Masterarbeit MSTR-2020-21

Bibliograph.
Daten
Truger, Felix: Secure distributed paillier key generation with application to the Ordinos e-voting system.
Universität Stuttgart, Fakultät Informatik, Elektrotechnik und Informationstechnik, Masterarbeit Nr. 21 (2020).
83 Seiten, englisch.
Kurzfassung

Ordinos is a novel verifiable tally-hiding e-voting system. At its heart, a homomorphic encryption scheme and secure multi-party computation (MPC) are used to tally votes and securely determine the voting result, without necessarily revealing the full tally (e.g., the number of votes per candidate)The proof of concept implementation of Ordinos is based on a threshold variant of the Paillier encryption scheme and two MPC protocols for the comparison of encrypted numbers (greater-than and equality). Due to the threshold construction, the decryption key is shared among a set of trustees. The MPC protocols for comparison require precomputed encrypted randomness of certain shape. Formerly, a trusted party was employed to generate the key shares and randomness and distribute them to the trustees. In this thesis, the trusted party was replaced by MPC protocols that allow to generate the key shares and randomness among the trustees. The protocols provide security against malicious parties in the honest-majority setting. The key generation follows a proposal by Nishide and Sakurai (2010) that is based on verifiable secret sharings and zero-knowledge proofs for committed values. We introduce a few adaptations to reduce its runtime using mostly standard techniques. The generation of randomness is based on the Paillier encryption scheme as an arithmetic black box and standard zero-knowledge proofs for Paillier encrypted values. The protocols were implemented and their performance was evaluated in a local network. Most notablythe implemented key generation protocol for threshold Paillier showed an expected average runtime around 95 minutes for generating 2048-bit keys among 3 trustees with a threshold of 2. Since existing implementations provide security only in the semi-honest setting, this is the first time that an approach with security against malicious parties was implemented and evaluated. Overall, the distributed generation of both key shares and randomness takes considerably more time compared to the use of a trusted party, but avoids security risks and trust problems that occur with trusted parties.

Volltext und
andere Links
Volltext
Abteilung(en)Universität Stuttgart, Institut für Informationssicherheit und Kryptographie (ISC)
BetreuerKüsters, Prof. Ralf; Liedtke, Julian
Eingabedatum16. Dezember 2020
   Publ. Informatik