TU Darmstadt / ULB / TUbiblio

A Usable Android Application Implementing Distributed Cryptography For Election Authorities

Neumann, Stephan ; Kulyk, Oksana ; Volkamer, Melanie (2014)
A Usable Android Application Implementing Distributed Cryptography For Election Authorities.
Fribourg, Switzerland
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Although many electronic voting protocols have been proposed, their practical application faces various challenges. One of these challenges is, that these protocols require election authorities to perform complex tasks like generating keys in a distributed manner and decrypting votes in a distributed and verifiable manner. Although corresponding key generation and decryption protocols exist, they are not used in real-world elections for several reasons: The few existing implementations of these protocols and their corresponding interfaces are not designed for people with non technical background and thus not suitable for use by most election authorities. In addition, it is difficult to explain the security model of the protocols, but legal provisions generally require transparency. We implemented a smartphone application for election authorities featuring distributed key generation and verifiable distributed decryption of votes. In addition, we prepared education material throughout based on formulated metaphors for election authorities in order to explain the security of the application. We evaluated the usability of the application and understanding of the underlying security model, concluding that the application is usable for non-experts in computer science. While the participants were able to carry out the tasks, it became clear, that they did not have a clear understanding of the underlying security model, despite having viewed our educational material. We suggest improvements to this material as future work.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2014
Autor(en): Neumann, Stephan ; Kulyk, Oksana ; Volkamer, Melanie
Art des Eintrags: Bibliographie
Titel: A Usable Android Application Implementing Distributed Cryptography For Election Authorities
Sprache: Englisch
Publikationsjahr: September 2014
Verlag: IEEE
Buchtitel: 9th International Workshop on Frontiers in Availability, Reliability and Security - FARES 2014
Veranstaltungsort: Fribourg, Switzerland
Zugehörige Links:
Kurzbeschreibung (Abstract):

Although many electronic voting protocols have been proposed, their practical application faces various challenges. One of these challenges is, that these protocols require election authorities to perform complex tasks like generating keys in a distributed manner and decrypting votes in a distributed and verifiable manner. Although corresponding key generation and decryption protocols exist, they are not used in real-world elections for several reasons: The few existing implementations of these protocols and their corresponding interfaces are not designed for people with non technical background and thus not suitable for use by most election authorities. In addition, it is difficult to explain the security model of the protocols, but legal provisions generally require transparency. We implemented a smartphone application for election authorities featuring distributed key generation and verifiable distributed decryption of votes. In addition, we prepared education material throughout based on formulated metaphors for election authorities in order to explain the security of the application. We evaluated the usability of the application and understanding of the underlying security model, concluding that the application is usable for non-experts in computer science. While the participants were able to carry out the tasks, it became clear, that they did not have a clear understanding of the underlying security model, despite having viewed our educational material. We suggest improvements to this material as future work.

Freie Schlagworte: Security, Usability and Society;Secure Data
ID-Nummer: TUD-CS-2014-0116
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > SECUSO - Security, Usability and Society
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Hinterlegungsdatum: 28 Jul 2016 18:35
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen