2011 MRes projects
- The development of a backscatter X-ray system for cargo & vehicle screening
- Self-organisational behaviour patterns in crowds within the context of crime at bus stops
- Obstructions and Requirements for Coercion Resistance
- Using Semiconducting Metal Oxide Gas Sensors to Detect Explosives - A Feasibility Study
- Speed Up Effects in Security Procedure on Delhi Metro Rail : Implications for Queuing Theory and Rail Security
- 'Have Gun - Will Travel’: The Movement and Re-use of Firearms in England and Wales
- Time-of-Flight X-Ray Compton Scatter Imaging for Cargo Security: A Preliminary Study
- Is High Performance Liquid Chromatography Analysis a Useful Addition to Current Geo-Forensic Analytical Techniques?
- A Comparison of the Spread of Extreme Protest Behaviours Through Two Activist Networks
- On the Feasibility of Using Probably Approximately Correct Search Over BitTorrent Tracking Information
Obstructions and Requirements for Coercion Resistance
22 March 2013
It is self evident that a fair election must output a correct result, based on the ballots cast. However, it is unreasonable to expect a high quality (i.e. non-garbage) output from a system that receives poor input. In the context of elections, one can argue that “garbage” input are votes that do not represent the will of the voters. Votes that are coerced via threats or bribes. As internet voting takes place in an uncontrolled environment, coercion is an important security concern. In order to defend against coercion, a voting system must give voters the chance to seemingly comply with coercion requests while in reality they are able to ignore them. This work aims to improve the framework used for coercion resistance of internet voting systems, by identifying and analysing the methods that can be used to achieve it. This is accomplished in two ways. Firstly, by summarising existing theoretical limitations regarding the design of such systems and generalising a result regarding the requirements for achieving coercion resistance to fit a wider range of voting system designs. Secondly, by evaluating and comparing deployed and academic internet voting systems. In the context of this evaluation, this work includes a two-step attack as a weaker but more practical variant of the impersonation (simulation) attack, often used in defining coercion resistance. Such an attack is relevant when the authentication system used for voting is also used for other services as in Estonia and Norway. In that case, the potential cost of identity theft may be greater than the cost of non-compliance. The consequences as well as potential countermeasures to the attack are also examined.