Method of counteraction of attackes of mediator in transparent system the internet voting

Authors

  • Володимир Михайлович Чуприн National Aviation University
  • Володимир Михайлович Вишняков Kyiv National University of Construction and Architecture
  • Олег Олександрович Комарницький Kyiv City State Administration

DOI:

https://doi.org/10.18372/2410-7840.20.13079

Keywords:

attack of mediator, transparent system, internet-voting, defence of information, counteraction to mediator attacks

Abstract

An attack of mediator, that is named by MITM (Man In The Middle), is one of threats for the systems of Internet-voting (ІГ). Realization of such attack can result both in opening of secret of voices and to the substitution of re-sults of will. Feature of realization of attack of mediator - to show the picture of normally functioning server of the system of ІГ to the supervisory persons, and queries of electors unnoticed for inspectors to intercept and process the veiled server in that possibilities are stopped up for the imitation of results of will and opening of secret of voices of electors. The existent methods of fight from MITM do not provide possibility to every elector personally to ascer-tain, that he intermingles with a regular server, but not with the imitation of malefactors. The method of counteraction to the attacks of mediator is considered for the transparent systems of ІГ, in that all without an exception software is open for verifications and there is possibility real-time to control absence of modification of regular software, and also check up exactness and timeliness of implementation of regular actions a personnel from the side of unlimited amount of activists. With the purpose of counteraction to the attack of mediator it offers on the server of ІГ to con-duct the open magazine of account of all queries of electors on service during realization of acts of will. In this maga-zine at the beginning of every session of connection of elector with a server to bring a line with data about time of appeal and random number that is generated on a server and leaves to the elector for an acquaintance. An elector by comparison of data about the moment of time of the ap-peal in a magazine and value of random number can make sure of that he really intermingles with this server. Possibil-ity is thus given to every elector independently to find out the attacks of mediator.

Author Biographies

Володимир Михайлович Чуприн, National Aviation University

PhD in engineering, professor, Department of Telecommunication Systems, National Aviation University

Володимир Михайлович Вишняков, Kyiv National University of Construction and Architecture

PhD in engineering, associate professor, Department of Cyber Security and Computer Engineering, Kyiv National University of Construction and Architecture

Олег Олександрович Комарницький, Kyiv City State Administration

Chief Specialist, Department of In-formation and Communication Technologies of Kyiv City State Administration

References

В. Вишняков, М. Пригара, О. Воронін, "Відкрита система таємного голосування", Управління розвитком складних систем, Вип. 20, С. 110-115, 2014.

В. Чуприн, В. Вишняков, М. Пригара, "Генерування випадкових чисел штатними засобами гостів мережі Інтернет", Захист інформації, Т. 18, №4, С. 323-335, 2016.

В. Чуприн, В. Вишняков, М. Пригара, "Захист операційного середовища систем Інтернет голосування", Захист інформації, Т. 19, №1, С. 56-66, 2017.

В. Чуприн, В. Вишняков, М. Пригара, "Метод про-тидії незаконному впливу на виборців у системі Ін-тернет голосування", Безпека інформації, Т. 19, №1, С. 7-14, 2017.

Lessons from the EVOTE 2014 Internation Conferens. [Electronic resource]. Online: http://eС/search?up-dated-min=2014-01-01T00:00:00-08:00&updated-max =2015-01-01T00:00:00-08:00& max-results=50.

C. Acemyan, P. Kortum, M. Byrne, D. Wallach, "Usability of Voter Verifiable, End-to-end Voting Systems: Baseline Data for Helios, Prêt à Voter, and Scantegrity II USENIX", Journal of Election Technology and Systems (JETS), vol. 2, no. 3, pp. 26-56, 2014.

О. Савчук, Системи електронних виборів процедури голосу-вання та матеріально-технічні засоби. Міжнародний досвід. [Електронний ресурс]. Режим доступу: http:// euinfocenter.rada.gov.ua/uploads/documents/28966.pdf.

D. Springall, T. Finkenauer, Z. Durumeric, "Security Analysis of the Estonian Internet Voting System", Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS '14), pp. 703-715, 2014.

Lombardi E. Electronic Vote & Democracy. [Electronic resource]. Online: http://www.electronic-vote.org.

Постанова Центральної виборчої комісії від 25 ве-ресня 2015 року № 370 «Про роз’яснення щодо складання та уточнення списків виборців для підготовки і проведення голосування з місцевих виборів».

Published

2018-09-28

Issue

Section

Articles