# HG changeset patch # User Christian Urban # Date 1350373476 -3600 # Node ID de3e32e106285bb41bf25be4dcdd7150bee8f3fd # Parent 00fd79e0c41a2a13a73a33d5a00682c6ce476b96 added diff -r 00fd79e0c41a -r de3e32e10628 slides04.pdf Binary file slides04.pdf has changed diff -r 00fd79e0c41a -r de3e32e10628 slides04.tex --- a/slides04.tex Tue Oct 16 08:02:38 2012 +0100 +++ b/slides04.tex Tue Oct 16 08:44:36 2012 +0100 @@ -392,7 +392,7 @@ It prevents problems when passwords are stolen. Man-in-the-middle attacks still possible.\end{tabular}} \item<4->What other risks does the security solution cause? -\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Your mobile phone or creditcard/pin might +\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Your mobile phone or credit card/pin might be stolen. SIM card become valuable.\end{tabular}} \item<5->What costs and trade-offs does the security solution impose? \only<5>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright @@ -435,7 +435,7 @@ \end{itemize}\bigskip \item Andrew Appel defeated all security seals which were supposed to keep -voting machines safe. +voting machines safe \end{itemize} @@ -476,7 +476,7 @@ \item<1->What assets are you trying to protect?\\ \only<1>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}Voting machines, doors.\end{tabular}} \item<2->What are the risks to these assets?\\ -\only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Casual thiefs, insider attacks.\end{tabular}} +\only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Casual thieves, insider attacks.\end{tabular}} \item<3->How well does the security solution mitigate those risks?\\ \only<3>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright Needs a quite complicated security regiment.\end{tabular}} @@ -485,8 +485,366 @@ \item<5->What costs and trade-offs does the security solution impose? \only<5>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright The ``hardware'' is cheap, but indirect costs can be quite high.\end{tabular}} -\item<7>[]{\bf\large No!} {\textcolor{gray}{Though in some areas they work: airport.}} +\item<7>[]{\bf\large No!} {\textcolor{gray}{Though in some areas they work: airport, swimming pool}} +\end{itemize} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}Ex: Security by Obscurity\end{tabular}} + +You might think it is a good idea to keep a security relevant algorithm or +software secret. + +\begin{itemize} +\item<1->What assets are you trying to protect?\\ +\only<1>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}source code, an algorithm\end{tabular}} +\item<2->What are the risks to these assets?\\ +\only<2>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright +Can be pretty high (Oystercards).\end{tabular}} +\item<3->How well does the security solution mitigate those risks?\\ +\only<3>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright +Not really. The source code can be reverse engineered, stolen\ldots{}\end{tabular}} +\item<4->What other risks does the security solution cause? +\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright You prevent +scrutiny and independent advice. You also more likely than not, +get it wrong.\end{tabular}} +\item<5>[]{\bf\large No!} +\end{itemize} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}Voting as Security Problem\end{tabular}} + +What are the security requirements of a voting system?\bigskip + +\begin{itemize} +\item<2->Integrity +\item<3->Ballot Secrecy +\item<5->Voter Authentication +\item<6->Enfranchisement +\item<7->Availability +\end{itemize} + +\only<2>{ +\begin{textblock}{5.5}(8,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] +{\small +\begin{minipage}{5cm}\raggedright +\begin{center} +\begin{minipage}{4.5cm} +\begin{itemize} +\item The outcome matches with the voter intend. +\item There might be gigantic sums at stake. +\end{itemize} +\end{minipage} +\end{center} +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\only<4>{ +\begin{textblock}{5.5}(8,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] +{\small +\begin{minipage}{5cm}\raggedright +\begin{center} +\begin{minipage}{4.5cm} +\begin{itemize} +\item Nobody can find out how you voted. +\item (Stronger) Even if you try, you cannot prove how you voted. +\end{itemize} +\end{minipage} +\end{center} +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\only<5>{ +\begin{textblock}{5.5}(8,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] +{\small +\begin{minipage}{5cm}\raggedright +\begin{center} +\begin{minipage}{4.5cm} +\begin{itemize} +\item Only authorised voters can vote up to the permitted number of votes. +\end{itemize} +\end{minipage} +\end{center} +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\only<6>{ +\begin{textblock}{5.5}(8,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] +{\small +\begin{minipage}{5cm}\raggedright +\begin{center} +\begin{minipage}{4.5cm} +\begin{itemize} +\item Only authorised voters should be able to vote up to the permitted number of