Søg
Close this search box.
Kategorier
Bridge-projekt

Verified Voting Protocols and Blockchains

DIREC-projekt

Verified Voting protocols and blockchains

Resumé

Der er konstant interesse for internetafstemning fra valgkommissioner rundt om i verden. Samtidig er der behov for onlineafstemning i blockchain-styring. Dog er det ikke let at opbygge et internetafstemningssystem: Designet af nye kryptografiske protokoller er fejlbehæftet, og offentlig tillid til det valgte organ er let truet.

I samarbejde med en industriel partner har dette projekt til formål at forbedre sikkerheden og kvaliteten af internetafstemningssystemet og påvirke reguleringen af minimumskvalitetskrav for blockchains.

Projektperiode: 2023-2025
Budget: 7,5 millioner kr.

Our aim is to bring the security proofs about protocols much closer to their implementation.

Here are four considerations that explain the unmet needs of this project.

  1. Voting protocols, both in form of Blockchain Governance Protocols and Internet Voting Protocols have become increasingly popular and will be more widely deployed, as a result of an ongoing digitalization effort of democratic processes and also driven by the current pandemic.
  2. Elections are based on trust, which means that election systems ideally should be based on algorithms and data structures that are already trusted. Blockchains provide such a technology. They provide a trusted bulletin board, which can be used as part of voting.
  3. Voting crucially depends on establishing the identity of the voter to avoid fraud and to establish eligibility verifiability.
  4. Any implementation created by a programmer, be it a Blockchain Governance Protocol or an Internet Voting Protocol can have bugs that quickly erode public confidence.

This project aims to shed more light on the overall research question, how to design high assurance blockchain governance software, and can such protocols scale to Internet Voting Protocols.

(RO) To advance the state of the art of high assurance cryptographic software, especially for blockchain governance protocols and voting protocols.

(WP1) To achieve (RO), we start by working towards a high assurance implementation of a blockchain governance protocol (e.g. the one used by Concordium) and an existing blockchain voting protocol, such as the Open Vote Network, or Election Guard. If there is sufficient progress in the design of a software-independent protocol we will retarget our research to such a protocol. This will use existing software projects developed at AU: SSProve, ConCert and various libraries for high assurance cryptographic primitives. AU will take the lead for this WP.

(WP2) The Concordium blockchain provides a secure and private way to put credentials, such as passport information, on the internet. In this project we aim to integrate this with legacy ID infrastructure, such as MitID. We will investigate how to reuse such blockchain based identities for internet voting. We aim to address (4) above in this way. Concordium will take the lead for this WP.

(WP3) Implementation of the cryptographic protocol. Based on the results from (WP1), we propose to develop an open-source library that makes our high assurance blockchain voting technology available for use in third-party products. We envision to release a prototype similar to Election Guard (which is provided by Microsoft), but with a blockchain providing the ID infrastructure, as well as functioning as a public bulletin board. ALX will take the lead for this WP.

Scientific value
Internet voting provides a unique collection of challenges, such as, for example, vote privacy, software quality, receipt freeness, coercion resistance, and dispute resolution. Subsets of them can be solved separately, here we aim to guarantee vote privacy and software quality by the means of a privacy-preserving and accountable blockchain and formally verify substantial parts of the resulting voting protocol.

Capacity building
The proposed project pursues capacity building by training a PhD student. The Alexandra Institute will build capacity in rust, smart contracts and high assurance cryptographic software.

Business value
The project is highly interesting to and relevant for the industry. There are two reasons why it is interesting for Concordium. On the one hand, voting is an excellent application demonstrating the vision of the blockchain and, on the other hand, Concordium will as part of the project implement a voting scheme to be used for decentralized governance of the blockchain. More precisely, the Concordium blockchain is designed to support applications where users can act privately while maintaining accountability and meeting regulatory requirements.

Furthermore, it is an explicit goal of Concordium to support formally verified smart contracts. Obviously, all these goals fit nicely with the proposed project, and it will be important for Concordium to demonstrate that the blockchain actually supports the secure voting schemes developed in the project. With respect to governance, Concordium has a need to develop a strong voting scheme allowing members of our community to vote on proposed features and to elect members of the Governance Committee. The project is of great interest to the Alexandra Institute to apply and improve in-house capacity for implementing cryptographic algorithms. The involvement of Alexandra will guarantee that the theoretical findings of the proposed project will we translated into usable real world products.

Societal value
Internet voting was stalled for three years in Switzerland due to insecure protocols and implementations. We aim to develop technology to improve the security (audits) of such protocols and implementations. Around 5 billion dollars were lost since 2018 due to insecure blockchain implementations, often effecting retail investors. Our project aims to improve the state of the art of cryptographic software, and thus influence regulation on minimal quality requirements for blockchains, similar to existing Swiss regulation for e-voting.

