up to the permitted number of votes.
+\end{itemize}
+\end{minipage}
+\end{center}
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+\only<6>{
+\begin{textblock}{5.5}(8,5)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered]
+{\small
+\begin{minipage}{5cm}\raggedright
+\begin{center}
+\begin{minipage}{4.5cm}
+\begin{itemize}
+\item Only authorised voters should be able to vote up to the permitted number of votes.
+\end{itemize}
+\end{minipage}
+\end{center}
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+\only<7>{
+\begin{textblock}{5.5}(8,5)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered]
+{\small
+\begin{minipage}{5cm}\raggedright
+\begin{center}
+\begin{minipage}{4.5cm}
+\begin{itemize}
+\item The voting system should accept all authorised votes and produce results in a timely manner.
+\end{itemize}
+\end{minipage}
+\end{center}
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+\only<6>{
+\begin{textblock}{5.5}(8,5)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered]
+{\small
+\begin{minipage}{5cm}\raggedright
+\begin{center}
+\begin{minipage}{4.5cm}
+\begin{itemize}
+\item Only authorised voters should be able to vote up to the permitted number of votes.
+\end{itemize}
+\end{minipage}
+\end{center}
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Ballot Boxes\end{tabular}}
+\begin{center}
+\includegraphics[scale=2.5]{pics/ballotbox.jpg}
+\end{center}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Problems with Voting\end{tabular}}
+\begin{center}\large
+\begin{tabular}{rcl}
+Integrity & vs. & Ballot Secrecy\bigskip\\
+Authentication & vs. &Enfranchisement
+\end{tabular}
+\end{center}\bigskip\bigskip\pause
+Further constraints:
+\begin{itemize}
+\item costs
+\item accessibility
+\item convenience
+\item intelligibility
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}E-Voting\end{tabular}}
+\begin{itemize}
+\item The Netherlands, between 1997 - 2006 had electronic voting machines\\
+\textcolor{gray}{(it has been found that they could be hacked and emitted radio signals)}
+\item Germany, had been used in pilot studies\\
+\textcolor{gray}{(in 2007 a law suit has reached the highest court and it rejected electronic voting
+on the grounds of not being understandable by the general public)}
+\item UK, used optical scan voting systems in a few polls
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}E-Voting\end{tabular}}
+\mbox{}\\[-12mm]
+\begin{itemize}
+\item US, used mechanical machines since the 50s, later punch cards, DREs and
+optical scan voting machines \textcolor{gray}{(fantastic ``ecosystem'' for research)}
+\item Estonia used in 2007 the world's first Internet vote in national elections (there are earlier pilot studies)
+\item India, the biggest democracy uses e-voting devices  since at least 2003\\
+\textcolor{gray}{(keep-it-simple machines produced by a government owned company)}
+\item South Africa used software for its tallying in the 1993 elections (Nelson Mandela)
+\textcolor{gray}{(they found the software was rigged, but they were able to manually tally)}
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}A Brief History of Voting\end{tabular}}
+\begin{itemize}
+\item Athenians
+\begin{itemize}
+\item show of hands
+\item ballots on pieces of pottery
+\item different colours of stones
+\item ``facebook''-like autorisation
+\end{itemize}\bigskip
+\item French Revolution and the US Constitution got things ``started'' with
+paper ballots (you first had to bring your own, or later were pre-printed by the parties)
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Paper Ballots\end{tabular}}
+What can go wrong with paper ballots?
+\only<2>{
+\begin{center}
+\includegraphics[scale=0.8]{pics/tweet.jpg}\\
+\footnotesize William M.~Tweed, US Politician in 1860's\\
+``As long as I count the votes, what are you going to do about it?''
+\end{center}}
+\only<3>{
+\medskip
+\begin{center}
+\begin{minipage}{10cm}
+{\bf Chain Voting Attack}
+\begin{enumerate}
+\item you obtain a blank ballot and fill it out as you want
+\item you give it to a voter outside the polling station
+\item voter receives a new blank ballot
+\item voter submits prefilled ballot
+\item voter gives blank ballot to you, you give money
+\item goto 1
+\end{enumerate}
+\end{minipage}
+\end{center}
+}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Mechanical Voting Machines\end{tabular}}
+\begin{itemize}
+\item<1-> Lever Voting Machines (ca.~1930 - 1990)
+\only<1>{
+\begin{center}
+\includegraphics[scale=0.56]{pics/leavermachine.jpg}
+\end{center}
+}
+\item<2->Punch Cards (ca.~1950 - 2000)
+\only<2>{
+\begin{center}
+\includegraphics[scale=0.5]{pics/punchcard1.jpg}\;\;
+\includegraphics[scale=0.46]{pics/punchcard2.jpg}
+\end{center}
+}
+\end{itemize}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\begin{center}
+\includegraphics[scale=0.56]{pics/Voting1.png}
+\end{center}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\begin{center}
+\includegraphics[scale=0.56]{pics/Voting2.png}
+\end{center}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\begin{center}
+\includegraphics[scale=0.56]{pics/Voting3.png}
+\end{center}
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\begin{center}
+\includegraphics[scale=0.56]{pics/Voting4.png}
+\end{center}
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

changeset 43	de3e32e10628
parent 41	b44341c0a7bb
child 44	1dcd758265f1