From 8ae7076fff07d392989e6f7368ba23dcbb2cb5b0 Mon Sep 17 00:00:00 2001 From: David Florness Date: Sun, 9 Feb 2020 16:32:21 -0700 Subject: [PATCH] OreSec talk: start writing slides --- doc/oresec-talk/.gitignore | 8 ++ doc/oresec-talk/tallyard.tex | 232 +++++++++++++++++++++++++++++++++++ 2 files changed, 240 insertions(+) create mode 100644 doc/oresec-talk/.gitignore create mode 100644 doc/oresec-talk/tallyard.tex diff --git a/doc/oresec-talk/.gitignore b/doc/oresec-talk/.gitignore new file mode 100644 index 0000000..0534d4d --- /dev/null +++ b/doc/oresec-talk/.gitignore @@ -0,0 +1,8 @@ +*.aux +*.log +*.nav +*.out +*.pdf +*.snm +*.toc +*.vrb \ No newline at end of file diff --git a/doc/oresec-talk/tallyard.tex b/doc/oresec-talk/tallyard.tex new file mode 100644 index 0000000..f614f8b --- /dev/null +++ b/doc/oresec-talk/tallyard.tex @@ -0,0 +1,232 @@ +\documentclass{beamer} +\usepackage{nth} +\usepackage{minted} +\usepackage{csquotes} +\usepackage{hyperref} +\usepackage{amsmath} +\usepackage{amssymb} + + +\title{Securing Election with Homomorphic Cryptography} +\author{David Florness} +\date{February \nth{10}, 2020} + + +\usetheme{Dresden} +% \usecolortheme{seahorse} + + +\begin{document} +\begin{frame} + \titlepage +\end{frame} + +\begin{frame}{Voting} + \begin{itemize} + \item is important + \item not electronic; why? + \begin{itemize} + \item at the moment, too risky + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame}[allowframebreaks]{The Traditional Approach in the Electronic World} + + \begin{enumerate} + \item voters register with a server + \item once authenticated, voters send their ballots to the server + \item the server counts the votes + \item the aggregate result is published + \end{enumerate} + + \framebreak + + \begin{center} + \includegraphics[height=0.8\textheight]{traditional-no-arrows.png} + \end{center} + + \framebreak + + \begin{center} + \includegraphics[height=0.8\textheight]{traditional.png} + \end{center} + + \framebreak + + \begin{itemize} + \item Pros + \begin{enumerate} + \item easy and simple + \item reliable + \item allows registration + \end{enumerate} + \item Cons + \begin{enumerate} + \item faith in a single authority + \item unverifiable + \item vulnerable to denial-of-service attacks + \end{enumerate} + \end{itemize} +\end{frame} + +\begin{frame} + \begin{itemize} + \item We want a system that \pause + \begin{itemize} + \item requires registration / authentication, allowing us to limit who can + to vote \pause + \begin{itemize} + \item may want to limit voters members of a club, citizens of the + jurisdiction, etc. + \end{itemize} \pause + \item gives accurate aggregate results \pause + \item protects voter privacy + \begin{itemize} + \item no individual voters' vote should be knowable by anyone except said + voter + \end{itemize} + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame}[allowframebreaks]{A New Approach} + \begin{itemize} + \item instead of a client-server approach, we have a peer-to-peer network + (p2p) where voters connect directly to each other + \end{itemize} + + \framebreak + + \begin{center} + \includegraphics[height=0.8\textheight]{p2p.png} + \end{center} +\end{frame} + +\begin{frame} + \begin{itemize} + \item voters use standard means to identify and authenicate themselves (thinks + passwords, kerberos, LDAP, SSH/GPG finderprints, multipass, etc.) + \end{itemize} +\end{frame} + +\begin{frame} + \begin{itemize} + \item \textbf{Question}: how and to whom do we submit ballots? \pause + \item \textbf{Answer}: we ``share'' our secret ballot with everyone! + \end{itemize} +\end{frame} + +\begin{frame}{Introducing secret sharing} + \begin{itemize} + \item + \begin{quote} + \textbf{Secret sharing} (also called secret splitting) refers to methods + for distributing a secret amongst a group of participants, each of whom is + allocated a share of the secret. The secret can be reconstructed only when + a sufficient number, of possibly different types, of shares are combined + together; individual shares are of no use on their + own.