Trust and Trustworthiness of Voting Systems (DLS in Cybersecurity)

18.07.2019, 16:15 – 17:15

18.07.2019 16:15-17:15

Speaker: Peter Y. A. Ryan, University of Luxembourg, Luxembourg | Location: Hochschulstraße 10 (S2|02), Piloty Building, Room C110, Darmstadt

Organizer: CROSSING / GRK Privacy & Trust / CRISP

Democracy is a defining feature of civilised societies, but it is delicate and vulnerable. In recent years, we have seen the threats to democratic processes brought into sharp relief, and, arguably, we have witnessed some spectacular failures of democracy. The increasing digitisation of democracy brings with it the potential to enrich it but also a raft of novel and poorly understood attack vectors. These threats can undermine the conduct of elections, the surrounding systems of voter registration, electoral rolls, voter authentication, and the conduct of campaigns, fake news etc.

In this talk I will discuss attempts by the information security and crypto communities to address at least the technological core problems: making elections secure. It is essential that an election deliver not only the correct outcome, but also sufficient evidence to demonstrate to all, especially the losers, that it is correct. And of course, all this must be achieved without undermining ballot privacy or coercion resistance. In particular, I will outline a new voter-verification mechanism, Selene, that provides intuitive, transparent voter verification and coercion mitigation. I will also present an in-person instantiation of Selene, called Electyo, that provides additional assurance via risk limiting audits. Our hope is that this will provide not only a trustworthy system but also one that will inspire the trust of all stakeholders.

Short bio
Peter Ryan is full Professor of Applied Security at the University of Luxembourg since Feb 2009. Since joining the University of Luxembourg he has grown the APSIA (Applied Security and Information Assurance) group that is now more than 25 strong. He has around 25 years of experience in cryptography, information assurance and formal verification. He pioneered the application of process calculi to modelling and analysis of secure systems, firstly the characterization of non-interference and later to the analysis of crypto protocols. While at the Defense Research Agency, he initiated and led the “Modelling and Analysis of Security Protocols” project that pioneered the application of process algebra (CSP) and model-checking tools (FDR) to the analysis of security protocols.

He has published extensively on cryptography, cryptographic protocols, security policies, mathematical models of computer security and, most recently, voter-verifiable election systems. He is the (co-)creator of several innovative, verifiable voting schemes: Prêt à Voter, Pretty Good Democracy, vVote system (based on Prêt à Voter that was used successfully in Victoria State in November 2015), Caveat Coercitor, Selene and Electryo. With Feng Hao, he also developed the OpenVote boardroom voting scheme and the J-PAKE password based authenticated key establishment protocol. He also works on Quantum information assurance and the socio-technical aspects of security and trust. Prior to taking up the Chair in Luxembourg, he held a Chair in Computing Science at the University of Newcastle. Before that he worked at the Government Communications HQ (GCHQ), CESG, the Defence Research Agency (DRA) Malvern, the Stanford Research Institute (SRI), Cambridge UK and the Software Engineering Institute, CMU Pittsburgh.

He was awarded a PhD in mathematical physics from the University of London in 1982. Peter Ryan sits on or has sat on the program committees of numerous, prestigious security conferences, notably: IEEE Security and Privacy, IEEE Computer Security Foundations Workshop/Symposium (CSF), the European Symposium on Research in Computer Security (ESORICS), Workshop on Issues in Security (WITS). He has (co-)chaired various editions of WITS and ESORICS, Frontiers of Electronic Elections, Workshop on Trustworthy Elections (WOTE) 2007, Evote-Id. He is General Chair of ESORICS 2019, which will be hosted in Luxembourg. In 2016 he founded the Verifiable Voting series of workshops associated with Financial Crypto. From 1999 to 2007 he was the President of the ESORICS Steering Committee. In 2013 he was awarded the ESORICS Outstanding Service Award.

He is a Visiting Professor at Surrey University and the ENS Paris.

Distinguished Lectures Series in Cybersecurity
Mit der Distinguished Lecture Series in Cybersecurity kommen jedes Semester herausragende Experten aus Wissenschaft und Wirtschaft nach Darmstadt, um die vielfältigen Chancen und He­raus­for­de­rung­en im Bereich der IT-Sicherheit zu diskutieren.

Die Redner stellen in den Vorlesungen richtungsweisende Forschungsergebnisse verschiedener Disziplinen vor, fassen komplexe Themenbereiche zusammen und zeigen den momentanen Kenntnisstand ihres Forschungs- oder Arbeitsgebietes auf.

Die Vorträge sind öffentlich. Interessierte Besucher sind herzlich willkommen. Nach der Vorlesung gibt es Möglichkeit zum Austausch bei einem kleinen Buffet vor Ort.

Vergangene Distinguished Lectures in Cybersecurity in Bildern.