\documentclass[dvipsnames,14pt,t]{beamer}
\usepackage{../slides}
\usepackage{../graphics}
\usepackage{../langs}

\setmonofont[Scale=.88]{Consolas}
\newfontfamily{\consolas}{Consolas}

\hfuzz=220pt 

% beamer stuff 
\renewcommand{\slidecaption}{SEN 02, King's College London}

% mention again examination stuff
%
%Bank vs Voting
%http://www.parliament.vic.gov.au/images/stories/committees/emc/2010_Election/submissions/13_VTeague_EMC_Inquiry_No.6.pdf
%
% first cyber attack
%http://investigations.nbcnews.com/_news/2013/03/18/17314818-cyberattack-on-florida-election-is-first-known-case-in-us-experts-say
%
% another comment in the handout

\newcommand{\bl}[1]{\textcolor{blue}{#1}}  

\begin{document}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{%
  \begin{tabular}{@ {}c@ {}}
  \\
  \LARGE Security Engineering (2)\\[-3mm] 
  \end{tabular}}\bigskip\bigskip\bigskip

\normalsize
  \begin{center}
  \begin{tabular}{ll}
  Email:  & christian.urban at kcl.ac.uk\\
  Office: & S1.27 (1st floor Strand Building)\\
  Slides: & KEATS (also homework is there)\\
  \end{tabular}
  \end{center}

\end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{\begin{tabular}{c}This Course is about\\[-2mm]  ``Satan's Computer''\end{tabular}}

Ross Anderson and Roger Needham wrote:\bigskip

\begin{bubble}[10cm]
\small
``In effect, our task is to program a computer which gives 
answers which are subtly and maliciously wrong at the most 
inconvenient possible moment\ldots{} we hope that the lessons 
learned from programming Satan's computer may be helpful 
in tackling the more common problem of programming Murphy's.''
\end{bubble}\\[30mm]

\only<2>{
\begin{textblock}{11}(3.5,12)
\begin{tabular}{c}
\includegraphics[scale=0.12]{../pics/ariane.jpg}\\[-2mm]
\footnotesize Murphy's computer
\end{tabular}
\begin{tabular}{c}
\includegraphics[scale=0.15]{../pics/mobile.jpg}\;
\includegraphics[scale=0.06]{../pics/pinsentry.jpg}\\[-2mm]
\footnotesize Satan's computers
\end{tabular}
\end{textblock}}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Defence in Depth}

\begin{center}\small
\pcode{urbanc:$6$3WWbKfr1$4vblknvGr6FcDeF92R5xFn3mskfdnEn...:...}
\end{center}

\begin{itemize}
\item hashes help when password databases are leaked
\item salts help with protecting against dictionary attacks
  and help people who have the same password on different sites\medskip

\item but they do not protect against a focused attack against a single 
  password and also do not make poorly chosen passwords any better
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Subtle Points}

\begin{itemize}
\item in our web-application the salt needed to remain secret;
  in password files the salt is public\bigskip

\item the NYT has the ``resource'' unlocked at first
  and locks it depending on the cookie data
\item our ``web-application'' has the resource locked at first,
  and unlocks it depending on the cookie data

\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{How to Salt?}

\begin{center}\tt\small
\begin{tabular}{lcl}
1salt & $\Rightarrow$ & 8189effef4d4f7411f4153b13ff72546dd682c69\\
2salt & $\Rightarrow$ & 1528375d5ceb7d71597053e6877cc570067a738f\\
3salt & $\Rightarrow$ & d646e213d4f87e3971d9dd6d9f435840eb6a1c06\\
4salt & $\Rightarrow$ & 5b9e85269e4461de0238a6bf463ed3f25778cbba\\
\end{tabular}
\end{center}

\begin{itemize}
\item in Unix systems: \texttt{hash(salt + password)}, or even
\texttt{hash$^{\texttt{1500}}$(salt + password)}\smallskip\pause
\item Bruce Schneier in cases messages are long: \\
instead of \texttt{m $\mapsto$ hash(m)},\\ use \texttt{m $\mapsto$ hash(hash(m) + m)}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{\Large\begin{tabular}{c}User-Tracking Without Cookies\end{tabular}}

