Seminar, Summer 2014
|Instructor||Prof. Dr. Matteo Maffei|
|Teaching Assistant||Fabienne Eigner|
|Organizational Meeting||Wednesday, April 16, 2014 at 16:00|
|Registration||Registration deadline: Wednesday, April 16, 2014 at 15:00|
|Place||E1.7 (MMCI), room 3.23|
|Form/Credits||Seminar, 7 ECTS|
|1. Session||Wednesday, May 14, 2014 at 16:00|
|2. Session||Wednesday, June 04, 2014 at 16:00|
|3. Session||Wednesday, June 25, 2014 at 16:00|
|4. Session||Wednesday, July 16, 2014 at 16:00|
|Contact||<fabienne's surname> at cs dot uni-saarland dot de,|
- 2014-04-08: the website is online
Electronic voting is receiving increasing attention from governments, mass media, and the scientific community. The deployment of electronic voting systems, however, is limited in practice since many open questions still remain. In this seminar we will focus on answering the following questions:
- Which electronic voting schemes exist and which properties do they fulfill?
- What vulnerabilities of existing protocols have been discovered? What attacks are there? How can we defend against them and how can we prove the "security" of a voting scheme?
- How can we achieve "everlasting privacy": even if a voting scheme protects a voter's vote now, what happens twenty years from now, when current encryptions can be easily broken?
- Which real-life elections use(d) electronic voting? Which protocols are used? What legal requirements are there? Are there recorded attacks?
Topic I. Electronic Voting Schemes
In this session we will have a look at which electronic voting schemes exist and which properties they fulfill.
- (I.1) Helios: Web-based Open-Audit Voting. Ben Adida. In Usenix Security, 2008. (Homepage)
- (I.2) Civitas: Toward a Secure Voting System. Michael R. Clarkson, Stephen Chong, Andrew C. Myers. In Symposium on Security and Privacy, 2008. (Homepage)
- (I.3) Prêt à voter: A Voter-verifiable Voting System. Peter Y. A. Ryan, David Bismark, James Heather, Steve Schneider, Zhe Xia. In Transactions on Information Forensics and Security, 2009 (Homepage)
Topic II. Attacks and Verification
In this session we will discuss vulnerabilities of existing protocols. What attacks are there? How can we defend against them and how can we prove the "security" of a voting scheme?
- (II.1) Clash-Attacks on the Verifiability of E-Voting Systems. Ralf Küsters, Tomasz Truderung, and Andreas Vogt. In Symposium on Security and Privacy, 2012.
- (II.2) Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus. Michael Backes, Catalin Hritcu, and Matteo Maffei. In Computer Security Foundations Symposium, 2008.
- (II.3) Attacking and fixing Helios: An analysis of ballot secrecy. Véronique Cortier and Ben Smyth. In Computer Security Foundations Symposium, 2011
Topic III. Everlasting Privacy
In this session we will answer the question of how to achieve "everlasting privacy": even if a voting scheme protects a voter's vote now, what happens twenty years from now, when current encryptions can be easily broken?
- (III.1) Receipt-free Universally-verifiable Voting with Everlasting Privacy. Tal Moran and Moni Naor. In Advances in Cryptology, 2006.
- (III.2) Practical Everlasting Privacy . Myrto Arapinis, Véronique Cortier, Steve Kremer, and Mark Ryan In Conference on Principles of Security and Trust, 2013.
- (III.3) Election Verifiability or Ballot Privacy: Do We Need to Choose?. Édouard Cuvelier, Olivier Pereira, and Thomas Peters. In European Symposium on Research in Computer Security, 2013. (Technical Report)
Topic IV. Electronic Voting in Practice
In this session we will have a look at real-life elections that use(d) electronic voting. Which protocols are used? What legal requirements are there? Are there recorded attacks?
Only temporary list of papers, still subject to change!
- (IV.1) When Reality Comes Knocking: Norwegian Experiences with Verifiable Electronic Voting. Ida Sofie Gebhardt Stenerud and Christian Bull. In Electronic Voting, 2012.
- (IV.2) Developing a Legal Framework for Remote Electronic Voting. Axel Schmidt, Dennis Heinson, Lucie Langer, Zoi Opitz-Talidou, Philipp Richter, Melanie Volkamer, and Johannes Buchmann. In E-Voting and Identity, 2009.
- (IV.3) Direct Democracy: Progress and Pitfalls of Election Technology (Chapter: Electronic voting, pages 68-107). Douglas W. Jones. In International Foundation for Electoral Systems, 2010.
The seminar will consist of four sessions (reading groups) throughout the semester in which you will present and discuss papers. In each session we will discuss three papers. Each student must read all of those and will be assigned to be an expert for one of them (usually 2-3 experts per paper). As an expert you will prepare a short presentation (15-20 minutes) about "your" paper and present it to the class (see this guide). All non-experts (who will also have read the paper) must hand in
- a summary (2 pages, written in LaTex, using the following template with example bibliography file) and
- two meaningful questions about that paper in written form
Overall each student will:
- read 12 papers;
- be an expert for 4 papers;
- write a short summary for 8 papers;
- prepare questions for 8 papers (16 in total);
- actively participate in 4 reading groups.
Participation in the organizational meeting and all the reading group sessions is mandatory.
Each student will have to hand in the slides for their "expert paper" and summaries and questions for their "non-expert papers" to Fabienne ( <fabienne's surname> at cs dot uni-saarland dot de) no later than described in the milestones table below.
|Registration||before Wednesday, April 16, 2014 at 15:00|
|Kick-off meeting||Wednesday, April 16, 2014 at 16:00|
|Slides, summaries, and questions for Session 1||before Sunday, May 11, 2014 at 23:59|
|Session 1||Wednesday, May 14, 2014 at 16:00|
|Slides, summaries, and questions for Session 2||before Sunday, June 01, 2014 at 23:59|
|Session 2||Wednesday, June 04, 2014 at 16:00|
|Slides, summaries, and questions for Session 3||before Sunday, June 22, 2014 at 23:59|
|Session 3||Wednesday, June 25, 2014 at 16:00|
|Slides, summaries, and questions for Session 4||before Sunday, July 13, 2014 at 23:59|
|Session 4||Wednesday, July 16, 2014 at 16:00|
To pass the seminar you are required to meet all
milestone deadlines (see the table above). Your active
participation in all sessions is mandatory.
Your final grade is based on the quality of your four expert talks in the reading groups (15% each) as well as your active participation in the reading groups and the summaries and questions you prepare for the other presentations (40%). All grades must be 4.0 or higher.
How to register
The registration deadline is Wednesday, April 16, 2014 at 15:00.
For registering, please send an e-mail as early as possible to <fabienne's surname> at cs dot uni-saarland dot de, indicating your name and matriculation number and which courses related to security and cryptography you have previously taken. Please also register through PIAZZA.
Note that the number of participants is limited to 9!
As usual, you have to register in the LSF/HISPOS system.