Filip Zagórski

Remotegrity: design and use of an end-to-end verifiable remote voting system

We propose and implement a cryptographically end-to-end verifiable (E2E) remote voting system for absentee voters and report on its deployment in a binding municipal election in Takoma Park, Maryland. Remotegrity is a hybrid mail/internet extension to the Scantegrity in-person voting system, enabling secure, electronic return of vote-by-mail ballots. It provides voters with the ability to detect unauthorized modifications to their cast ballots made by either malicious client software, or a corrupt election authority--two threats not previously studied in combination. Not only can the voter detect such changes, they can prove it to a third party without giving up ballot secrecy.

Kleptographic attacks on e-voting schemes

We analyze electronic voting schemes and show that in many cases it is quite easy to implement a kleptographic channel, which is a profound danger for electronic voting systems. We show serious problems with Neffs scheme. We present also attacks on Chaums visual voting scheme and some related schemes, which work at least when implementation is not careful enough.

Scratch, click & vote: e2e voting over the internet

We present Scratch, Click & Vote remote voting scheme. The scheme is end-to-end verifiable and allows for voting over the Internet. It guarantees security against malicious hardware and software used by a voter; a voters computer does not get any knowledge about the voters choice. Moreover, it can blindly change the voters ballot with a small probability only.

Anonymous communication with on-line and off-line onion encoding

Anonymous communication with onions requires that a user application determines the whole routing path of an onion. This scenario has certain disadvantages, it might be dangerous in some situations, and it does not fit well to the current layered architecture of dynamic communication networks. We show that applying encoding based on universal re-encryption can solve many of these problems by providing much flexibility – the onions can be created on-the-fly or in advance by different parties.

Verifiable internet voting solving secure platform problem

We present a voter verifiable Internet voting scheme which provides anonymity and eliminates the danger of vote selling even if the computer used by the voter cannot be fully trusted. The ballots cast remain anonymous - even the machine does not know the choice of the voter. It makes no sense to buy votes - the voter can cheat the buyer even if his machine cooperates with the buyer. Nevertheless, the voter can verity that his vote has been counted.

A practical voting scheme with receipts

David Chaum introduced Visual Voting scheme in which a voter obtains a paper receipt from a voting machine. This receipt can be used to verify that his vote was counted in the final tally, but cannot be used for vote selling. The Chaums system requires sophisticated printers and application of randomized partial checking (RPC) method. We propose a complete design of a voting system that preserves advantages of the Chaums scheme, but eliminates the use of special printers and RPC.

Machiavelli Confronts 21st Century Digital Technology: Democracy in a Network Society

Computer science and informatics have great potential to improve citizen engagement with public officials, voting, access to public information and other democratic processes. Yet progress towards achieving these aims on a wide scale remains slow. A main reason for this lack of progress is that digital technologies create the potential to alter significantly the relative influence of different groups and actors in the political process, and thereby quickly become embroiled in a political debate that crosses and complicates technical discussions. These political conflicts and uncertainties have been made more transparent in applications of the Internet and related Information and Communication Technologies (ICTs) to support democratic processes. The challenges created by these techno-political tensions, and how to address them, were the overall cross-cutting themes that emerged from the interdisciplinary Dagstuhl Seminar on Democracy in a Network Society, on which this paper is based. The seminar involved a multidisciplinary group of computer and social scientists, legal scholars, practitioners and policy experts who aimed to chart the latest technical approaches to e-democracy and governance. Their intention was not to tell politicians how to maintain and enhance their power with the support of new technologies, in the manner of Niccolo di Bernardo dei Machiavelli’s 16th Century adviser to the prince. Instead, participants explored how new technologies could enhance or constrain the power of politicians and the general public, depending on how the technologies and the systems based on them are designed and implemented.

Stealing secrets with SSL/TLS and SSH – kleptographic attacks

We present very simple kleptographic attacks on SSL/TLS and SSH protocols. They enable a party, which has slightly manipulated the code of a cryptographic library, to steal secrets of the user. According to the scenario of the kleptographic attacks the secrets can be stolen only by a party having a secret key not included in the manipulated code. The attacker needs only to record transmissions. The messages transmitted are indistinguishable from the not manipulated ones (even for somebody that knows the kleptocode inserted). Therefore, detection of infected nodes based on communication analysis is much harder than in the case of classical subliminal channels. The problems are caused by certain design features of SSL/TLS and SSH protocols that make them vulnerable for a kleptographic attack. We propose changes of these protocols that make them immune against this threat while all previous security features remain preserved.

Attacks on CKK Family of RFID Authentication Protocols

At Pervasive 2008, Cichon, Klonowski, Kutylowski proposed a family of shared-key authentication protocols (

Paperless independently-verifiable voting

\mathcal CKK