Can you track a user {\bf without}:

\begin{itemize}
\item Cookies
\item JavaScript
\item LocalStorage/SessionStorage/GlobalStorage
\item Flash, Java or other plugins
\item Your IP address or user agent string
\item Any methods employed by Panopticlick\\
\mbox{}\hfill $\rightarrow$ \textcolor{blue}{\url{https://panopticlick.eff.org/}}
\end{itemize}

Even when you disabled cookies entirely, have JavaScript turned off and use a VPN 
service, and also \ldots

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Verizon}
\mbox{}\\[-23mm]\mbox{} 

\begin{center}
\includegraphics[scale=0.21]{../pics/verizon.png}
\end{center}
\vfill\footnotesize
\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Web-Protocol}

\only<1->{
\begin{textblock}{1}(2,2)
  \begin{tikzpicture}[scale=1.3]
  \draw[white] (0,0) node (X) {\includegraphics[scale=0.12]{../pics/firefox.jpg}};
  \end{tikzpicture}
\end{textblock}}

\only<1->{
\begin{textblock}{1}(11,2)
  \begin{tikzpicture}[scale=1.3]
  \draw[white] (0,0) node (X) {\includegraphics[scale=0.15]{../pics/servers.png}};
  \end{tikzpicture}
\end{textblock}}

\only<1->{
\begin{textblock}{1}(5,2.5)
  \begin{tikzpicture}[scale=1.3]
  \draw[white] (0,0) node (X) {};
  \draw[white] (3,0) node (Y) {};
  \draw[red, ->, line width = 2mm] (X) -- (Y);
  \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg}] at ($ (X)!.5!(Y) $) {};
  \end{tikzpicture}
\end{textblock}}

\only<2->{
\begin{textblock}{1}(5,6)
  \begin{tikzpicture}[scale=1.3]
  \draw[white] (0,0) node (X) {};
  \draw[white] (3,0) node (Y) {};
  \draw[red, <-, line width = 2mm] (X) -- (Y);
  \node [inner sep=5pt,label=below:\textcolor{black}{\small ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
   \node [inner sep=5pt,label=above:{\includegraphics[scale=0.15]{../pics/tvtestscreen.jpg}}] at ($ (X)!.5!(Y) $) {};
  \end{tikzpicture}
\end{textblock}}

\only<3->{
\begin{textblock}{1}(4.2,11)
  \begin{tikzpicture}[scale=1.3]
  \draw[white] (0,0) node (X) {};
  \draw[white] (3,0) node (Y) {};
  \draw[red, ->, line width = 2mm] (X) -- (Y);
  \node [inner sep=5pt,label=above:\textcolor{black}{\small GET static.jpg ETag: 7b33de1}] at ($ (X)!.5!(Y) $) {};
  \end{tikzpicture}
\end{textblock}}

\only<4->{
\begin{textblock}{1}(4.2,13.9)
  \begin{tikzpicture}[scale=1.3]
  \draw[white] (0,0) node (X) {};
  \draw[white] (3,0) node (Y) {};
  \draw[red, <-, line width = 2mm] (X) -- (Y);
  \node [inner sep=5pt,label=below:\textcolor{black}{\small HTTP/1.1 304 (Not Modified)}] at ($ (X)!.5!(Y) $) {};
  \end{tikzpicture}
\end{textblock}}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Today's Lecture}
\begin{center}
\begin{tabular}{ccc}
\large online banking  & \hspace{3mm}\large{}vs\hspace{3mm} & \large e-voting\\
\textcolor{gray}{solved} & & \textcolor{gray}{unsolved}\\
\end{tabular}
\end{center}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{E-Voting}

\begin{bubble}[9cm]
``Any electronic voting system should provide at least the same
security, privacy and transparency as the system it replaces.''
\end{bubble}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{Voting as Security Problem}

What are the security requirements of a voting system?\bigskip

\begin{itemize}
\item<2->Integrity 
\item<3->Ballot Secrecy
\item<5->Voter Authentication
\item<6->Enfranchisement
\item<7->Availability
\end{itemize}

