Threshold%20Paillier%20Encryption%20Web%20Service - PowerPoint PPT Presentation

About This Presentation
Title:

Threshold%20Paillier%20Encryption%20Web%20Service

Description:

Encrypted with supplied RSA keys so only designated participant can recover the key share ... http://msdn.microsoft.com/msdnmag/issues/05/12/NETMatters/default.aspx ... – PowerPoint PPT presentation

Number of Views:270
Avg rating:3.0/5.0
Slides: 17
Provided by: bret93
Learn more at: http://cs.uccs.edu
Category:

less

Transcript and Presenter's Notes

Title: Threshold%20Paillier%20Encryption%20Web%20Service


1
Threshold Paillier Encryption Web Service
  • A Masters Project Proposal
  • by
  • Brett Wilson

2
Motivation
  • Secure Electronic Voting Research
  • Interest in improving current voting process is
    high
  • 2000 Presidential election snafu
  • Improved access/availability (voter turnout)
  • Cryptographic research has led to new solutions
    to problems with electronic voting
  • Basic requirements for electronic voting
  • Privacy All votes should be kept secret
  • Completeness All valid votes should be counted
    correctly
  • Soundness Any invalid vote should not be
    counted
  • Unreusability No voter can vote twice
  • Eligibility Only authorized voters can cast a
    vote
  • Fairness Nothing can affect the voting
  • Extended Requirements for electronic voting
  • Robustness faulty behavior of any reasonably
    sized coalition of participants can be tolerated
  • Universal Verifiability any party can verify
    the result of the voting
  • Recipt-freeness Voters are unable to prove the
    content of his/her vote
  • Incoercibility Voter cannot be coerced into
    casting a particular vote by a coercer

3
Motivation
  • Many of the proposed electronic voting protocols
    utilize threshold homomorhpic encryption schemes
    as part of the protocol
  • Protects voter privacy
  • Individual vote can not be decrypted without
    cooperation of t of l authorities
  • Efficient, universally verifiable vote tallying
  • Only sum of votes is decrypted
  • Individuals can compute encrypted sum, verify
    proof of correct decryption of sum
  • Implementations of threshold homomorphic
    encryption algorithms are not freely available

4
Threshold Encryption
  • Public key encryption as usual
  • Distribute secret key shares among l
    participants
  • Decryption can only be accomplished if a
    threshold number t of the l participants
    cooperate
  • No information about m can be obtained with less
    than t participants cooperating
  • Proof of valid decryption is provided

5
Paillier Encryption
  • Trapdoor Discrete Logarithm Scheme
  • c gMrn mod n2
  • n is an RSA modulus
  • g is an integer of order na mod n2
  • r is a random number in Zn
  • M L(c?(n) mod n2)/L(g?(n) mod n2) mod n
  • L(u) (u-1)/n, ?(n)lcm((p-1)(q-1))
  • Important Properties
  • Homomorphic
  • E(M1 M2) E(M1) x E(M2), E(k x M) E(M)k
  • Self-blinding
  • Re-encryption with a different r doesnt change M

6
Threshold Paillier Encryption
  • Different public key and secret key generation
    algorithm
  • Distribute key shares using RSA public key
    encryption
  • Distribute secret key shares using Shamir Secret
    Sharing scheme
  • Web Service will be an implementation of scheme
    proposed in Sharing Decryption in the Context of
    Voting or Lotteries Fouque, Poupard, and Stern
    2000

7
Use of Threshold Paillier Encryption in Secure
Voting
  • Ballot format pick 1 out of c candidates
  • Let N be number of voters, k such that Nlt2k
  • Vote 2ck where c is the desired candidate
    number (0c)
  • All Paillier-encrypted votes could be publicly
    posted
  • Votes include proof of validity (v lies in a
    given set of valid votes)
  • At end of election, all invalid votes are
    removed, all encrypted votes are then multiplied
    together to get encrypted sum (publicly
    verifiable)
  • With cooperation of the required threshold number
    of authorities, the final product could be
    decrypted to reveal the vote total (sum of
    individual votes).
  • A threshold number of authorities would not agree
    to decrypt a single particular vote, and thus the
    individual votes would remain private
  • All computations are publicly verifiable given
    the validity proofs that prove the decryption was
    done correctly

