A Cost-Effective Approach to Key Management in Online Voting Scenarios
Name
Sergio Andrés Figueroa Santos
Abstract
The problem of key management is an information security issue at the core of any cryptographic protocol where identity is involved (e.g. encryption, digital signature). In particular for the case of online voting, it is critical to ensure that no single actor (or small group of colluding actors) can impact the result of the election nor break the secrecy of the ballot.
The concept of threshold encryption is present at the core of many Multi-Party Computation (MPC) protocols, even more so in the scenario of online voting protocols. On the other hand, the generic key management problem has led to the design of certifiably secure hardware for cryptographic purposes. There are three families of these kind of designed-for-security devices: Hardware Security Modules (HSMs), Trusted Platform Modules (TPMs) and smart cards.
Since smart cards both offer reasonable prices and expose an API for development, this document evaluates different approaches to implement threshold encryption over smart cards to support an electoral process.
The concept of threshold encryption is present at the core of many Multi-Party Computation (MPC) protocols, even more so in the scenario of online voting protocols. On the other hand, the generic key management problem has led to the design of certifiably secure hardware for cryptographic purposes. There are three families of these kind of designed-for-security devices: Hardware Security Modules (HSMs), Trusted Platform Modules (TPMs) and smart cards.
Since smart cards both offer reasonable prices and expose an API for development, this document evaluates different approaches to implement threshold encryption over smart cards to support an electoral process.
Graduation Thesis language
English
Graduation Thesis type
Master - Computer Science
Supervisor(s)
Sven Heiberg; Helger Lipmaa; Tuomas Aura
Defence year
2016