~\footnote{\url{https://en.wikipedia.org/wiki/Secret\_sharing}} + \end{quote} + \end{itemize} +\end{frame} + +\begin{frame}{Preliminaries} + \begin{itemize} + \item First, let's have every voter generate and share a random natural number + that will serve as said voter's public key. Let $x_i$ denote this random + number for voter $i$. \pause + \begin{center} + \includegraphics[height=0.6\textheight]{dist-x_i.png} + \end{center} + \end{itemize} +\end{frame} + +\begin{frame}{Polynomials} + \begin{itemize} + \item We're now going to leverage plain old polynomials to conduct secret + sharing. \pause + \item Let's have every voter, say voter $i$, create a secret polynomial $P_i$ + of degree $k-1$ where $k$ is the total number of voters: + \begin{equation*} + P_i(x) = c_i + a_{(i,1)} x + a_{(i,2)} x^2 + \dots + a_{(i,k-1)} x^{k-1} + \end{equation*} + \item \pause Every $a_{(i,j)}$ is a random natural number. \pause + \item $c_i$ is the numerically-encoded contents of voter $i$'s ballot. Every + $c_i$ must be encoded in such a way that summing every $\{c_j\}_{j\in[1,k]}$ + results in the desired election result. For example, in a simple ``yes/no'' + election, 1 could represent ``yes'' and -1 could represent ``no''. + \end{itemize} +\end{frame} + +\begin{frame}{Polynomials as sharable secrets} + \begin{itemize} + \item \pause To know everything about a line (degree 1 polynomial), we only + need two points on the it. \pause + \item To know everything about a parabola curve (degree 2 polynomial), we only + need three points on the curve. \pause + \item $\dots$ \pause + \item As you'd expect, this pattern continues: to know everything about a + $k$-degree polynomial, we need only $k+1$ points. \pause + \item Thus, knowing everything about our $k-1$ degree polynomial $P_i$ is + equivalent to knowing $k$ points on it. \pause + \item So, we're going to distribute our secret by giving everyone just one + point. + \end{itemize} +\end{frame} + +\begin{frame} + \begin{itemize} + \item Every voter sends every other voter the result of evulating their + polynomial at the given voter's public input: + \begin{center} + \includegraphics[height=0.8\textheight]{dist-P_i.png} + \end{center} + \end{itemize} +\end{frame} + +\begin{frame} + \begin{center} + \includegraphics[height=0.8\textheight]{dist-P(x_i).png} + \end{center} +\end{frame} + +\begin{frame}[allowframebreaks] + \begin{itemize} + \item Voter $i$ now has: + \begin{itemize} + \item $P_1(x_i)$ + \item $P_2(x_i)$ + \item $\vdots$ + \item $P_k(x_i)$ + \end{itemize} + \end{itemize} + + \framebreak + + Let's sum those values! + \begin{align*} + S_i(x_i) = &P_1(x_i) + P_2(x_i) + \dots + P_k(x_i) \\ + = &\left( c_1 + a_{(1,1)} x_i + a_{(1,2)} x_i^2 + \dots + a_{(1,k-1)} x_i^{k-1} \right) + \\ + &\left( c_2 + a_{(2,1)} x_i + a_{(2,2)} x_i^2 + \dots + a_{(2,k-1)} x_i^{k-1} \right) + \\ + &\cdots \\ + &\left( c_k + a_{(k,1)} x_i + a_{(k,2)} x_i^2 + \dots + a_{(k,k-1)} x_i^{k-1} \right) \\ + = &\sum_{j=1}^k c_j + x_i \sum_{j=1}^k a_{(j,1)} + x_i^2 \sum_{j=1}^k a_{(j,2)} + \dots + x_i^{k-1} \sum_{j=1}^k a_{(k,2)} + \end{align*} +\end{frame} + +\begin{frame} + Let's have every voter share their sum with everyone else. + \begin{center} + \includegraphics[height=0.8\textheight]{dist-S_i.png} + \end{center} +\end{frame} + +\begin{frame} + Everyone now has $S_1$, $S_2$, $\dots$, $S_k$ +\end{frame} + +\begin{frame}{A High-Level Overview of the Protocol} +\end{frame} + +\end{document} \ No newline at end of file -- 2.38.4