2 files changed, 240 insertions(+), 0 deletions(-)

A doc/oresec-talk/.gitignore
A doc/oresec-talk/tallyard.tex

@@ 0,0 1,8 @@
+*.aux
+*.log
+*.nav
+*.out
+*.pdf
+*.snm
+*.toc
+*.vrb<
\ No newline at end of file

@@ 0,0 1,232 @@
+\documentclass{beamer}
+\usepackage{nth}
+\usepackage{minted}
+\usepackage{csquotes}
+\usepackage{hyperref}
+\usepackage{amsmath}
+\usepackage{amssymb}
+
+
+\title{Securing Election with Homomorphic Cryptography}
+\author{David Florness}
+\date{February \nth{10}, 2020}
+
+
+\usetheme{Dresden}
+% \usecolortheme{seahorse}
+
+
+\begin{document}
+\begin{frame}
+  \titlepage
+\end{frame}
+
+\begin{frame}{Voting}
+  \begin{itemize}
+  \item is important
+  \item not electronic; why?
+    \begin{itemize}
+    \item at the moment, too risky
+    \end{itemize}
+  \end{itemize}
+\end{frame}
+
+\begin{frame}[allowframebreaks]{The Traditional Approach in the Electronic World}
+
+  \begin{enumerate}
+  \item voters register with a server
+  \item once authenticated, voters send their ballots to the server
+  \item the server counts the votes
+  \item the aggregate result is published
+  \end{enumerate}
+
+  \framebreak
+
+  \begin{center}
+    \includegraphics[height=0.8\textheight]{traditional-no-arrows.png}
+  \end{center}
+
+  \framebreak
+
+  \begin{center}
+    \includegraphics[height=0.8\textheight]{traditional.png}
+  \end{center}
+
+  \framebreak
+
+  \begin{itemize}
+  \item Pros
+    \begin{enumerate}
+    \item easy and simple
+    \item reliable
+    \item allows registration
+    \end{enumerate}
+  \item Cons
+    \begin{enumerate}
+    \item faith in a single authority
+    \item unverifiable
+    \item vulnerable to denial-of-service attacks
+    \end{enumerate}
+  \end{itemize}
+\end{frame}
+
+\begin{frame}
+  \begin{itemize}
+  \item We want a system that \pause
+    \begin{itemize}
+    \item requires registration / authentication, allowing us to limit who can
+      to vote \pause
+      \begin{itemize}
+      \item may want to limit voters members of a club, citizens of the
+        jurisdiction, etc.
+      \end{itemize} \pause
+    \item gives accurate aggregate results \pause
+    \item protects voter privacy
+      \begin{itemize}
+      \item no individual voters' vote should be knowable by anyone except said
+        voter
+      \end{itemize}
+    \end{itemize}
+  \end{itemize}
+\end{frame}
+
+\begin{frame}[allowframebreaks]{A New Approach}
+  \begin{itemize}
+  \item instead of a client-server approach, we have a peer-to-peer network
+    (p2p) where voters connect directly to each other
+  \end{itemize}
+
+  \framebreak
+
+  \begin{center}
+    \includegraphics[height=0.8\textheight]{p2p.png}
+  \end{center}
+\end{frame}
+
+\begin{frame}
+  \begin{itemize}
+  \item voters use standard means to identify and authenicate themselves (thinks
+    passwords, kerberos, LDAP, SSH/GPG finderprints, multipass, etc.)
+  \end{itemize}
+\end{frame}
+
+\begin{frame}
+  \begin{itemize}
+  \item \textbf{Question}: how and to whom do we submit ballots? \pause
+  \item \textbf{Answer}: we ``share'' our secret ballot with everyone!
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Introducing secret sharing}
+  \begin{itemize}
+  \item
+    \begin{quote}
+      \textbf{Secret sharing} (also called secret splitting) refers to methods
+      for distributing a secret amongst a group of participants, each of whom is
+      allocated a share of the secret. The secret can be reconstructed only when
+      a sufficient number, of possibly different types, of shares are combined
+      together; individual shares are of no use on their
+      own.~\footnote{\url{https://en.wikipedia.org/wiki/Secret\_sharing}}