votes. +\end{itemize} +\end{minipage} +\end{center} +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\only<7>{ +\begin{textblock}{5.5}(8,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] +{\small +\begin{minipage}{5cm}\raggedright +\begin{center} +\begin{minipage}{4.5cm} +\begin{itemize} +\item The voting system should accept all authorised votes and produce results in a timely manner. +\end{itemize} +\end{minipage} +\end{center} +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\only<6>{ +\begin{textblock}{5.5}(8,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm, text centered] +{\small +\begin{minipage}{5cm}\raggedright +\begin{center} +\begin{minipage}{4.5cm} +\begin{itemize} +\item Only authorised voters should be able to vote up to the permitted number of votes. \end{itemize} +\end{minipage} +\end{center} +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}Ballot Boxes\end{tabular}} + + +\begin{center} +\includegraphics[scale=2.5]{pics/ballotbox.jpg} +\end{center} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}Problems with Voting\end{tabular}} + + +\begin{center}\large +\begin{tabular}{rcl} +Integrity & vs. & Ballot Secrecy\bigskip\\ +Authentication & vs. &Enfranchisement +\end{tabular} +\end{center}\bigskip\bigskip\pause + +Further constraints: + +\begin{itemize} +\item costs +\item accessibility +\item convenience +\item intelligibility +\end{itemize} +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}E-Voting\end{tabular}} + + +\begin{itemize} +\item The Netherlands, between 1997 - 2006 had electronic voting machines\\ +\textcolor{gray}{(it has been found that they could be hacked and emitted radio signals)} + +\item Germany, had been used in pilot studies\\ +\textcolor{gray}{(in 2007 a law suit has reached the highest court and it rejected electronic voting +on the grounds of not being understandable by the general public)} + +\item UK, used optical scan voting systems in a few polls +\end{itemize} +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}E-Voting\end{tabular}} + +\mbox{}\\[-12mm] +\begin{itemize} +\item US, used mechanical machines since the 50s, later punch cards, DREs and +optical scan voting machines \textcolor{gray}{(fantastic ``ecosystem'' for research)} + +\item Estonia used in 2007 the world's first Internet vote in national elections (there are earlier pilot studies) + +\item India, the biggest democracy uses e-voting devices since at least 2003\\ +\textcolor{gray}{(keep-it-simple machines produced by a government owned company)} + +\item South Africa used software for its tallying in the 1993 elections (Nelson Mandela) +\textcolor{gray}{(they found the software was rigged, but they were able to manually tally)} +\end{itemize} +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}A Brief History of Voting\end{tabular}} + + +\begin{itemize} +\item Athenians +\begin{itemize} +\item show of hands +\item ballots on pieces of pottery +\item different colours of stones +\item ``facebook''-like autorisation +\end{itemize}\bigskip + +\item French Revolution and the US Constitution got things ``started'' with +paper ballots (you first had to bring your own, or later were pre-printed by the parties) +\end{itemize} +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}Paper Ballots\end{tabular}} + +What can go wrong with paper ballots? + +\only<2>{ +\begin{center} +\includegraphics[scale=0.8]{pics/tweet.jpg}\\ +\footnotesize William M.~Tweed, US Politician in 1860's\\ +``As long as I count the votes, what are you going to do about it?'' +\end{center}} + +\only<3>{ +\medskip +\begin{center} +\begin{minipage}{10cm} +{\bf Chain Voting Attack} +\begin{enumerate} +\item you obtain a blank ballot and fill it out as you want +\item you give it to a voter outside the polling station +\item voter receives a new blank ballot +\item voter submits prefilled ballot +\item voter gives blank ballot to you, you give money +\item goto 1 +\end{enumerate} +\end{minipage} +\end{center} +} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[t] +\frametitle{\begin{tabular}{@ {}c@ {}}Mechanical Voting Machines\end{tabular}} + +\begin{itemize} +\item<1-> Lever Voting Machines (ca.~1930 - 1990) +\only<1>{ +\begin{center} +\includegraphics[scale=0.56]{pics/leavermachine.jpg} +\end{center} +} +\item<2->Punch Cards (ca.~1950 - 2000) +\only<2>{ +\begin{center} +\includegraphics[scale=0.5]{pics/punchcard1.jpg}\;\; +\includegraphics[scale=0.46]{pics/punchcard2.jpg} +\end{center} +} +\end{itemize} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + +\begin{center} +\includegraphics[scale=0.56]{pics/Voting1.png} +\end{center} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + +\begin{center} +\includegraphics[scale=0.56]{pics/Voting2.png} +\end{center} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + +\begin{center} +\includegraphics[scale=0.56]{pics/Voting3.png} +\end{center} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] + +\begin{center} +\includegraphics[scale=0.56]{pics/Voting4.png} +\end{center} \end{frame}}