\only<2>{
\begin{textblock}{5.5}(8,5)
\begin{bubble}[5cm]\small
\begin{center}
\begin{minipage}{4.5cm}
\begin{itemize}
\item The outcome matches with the voters' intend.
\item There might be gigantic sums at stake and need to be defended against.
\end{itemize}
\end{minipage}
\end{center}
\end{bubble}
\end{textblock}}

\only<4>{
\begin{textblock}{5.5}(8,5)
\begin{bubble}[5cm]\small
\begin{center}
\begin{minipage}{4.5cm}
\begin{itemize}
\item Nobody can find out how you voted.
\item (Stronger) Even if you try, you cannot prove how you voted.
\end{itemize}
\end{minipage}
\end{center}
\end{bubble}
\end{textblock}}

\only<5>{
\begin{textblock}{5.5}(8,5)
\begin{bubble}[5cm]\small
\begin{center}
\begin{minipage}{4.5cm}
\begin{itemize}
\item Only authorised voters can vote up to the permitted number of votes.
\end{itemize}
\end{minipage}
\end{center}
\end{bubble}
\end{textblock}}

\only<6>{
\begin{textblock}{5.5}(8,5)
\begin{bubble}[5cm]\small
\begin{center}
\begin{minipage}{4.5cm}
\begin{itemize}
\item Authorised voters should have the opportunity to vote.
\end{itemize}
\end{minipage}
\end{center}
\end{bubble}
\end{textblock}}

\only<7>{
\begin{textblock}{5.5}(8,5)
\begin{bubble}[5cm]\small
\begin{center}
\begin{minipage}{4.5cm}
\begin{itemize}
\item The voting system should accept all authorised votes and produce results in a timely manner.
\end{itemize}
\end{minipage}
\end{center}
\end{bubble}
\end{textblock}}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{Problems with Voting}

\begin{center}\large
\begin{tabular}{rcl}
Integrity & vs. & Ballot Secrecy\bigskip\\
Authentication & vs. &Enfranchisement   
\end{tabular}
\end{center}\bigskip\bigskip\pause

Further constraints:

\begin{itemize}
\item costs
\item accessibility
\item convenience
\item intelligibility 
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{Traditional Ballot Boxes}

\begin{center}
\includegraphics[scale=2.5]{../pics/ballotbox.jpg}
\end{center}\pause\bigskip

mechanical, but they need a ``protocol''

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Motives for E-Voting}

\begin{itemize}
\item 76\% of pensioners in the UK vote, but only 44\% of the under-25s\bigskip
\item convenience\bigskip
\item speed 
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{E-Voting}

\begin{itemize}
\item The Netherlands between 1997 - 2006 had electronic voting
  machines\\ \textcolor{gray}{(hacktivists had found: they can be
    hacked and also emitted radio signals revealing how you voted)}

\item Germany had used them in pilot studies\\ \textcolor{gray}{(in
  2007 a law suit has reached the highest court and it rejected
  electronic voting on the grounds of not being understandable by the
  general public)}

\item UK used optical scan voting systems in a few test polls, but
  abandoned any wide deployment
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{E-Voting}

\mbox{}\\[-12mm]
\begin{itemize}
\item US used mechanical machines since the 30s, later punch cards,
  now DREs and optical scan voting machines

\item Estonia used in 2007 the Internet for national elections
  \textcolor{gray}{(there were earlier pilot studies in other
    countries)}

\item India uses e-voting devices since at least
  2003\\ \textcolor{gray}{(``keep-it-simple'' machines produced by a
    government owned company)}

\item South Africa used software for its tallying in the 1993
  elections (when Nelson Mandela was elected) \textcolor{gray}{(they
    found the tallying software was rigged, but they were able to
    tally manually)}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{E-Voting in Estonia}

\begin{itemize}
\item worlds first general election that used internet voting (2007)
\item builds on the Estonian ID card (a smartcard like CC)
\item Internet voting can be used before the election (votes can be changed an
unlimited amount of times, last vote is tabulated, you can even change your
vote on the polling day in person)
\item in the 2011 parliamentary election 24\% voted via Internet\bigskip\pause

\item needs to trust the integrity of voters' computers, 
  central server components and the election staff
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]

\footnotesize
\lstinputlisting[language=Python,xleftmargin=0mm]{../progs/estonia.py}

\begin{textblock}{5.5}(7.8,0.5)
\begin{bubble}[5cm]\small
from \url{https://github.com/vvk-ehk/evalimine/}
\end{bubble}
\end{textblock}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
E-Voting in \textbf{Theory}
\small
\begin{itemize}
\item Alice prepares and audits a ballot, then casts an encrypted 
  ballot, which requires her to authenticate to a server.