8
Web Service Design Goals
  • Platform Independent
  • Use of web service
  • XML input/output
  • Extensible
  • Additional encryption algorithms could be added
  • Additional services could be offered
  • Threshold signatures
  • Verifiable Mix Net

9
Implementation Tools
  • Visual Studio 2005
  • VB.NET
  • Gnu Multiprecision Library (Gmp)
  • Open source arbitrary precision numeric library
  • Compiled under Visual Studio 2005
  • NGmp
  • Open source VB.NET binding of gmp.dll
  • Enables calling of gmp library functions through
    VB.NET
  • Compiled under Visual Studio 2005

10
Threshold Paillier EncryptionWeb Service
  • Key generation algorithm
  • Input
  • k size of key
  • l number of shares to generate
  • One RSA public key (of the designated
    participant) for each share
  • t threshold parameter
  • Output
  • Public Key PK
  • List SK1, , SKl of private key shares
  • Encrypted with supplied RSA keys so only
    designated participant can recover the key share
  • List of Verifier Keys VK, VK1, ,VKl
  • Used for proving validity of decryption

11
Threshold Paillier EncryptionWeb Service
  • Encryption Algorithm
  • Input
  • Public Key PK
  • Random string r
  • Cleartext M
  • Output
  • Ciphertext c

12
Threshold Paillier EncryptionWeb Service
  • Share Decryption Algorithm
  • Input
  • Ciphertext c
  • Private Key Share Ski
  • Encrypted with public key of webservice
  • Output
  • Decryption share ci
  • Validity proof pi

13
Threshold Paillier EncryptionWeb Service
  • Combining Algorithm
  • Input
  • Ciphertext c
  • List of decryption shares c1,,cl
  • List of verification keys VK, VK1VKl
  • List of validity proofs P1,Pl
  • Output
  • M

14
Project Deliverables
  • A working prototype of Paillier Threshold
    Encryption Web Service (PTEWS)
  • A simple demo of applying PTEWS in online voting
  • A master project report documenting the research
    findings and lessons learned

15
Tasks and Milestones
  • Week 1 Proposal Briefing/Approval
  • Week 2 WebService skeleton complete
  • WebMethod stubs created, classes for passing
    parameters and return results complete
  • Week 3 Encryption algorithms implemented
  • WebMethod stubs completely implemented with
    encryption and utility algorithms
  • Week 4 Testing Interface complete
  • Windows application for testing of Web Service
  • Simple test of voting application
  • Week 5 Final Report complete
  • Week 1 ends Oct 30, Week 5 ends Nov 27

16
References
  • Sharing Decryption in the Context of Voting or
    Lotteries P. Fouque, G. Poupard, and J. Stern,
    2000
  • Public Key Cryptosystems Based on Composite
    Degree Residuosity Classes P. Paillier, 1999
  • How to Share a Secret A. Shamir, 1979
  • Big Number Libraries
  • Gnu Multiprecision Library Opensource C
    language library
  • http//swox.com/gmp/
  • J BigInteger J library available from
    Microsoft
  • http//msdn.microsoft.com/msdnmag/issues/05/12/NET
    Matters/default.aspx
  • C BigInteger Opensource implementation of Java
    BigInteger
  • http//www.codeproject.com/csharp/biginteger.asp
  • NGmp .NET Mono Multiprecision Library (gmp
    binding to .NET)
  • http//sourceforge.net/projects/ngmp
  • Building Gmp with Visual Studio 2005
  • http//fp.gladman.plus.com/computing/gmp4win.htm
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Threshold%20Paillier%20Encryption%20Web%20Service" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!