Værdi

Projektet søger at implementere sikre blockchain-baserede afstemningsordninger, der understøtter decentral styring og overholdelse af lovgivning, samtidig med at kryptografisk software fremmes for at forbedre sikkerhedsforanstaltninger og påvirke regulatoriske standarder, og derved mindske risici og forbedre samfundets tillid til digital afstemning og blockchain-implementeringer.

Nyheder / omtale

Deltagere

Project Manager

Bas Spitters

Associate Professor

Aarhus University
Department of Computer Science

E: spitters@cs.au.dk

Gert Læssøe Mikkelsen

Head of Security Lab

The Alexandra Institute

Nibras Stiebar-Bang

Chief Technology Officer

Concordium ApS

Bernardo David

Associate Professor

IT University of Copenhagen

Diego Aranha

Associate Professor

Aarhus University
Department of Computer Science

Lasse Letager Hansen

PhD Student

Aarhus University
Department of Computer Science

Eske Hoy Nielsen

PhD Student

Aarhus University
Department of Computer Science

Partnere

Kategorier
Bridge-projekt

Trust through Software Independence and Program Verification

DIREC-projekt

Trust through software independence and program verification

Resumé

Der er konstant interesse for internetafstemning fra valgkommissioner rundt om i verden. Dette illustreres godt af Grønland – deres valglov blev ændret i 2020, og tillader nu brugen af internetafstemning. Det er dog ikke let at bygge et internetafstemningssystem: Designet af nye kryptografiske protokoller er udsat for fejl, og offentlighedens tillid til det valgte organ er let truet.

En softwareuafhængig afstemningsprotokol er en, hvor en uopdaget ændring eller fejl i software ikke kan forårsage en uopdagelig ændring eller fejl i et valgresultat. Programverifikationsteknikker er nået langt og lover at forbedre pålideligheden og cybersikkerheden af valgteknologier, men det er på ingen måde klart, om formelt verificerede softwareuafhængige afstemningssystemer også øger offentlighedens tillid til valg.

Dette projekt vil sammen med myndighederne i Grønland undersøge, hvilken effekt programverifikation har på offentlighedens tillid til valgteknologier. Projektet har til formål at bidrage til at gøre internetvalg mere troværdige, hvilket kan styrke udviklings- og post-konfliktdemokratier rundt om i verden.

Projektperiode: 2023-2026
Budget: 4,6 million kr

Here are four considerations that explain the unmet needs of this proposed project.

  1. Voting protocols have become increasingly popular and will be more widely deployed in the future as a result of an ongoing digitalization effort of democratic processes.
  2. Elections are based on trust, which means that election systems ideally should be based on algorithms and data structures that are trusted.
  3. Program verification techniques are believed to strengthen this trust.
  4. Greenland laws were recently changed to allow for Internet Voting.

The integrity of an election result is best captured through software-independence in the sense of Rivest and Wack’s definition “A voting system is software-independent if an undetected change or error in its software cannot cause an undetectable change or error in an election outcome.” Software independence is widely considered a precondition for trust. The assumption that program verification increases trust arises from the fact that those doing the verification are becoming convinced that the system implements its specification. However, the question is if these arguments also convince others not involved in the verification process that the verified system can be trusted, and if not, under which additional assumptions will they trust?

Thus, the topic of this project is to study the effects of program verification on public trust in the context of election technologies. Therefore, this project is structured into two parts. First, can we formally verify software dependence using modern program verification techniques and second, is software-independence sufficient to generate trust.

The research project aims to shed more light on the overall research question, if formal verification of software-independence can strengthen public confidence. Affirming this research question in the positive would lead to a novel understanding of what it means for voting protocols to be trustworthy, it would lead to an understanding how to increase public confidence in Internet Voting, which may be useful for countries that lack trust in the security of paper records.

(RO1) Explore the requirement of software-independence in the context of formal verification of existing Internet voting protocols.

(RO2) Study the public confidence in Greenland with respect to software-independence and formally verified Internet Voting protocols and systems.

Software Independence

In order to achieve (RO1), we will consider two theories of what constitutes software-independence. There is the game-theoretic view, which, similar to proof by reduction and simulation in cryptography, reduces software-independence of one protocol to another. The statistical view gives precise bounds on the likelihood of the election technology to produce an incorrect result. We plan to understand how to capture formally the requirement of software-independence by selecting existing or newly developed voting protocols and generate formally verified implementations. For all voting protocols that we design within this project, we will use proof assistants to derive mechanized proofs of software independence.

User Studies

To achieve (RO2), we will, together with the Domestic Affairs Division, Govern-ment of Greenland study the effects of formal verification of software independence on public confidence. The core hypothesis of these studies is that strategic communication of concepts, such as software inde-pendence, can be applied in such a way that it strengthens public confidence. We will invite Greenland voters to participate in pilot demonstrations and user studies and will evaluate answers qualitatively and quantitatively.

Scientific value
Internet voting provides a unique collection of challenges, such as election integrity, vote privacy, receipt-freeness, coercion resistance, and dispute resolution. Here we aim to focus on election integrity, and show that if we were to verify formally the property of software-independence of a voting system that would increase the public confidence of the voters in the accuracy of the election result.

