Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Proba: privacy-preserving, robust and accessible blockchain-powered helios
Download
2024 Sermin Kocaman Thesis.pdf
Date
2024-1-26
Author
Kocaman, Sermin
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
116
views
56
downloads
Cite This
Helios is the first web-based and open-audit voting system. The open-audit feature allows anyone to track the voting process, thus providing easy verifiability in all stages of the elections. Despite many advantages, Helios has a few weaknesses due to its reliance on a centralized server, such as modifying data through unauthorized access or making the server inaccessible. A subsequent work called blockchain-powered Helios is proposed to overcome these weaknesses. This system replaced the centralized server with decentralized servers using the blockchain and a decentralized storage protocol. Although this novelty eliminates Helios' centralized weaknesses, it creates some new problems, thereby causing security weaknesses. These are the misbehavior in the wallet authorization procedure, the linkability in the wallet authorization procedure, and the high cost of transactions. In this thesis, an improved version of the blockchain-powered Helios system, named Proba, is presented. The system is redesigned to provide privacy, robustness, and accessibility in the election. Proba utilizes a novel threshold issuance-anonymous credentials that break the link between the voters and their wallets. Also, the threshold version mitigates the misbehavior of election authorities in wallet authorization. Additionally, Proba leverages a consortium blockchain that provides cost-effective election solutions. In terms of security, the system's formal security concerning specific election requirements is demonstrated through game-based reduction proofs. The performance analysis of Proba shows that the usage of threshold-issuance anonymous credentials does not have a critical cost for the election phase; on the contrary, it mitigates the smart contract storage cost. As an additional work on the design of Proba, this thesis proposes enhanced wallet key protection protocols for general blockchain-based I-voting systems. Within the blockchain, transactions must be signed using the wallet secret (signing) key. Thus, the voter's right to send transactions on the blockchain will depend on the security of this single key. In most of these systems, voters can register one wallet address, but in the case of a stolen key, voters are unable to send their votes as a transaction to the blockchain. Although offering voters the opportunity to register their new address is considered a solution in such cases, this creates an avenue for the attacker by forcing them to unregister their existing address. Hence, to prevent such circumstances, rather than permitting the enrollment of new addresses, it is necessary to use enhanced cryptographic measures that can be implemented to protect the existing wallet secret key. The logical precaution is to split the secret key into the different devices of the voter, but in this case, efficient threshold signing protocols must be developed. In this thesis, efficient threshold signing protocols are proposed, specifically focusing on a two-party elliptic curve digital signature algorithm (ECDSA), and a flexible hierarchical threshold signature scheme (FlexHi). In the former, voters split their wallet secret keys across two distinct devices, such as a laptop and a tablet, and then employ two keys to execute a signature on a transaction with our proposed two-party ECDSA protocol. This protocol provides the most optimal offline phase for a two-party ECDSA protocol with such an efficient online phase. In the latter, voters split their wallet secret keys among their various devices, granting different levels of permission to each. During the verification stage of most applications, the transmission of a code to the user's smartphone indicates that the smartphone is deemed a highly significant device, belonging only to the individual. Considering this, voters have the choice to divide their secret keys between their smartphones and other devices. In this scenario, the use of the smartphone, which holds the highest position in the hierarchy, is obligatory during the signing phase. However, secret keys shared with other devices can be used according to the specified threshold value in the system. Current hierarchical threshold schemes incorporate certain ordering criteria and constraints at each level of the hierarchy, which restrict their adaptability. Nevertheless, the proposed FlexHi scheme presents a novel architecture that liberates itself from these limitations and provides flexibility.
Subject Keywords
Helios
,
Internet Voting
,
Blockchain
,
Threshold-issuance Anonymous Credentials
,
Elliptic Curve Digital Signature Algorithm
,
Hierarchical Threshold Signature Scheme
URI
https://hdl.handle.net/11511/108493
Collections
Graduate School of Applied Mathematics, Thesis
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
S. Kocaman, “Proba: privacy-preserving, robust and accessible blockchain-powered helios,” Ph.D. - Doctoral Program, Middle East Technical University, 2024.