+    \end{quote}
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Preliminaries}
+  \begin{itemize}
+  \item First, let's have every voter generate and share a random natural number
+    that will serve as said voter's public key. Let $x_i$ denote this random
+    number for voter $i$. \pause
+    \begin{center}
+      \includegraphics[height=0.6\textheight]{dist-x_i.png}
+    \end{center}
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Polynomials}
+  \begin{itemize}
+  \item We're now going to leverage plain old polynomials to conduct secret
+    sharing. \pause
+  \item Let's have every voter, say voter $i$, create a secret polynomial $P_i$
+    of degree $k-1$ where $k$ is the total number of voters:
+    \begin{equation*}
+      P_i(x) = c_i + a_{(i,1)} x + a_{(i,2)} x^2 + \dots + a_{(i,k-1)} x^{k-1}
+    \end{equation*}
+  \item \pause Every $a_{(i,j)}$ is a random natural number. \pause
+  \item $c_i$ is the numerically-encoded contents of voter $i$'s ballot. Every
+    $c_i$ must be encoded in such a way that summing every $\{c_j\}_{j\in[1,k]}$
+    results in the desired election result. For example, in a simple ``yes/no''
+    election, 1 could represent ``yes'' and -1 could represent ``no''.
+  \end{itemize}
+\end{frame}
+
+\begin{frame}{Polynomials as sharable secrets}
+  \begin{itemize}
+  \item \pause To know everything about a line (degree 1 polynomial), we only
+    need two points on the it. \pause
+  \item To know everything about a parabola curve (degree 2 polynomial), we only
+    need three points on the curve. \pause
+  \item $\dots$ \pause
+  \item As you'd expect, this pattern continues: to know everything about a
+    $k$-degree polynomial, we need only $k+1$ points. \pause
+  \item Thus, knowing everything about our $k-1$ degree polynomial $P_i$ is
+    equivalent to knowing $k$ points on it. \pause
+  \item So, we're going to distribute our secret by giving everyone just one
+    point.
+  \end{itemize}
+\end{frame}
+
+\begin{frame}
+  \begin{itemize}
+  \item Every voter sends every other voter the result of evulating their
+    polynomial at the given voter's public input:
+    \begin{center}
+      \includegraphics[height=0.8\textheight]{dist-P_i.png}
+    \end{center}
+  \end{itemize}
+\end{frame}
+
+\begin{frame}
+  \begin{center}
+    \includegraphics[height=0.8\textheight]{dist-P(x_i).png}
+  \end{center}
+\end{frame}
+
+\begin{frame}[allowframebreaks]
+  \begin{itemize}
+  \item Voter $i$ now has:
+    \begin{itemize}
+    \item $P_1(x_i)$
+    \item $P_2(x_i)$
+    \item $\vdots$
+    \item $P_k(x_i)$
+    \end{itemize}
+  \end{itemize}
+
+  \framebreak
+
+  Let's sum those values!
+  \begin{align*}
+    S_i(x_i) = &P_1(x_i) + P_2(x_i) + \dots + P_k(x_i) \\
+    = &\left( c_1 + a_{(1,1)} x_i + a_{(1,2)} x_i^2 + \dots + a_{(1,k-1)} x_i^{k-1} \right) + \\
+               &\left( c_2 + a_{(2,1)} x_i + a_{(2,2)} x_i^2 + \dots + a_{(2,k-1)} x_i^{k-1} \right) + \\
+               &\cdots \\
+               &\left( c_k + a_{(k,1)} x_i + a_{(k,2)} x_i^2 + \dots + a_{(k,k-1)} x_i^{k-1} \right) \\
+    = &\sum_{j=1}^k c_j + x_i \sum_{j=1}^k a_{(j,1)} + x_i^2 \sum_{j=1}^k a_{(j,2)} + \dots + x_i^{k-1} \sum_{j=1}^k a_{(k,2)}
+  \end{align*}
+\end{frame}
+
+\begin{frame}
+  Let's have every voter share their sum with everyone else.
+  \begin{center}
+    \includegraphics[height=0.8\textheight]{dist-S_i.png}
+  \end{center}
+\end{frame}
+
+\begin{frame}
+  Everyone now has $S_1$, $S_2$, $\dots$, $S_k$
+\end{frame}
+
+\begin{frame}{A High-Level Overview of the Protocol}
+\end{frame}
+
+\end{document}<
\ No newline at end of file