\item A bulletin board posts Alice's name and encrypted ballot. 
  Anyone, including Alice, can check the bulletin board and find her 
  encrypted vote posted.

\item When the election closes, all votes are shuffled and the system produces 
  a non-interactive proof of a correct shuffling. (zero-knowledge-proofs)

\item After a reasonable complaint period to let auditors check the 
  shuffling, all shuffled ballots are decrypted, and the system provides 
  a decryption proof for each decrypted ballot. (zero-knowledge-proofs)

\item Perform a tally of the decrypted votes.

\item An auditor can download the entire election data and verify the 
  shuffle, decryptions and tally.
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{A Brief History of Voting}

\begin{itemize}
\item Athenians
\begin{itemize}
\item show of hands
\item ballots on pieces of pottery
\item different colours of stones
\item ``facebook''-like authorisation 
\end{itemize}\bigskip

\textcolor{gray}{problems with vote buying / no ballot privacy}\bigskip


\item French Revolution and the US Constitution got things ``started'' with 
paper ballots (you first had to bring your own; later they were pre-printed by parties)
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[t]
\frametitle{\begin{tabular}{@ {}c@ {}}Ballot Boxes\end{tabular}}

Security policies with paper ballots:

\begin{enumerate}
\item you need to check that the ballot box is empty at the start of the poll / no false bottom (to prevent ballot stuffing)
\item you need to guard the ballot box during the poll until counting
\item tallied by a team at the end of the poll (independent observers) 
\end{enumerate}

\begin{center}
\includegraphics[scale=1.5]{../pics/ballotbox.jpg}
\end{center}


\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
\begin{frame}[c]

Which security requirements do paper ballots satisfy better than voice voting?\bigskip

\begin{itemize}
\item Integrity
\item Enfranchisement
\item Ballot secrecy
\item Voter authentication
\item Availability
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[t]
\frametitle{\begin{tabular}{@ {}c@ {}}Paper Ballots\end{tabular}}

What can go wrong with paper ballots?

\only<2>{
\begin{center}
\includegraphics[scale=0.8]{../pics/tweet.jpg}\\
\footnotesize William M.~Tweed, US Politician in 1860's\\
``As long as I count the votes, what are you going to do about it?''
\end{center}}

\only<3>{
\medskip
\begin{center}
\begin{minipage}{10cm}
{\bf Chain Voting Attack}
\begin{enumerate}
\item you obtain a blank ballot and fill it out as you want
\item you give it to a voter outside the polling station
\item voter receives a new blank ballot
\item voter submits prefilled ballot
\item voter gives blank ballot to you, you give money
\item goto 1
\end{enumerate}
\end{minipage}
\end{center}
}

\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[t]
\frametitle{\Large Mechanical Voting Machines}

\begin{itemize}
\item<1-> Lever Voting Machines (ca.~1930 - 1990)
\only<1>{
\begin{center}
\includegraphics[scale=0.56]{../pics/leavermachine.jpg}
\end{center}
}
\item<2->Punch Cards (ca.~1950 - 2000)
\only<2>{
\begin{center}
\includegraphics[scale=0.5]{../pics/punchcard1.jpg}\;\;
\includegraphics[scale=0.46]{../pics/punchcard2.jpg}
\end{center}
}
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[t]
\frametitle{\begin{tabular}{@ {}c@ {}}Electronic Voting Machines\end{tabular}}

\begin{center}
\begin{tabular}{c}
\includegraphics[scale=0.45]{../pics/dre1.jpg}\; 
\includegraphics[scale=0.40]{../pics/dre2.jpg}\\\hline\\
\includegraphics[scale=0.5]{../pics/opticalscan.jpg} 
\end{tabular}
\end{center}

\only<1->{
\begin{textblock}{5.5}(1,4)
DREs
\end{textblock}}
\only<1->{
\begin{textblock}{5.5}(1,11)
Optical Scan
\end{textblock}}

