Democracy is a defining feature of civilised societies, but it is delicate and vulnerable. In recent years, we have seen the threats to democratic processes brought into sharp relief, and, arguably, we have witnessed some spectacular failures of democracy. The increasing digitisation of democracy brings with it the potential to enrich it but also a raft of novel and poorly understood attack vectors. These threats can undermine the conduct of elections, the surrounding systems of voter registration, electoral rolls, voter authentication, and the conduct of campaigns, fake news etc.
In this talk I will discuss attempts by the information security and crypto communities to address at least the technological core problems: making elections secure. It is essential that an election deliver not only the correct outcome, but also sufficient evidence to demonstrate to all, especially the losers, that it is correct. And of course, all this must be achieved without undermining ballot privacy or coercion resistance. In particular, I will outline a new voter-verification mechanism, Selene, that provides intuitive, transparent voter verification and coercion mitigation. I will also present an in-person instantiation of Selene, called Electyo, that provides additional assurance via risk limiting audits. Our hope is that this will provide not only a trustworthy system but also one that will inspire the trust of all stakeholders.
Peter Ryan is full Professor of Applied Security at the University of Luxembourg since Feb 2009. Since joining the University of Luxembourg he has grown the APSIA (Applied Security and Information Assurance) group that is now more than 25 strong. He has around 25 years of experience in cryptography, information assurance and formal verification. He pioneered the application of process calculi to modelling and analysis of secure systems, firstly the characterization of non-interference and later to the analysis of crypto protocols. While at the Defense Research Agency, he initiated and led the “Modelling and Analysis of Security Protocols” project that pioneered the application of process algebra (CSP) and model-checking tools (FDR) to the analysis of security protocols.
He has published extensively on cryptography, cryptographic protocols, security policies, mathematical models of computer security and, most recently, voter-verifiable election systems. He is the (co-)creator of several innovative, verifiable voting schemes: Prêt à Voter, Pretty Good Democracy, vVote system (based on Prêt à Voter that was used successfully in Victoria State in November 2015), Caveat Coercitor, Selene and Electryo. With Feng Hao, he also developed the OpenVote boardroom voting scheme and the J-PAKE password based authenticated key establishment protocol. He also works on Quantum information assurance and the socio-technical aspects of security and trust. Prior to taking up the Chair in Luxembourg, he held a Chair in Computing Science at the University of Newcastle. Before that he worked at the Government Communications HQ (GCHQ), CESG, the Defence Research Agency (DRA) Malvern, the Stanford Research Institute (SRI), Cambridge UK and the Software Engineering Institute, CMU Pittsburgh.
He was awarded a PhD in mathematical physics from the University of London in 1982. Peter Ryan sits on or has sat on the program committees of numerous, prestigious security conferences, notably: IEEE Security and Privacy, IEEE Computer Security Foundations Workshop/Symposium (CSF), the European Symposium on Research in Computer Security (ESORICS), Workshop on Issues in Security (WITS). He has (co-)chaired various editions of WITS and ESORICS, Frontiers of Electronic Elections, Workshop on Trustworthy Elections (WOTE) 2007, Evote-Id. He is General Chair of ESORICS 2019, which will be hosted in Luxembourg. In 2016 he founded the Verifiable Voting series of workshops associated with Financial Crypto. From 1999 to 2007 he was the President of the ESORICS Steering Committee. In 2013 he was awarded the ESORICS Outstanding Service Award.
He is a Visiting Professor at Surrey University and the ENS Paris.
Distinguished Lectures Series in Cybersecurity
With the Distinguished Lectures Series in Cybersecurity, every semester, we invite outstanding experts from science and industry to Darmstadt to discuss the multifaceted prospects and challenges of IT Security. In the lectures, the speakers present the results of trendsetting research from a variety of disciplines, give overviews of complex topics or show the current state of knowledge in their field of research. The lectures are free and open for everybody without prior registration.
After the lecture there is the possibility to get together.