Capacity building
The proposed project pursues two kinds of capacity building. First, by training the PhD student and university students affiliated with the project, making Denmark a leading place for secure Internet voting. Second, if successful, the results of the project will contribute to the Greenland voting project and to international capacity building in the sense that they will strengthen democratic institutions.

Societal value
Some nations are rethinking their respective electoral processes and the ways they hold elections. Since the start of the Covid-19 pandemic, approximately a third of all nations scheduled to hold a national election, have postponed them. It is therefore not surprising that countries are exploring Internet Voting as an additional voting channel. The result of this project would contribute to making Internet election more credible, and therefore strengthen developing and post-conflict democracies around the world.

Værdi

Projektet skaber værdi ved at øge troværdigheden af internetstemmesystemer, hvilket styrker udviklingslande og post-konflikt demokratier verden over, især i forhold til lande, der revurderer deres valgprocesser midt i udfordringer som Covid-19 pandemien.

Nyheder / omtale

Deltagere

Project Manager

Carsten Schürmann

Professor

IT University of Copenhagen
Department of Computer Science

E: carsten@itu.dk

Klaus Georg Hansen

Founder

KGH Productions

Markus Krabbe Larsen

PhD Student

IT University of Copenhagen
Department of Computer Science

Bas Spitters

Associate Professor

Aarhus University
Department of Computer Science

Oksana Kulyk

Associate Professor

IT University of Copenhagen

Philip Stark

Professor

University of California, Berkeley

Peter Ryan

Professor, Dr.

University of Luxembourg

Partners

Kategorier
SciTech-projekt

Privacy and Machine Learning

DIREC-projekt

Privacy and Machine Learning

Resumé

Der er et uopfyldt behov for decentraliseret privatlivsbevarende maskinlæring. Cloud computing har stort potentiale, men der mangler tillid til tjenesteudbyderne, og der er risiko for databrud. Meget data er private og gemt lokalt af gode grunde, men en kombination af informationen i et globalt maskinlæringssystem kunne føre til tjenester, der gavner alle. For eksempel kan man forestille sig et konsortium af banker, der ønsker at forbedre svindelopsporing ved at samle deres kunders betalingsdata og kombinere disse med data fra f.eks. Danmarks Statistik. Af konkurrencemæssige årsager vil bankerne dog holde deres kunders data hemmelige, og Danmarks Statistik har ikke tilladelse til at dele de nødvendige følsomme data. Et andet eksempel er patientoplysninger (f.eks. medicinske billeder), der er gemt på hospitaler. Det ville være fantastisk at bygge diagnostiske og prognostiske værktøjer ved hjælp af maskinlæring baseret på disse data, men dataene kan typisk ikke deles.

Projektperiode: 2020-2024
Budget: 4,7 millioner kr

The research aim of the project is the development of AI methods and tools that enable industry to develop new solutions for automated image-based quality assessment. End-to-end learning of features and representations for object classification by deep neural networks can lead to significant performance improvements. Several recent mechanisms have been developed for further improving performance and reducing the need for manual annotation work (labelling) including semi-supervised learning strategies and data augmentation.

Semi-supervised learning combines generative models that are trained without labels (unsupervised learning), application of pre-trained networks (transfer learning) with supervised learning on small sets of labelled data. Data augmentation employs both knowledge-based transformations, such as translations and rotations and more general learned transformations like parameterised “warps” to increase variability in the training data and increase robustness to natural variation.

Value Creation

Researching secure use of sensitive data will benefit society at large. CoED-based ML solves the fundamental problem of keeping private input data private while still enabling the use of the most applied analytical tools. The CoED privacy-preserving technology reduces the risk of data breaches. It allows for secure use of cloud computing, with no single point of failure, and removes the fundamental cloud security problem of missing trust in service providers.

The project will bring together leading experts in CoED and ML. It may serve as a starting point for attracting additional national and international funding, and it will build up competences highly relevant for Danish industry. The concepts developed in the project may change how organisations collaborate and allow for innovative ways of using data, which can increase the competitiveness of Danish companies relative to large international players.

Værdi

Forskning i CoED-baseret maskinlæring til sikker anvendelse af følsomme data vil forbedre databeskyttelsen, øge sikkerheden i cloud computing, fremme ekspert-samarbejde, tiltrække finansiering og styrke konkurrenceevnen for danske virksomheder.

Deltagere

Project Manager

Peter Scholl

Associate Professor

Aarhus University
Department of Computer Science

E: peter.scholl@cs.au.dk

Ivan Bjerre Damgaard

Professor

Aarhus University
Department of Computer Science

Christian Igel

Professor

University of Copenhagen
Department of Computer Science

Kurt Nielsen

Associate Professor

University of Copenhagen
Department of Food and Resource Economics

Hiraku Morita

Post Doc

University of Copenhagen
Department of Computer Science

Partnere