\only<2>{
\begin{textblock}{5.5}(0.5,14.5)
\small all are ``computers''
\end{textblock}}

\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}DREs\end{tabular}}

Direct-recording electronic voting machines\\ 
(votes are recorded for example on memory cards)

typically touchscreen machines

usually no papertrail

\begin{center}
\includegraphics[scale=0.56]{../pics/dre1.jpg}
\end{center}


\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}Diebold Machines\end{tabular}}

Alex Halderman:

\begin{itemize}
\item acquired a machine from an anonymous source\medskip
\item they try to keep secret the source code running the machine\medskip\pause

\item first reversed-engineered the machine (extremely tedious)
\item could completely reboot the machine and even install a virus that infects other Diebold machines
\item obtained also the source code for other machines
\end{itemize}

\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}Diebold Machines\end{tabular}}

What could go wrong?\pause \;\;Failure-in-depth.\bigskip\pause

A non-obvious problem:

\begin{itemize}
\item you can nowadays get old machines, which still store old polls\medskip

\item the paper ballot box needed to be secured during the voting until counting;
e-voting machines need to be secured during the entire life-time  
\end{itemize}

\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}Paper Trail\end{tabular}}

Conclusion:\\ Any electronic solution should have a paper trail.

\begin{center}
\begin{tabular}{c}
\includegraphics[scale=0.5]{../pics/opticalscan.jpg} 
\end{tabular}
\end{center}\pause

You still have to solve problems about
voter registration, voter authentication, guarding against tampering

\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}E-Voting in India\end{tabular}}

Their underlying engineering principle is ``keep-it-simple'':

\begin{center}
\begin{tabular}{c}
\includegraphics[scale=1.05]{../pics/indiaellection.jpg}\;\;
\includegraphics[scale=0.40]{../pics/india1.jpg}
\end{tabular}
\end{center}\medskip\pause

Official claims: ``perfect'', ``tamperproof'', ``no need for technical improvements'' , ``infallible'' 
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}Lessons Learned\end{tabular}}

\begin{itemize}
\item keep a paper trail and design your system to keep this secure\medskip
\item make the software open source (avoid security-by-obscurity)\medskip
\item have a simple design in order to minimise the attack surface
\end{itemize}\pause

But overall, in times of NSA/state sponsored cyber-crime, e-voting is
too hard with current technology.

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{\Large Online Banking vs.~E-Voting}

\begin{itemize}
\item online banking: if fraud occurs  you try to identify who did
  what (somebody's account got zero)\bigskip
\item e-voting: some parts can be done electronically, but not the
  actual voting
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Student In-Lecture Polling}

\begin{center}
\includegraphics[scale=0.3]{../pics/clicker.png}
\end{center}

\begin{itemize}
\item can guarantee anonymity
\item integrity by electronic means\bigskip

\item how to achieve the same in ``software''?
\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{Anonymity}

\begin{itemize}
\item anonymity through one-time pads
\begin{center}
\includegraphics[scale=0.3]{../pics/tan.jpg}
\end{center}\bigskip\pause

\item solving the problem of distribution
\begin{center}
\includegraphics[scale=0.3]{../pics/bulletin.jpg}
\end{center}

\end{itemize}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]

\begin{center}
\includegraphics[scale=0.56]{../pics/Voting1.png}
\end{center}


\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]

\begin{center}
\includegraphics[scale=0.56]{../pics/Voting2.png}
\end{center}


\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]

\begin{center}
\includegraphics[scale=0.56]{../pics/Voting3.png}
\end{center}


\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[c]

\begin{center}
\includegraphics[scale=0.56]{../pics/Voting4.png}
\end{center}


\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}[c]
\frametitle{\Large Buffer Overflow Attacks}

\begin{center}
\begin{columns}[b]
\begin{column}{.4\textwidth}
\centering
\includegraphics[scale=0.3]{../pics/barrier.jpg}\\
first lecture
\end{column}
\begin{column}<2>{.4\textwidth}
\centering
\includegraphics[scale=0.32]{../pics/trainwreck.jpg}\\
next week
\end{column}
\end{columns}
\end{center}

\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   

\end{document}

%%% Local Variables:  
%%% mode: latex
%%% TeX-master: t
%%% End: