Proof of Work and Secure Element in Electronic Voting

A role of authority

An authority—electoral commission, governmental portal or similar. We may have no better option than trusting the authority to define voters. The authority can electronically sign a one-time-pass (unique but not personally identifiable token) and share it with the voter as an authorization (mandate) to vote. The authorization identifies the voter to the authority; it gets published in the list of voters. Anyone could verify electronic signature on such authorization and, thus, establish that the holder was authorized to vote without knowing who they are.

One way of signing is by hierarchical chain of trust implemented with certificates. For instance, biometric travel documents use two-level hierarchy; country level and issuer level [8]. On the other hand, light-weight Ed25519 signatures [9] could be used in a flat trust model, where a list of public keys verifying voting mandates is maintained by the authority.

A role of platform

A platform outside the authority’s control collects voting data packets from voters. We need such platform to reliably sever the link between the authorization to vote (personally identifying the voter to the issuing authority) and the vote itself. The platform is a mere publisher of two uncorrelated lists: a list of voted authorizations (voters) and a list of cast votes. The platform’s software is preferably open source. Concluding elections’ outcome from the published lists is trivial and it may or may not be in the scope of the platform.

The platform is a voting-specific function, that is, it deals with voting-specific challenges, which may be contrasted with scalability-specific (non-functional) challenges. For example, while collecting data, the platform can run relevant sanity checks on the data, verifying that the voter is authorized by the authority, verifying that this voter has voted only once, etc. The platform operates redundant and fault-tolerant storage architecture.

Furthermore, the platform permits variety of publishing options. Although majority of jurisdictions ban real-time publishing to keep swing voters unpressured by instantaneous results [10], the platform should preserve frequently updated snapshots (near real-time) of the lists to be published. Such snapshots underpin a temporal structure of the data, which can be used in post-factum analyses of potential votes’ throwing-in/out. Besides, real-time publishing of the list of voters should still be allowed as it doesn’t contain votes, yet its dynamics can be matched against throughput of people having voted at polling stations.

Scale-related considerations are handled by the next role — a content distribution network (CDN), which the platform may or may not be a customer of.

A role of CDN

A content distribution network [11] or CDN is a pillar of the modern internet. It is designed to abstract and own scalability of digital services. The word “distribution” is dated, and content “collection” would be applicable today as well. The role of CDN is instrumental because it runs a massive fleet of hardware distributed at the edge i.e., close to the user-base or voters in our terms. That hardware faces internet users and tackles huge traffic they could generate, isolating and, thus, protecting functional components of a service (e.g., the platform) from threats commonly known under “Denial of Service” (DoS) umbrella. Figure 1 shows a high-level architecture envisioned.

CDNs work by creating content replica and caching them at the edge, so that user queries are answered by the CDN from its points of presence — not by the origin of the content. When content flows from the origin to users, caching reduces rate of queries landing at the origin — such queries “penetrate” CDN layer only when the content being requested by a user is missing from the cache.

Conversely, when content flows from users to the origin (“collection” mode) a feature called “edge computing” can be engaged. A user may be required to attach to their query a proof of a threshold amount of computational work their device has performed. The PoW algorithm [12] builds on asymmetry in time needed to calculate the proof (long) vs. its verification (fast). In other words, a malicious party would not be able to bombard the system with queries without spending considerable amount of time on each; and queries without valid proof could be detected early by the CDN and dropped without harm inflicted. We further rely on caching of the proof in order to eliminate replaying attack, wherein a once-valid query is being played out in cycle.

Broadly speaking, CDN can be seen as part of the platform. For instance, CDN nodes process unencrypted data from voters. One caveat, however, is that CDN could assume voter’s role in business of coercion (discussed later). As such, CDN might have data to not be shared with the platform.

Role of voter

A voter casts their vote with some software running on their device(s). This software is preferably open sourced by the platform. The software calculates PoW and attaches it to the vote being cast. The voter can latterly verify that their vote in the platform’s list is published as cast.

Proof of work as a hedge

PoW was first mentioned in relation to defense from DoS attacks in paragraph 2.3. That defense can be readily extended onto the list of votes as a whole. To change a vote an adversary would have to invest the same amount of computational work as the voter invested originally. The same holds if an adversary was to throw in a spurious vote. Cumulative work performed by voting devices in this highly distributed manner can represent a significant hedge against tampering at scale. That concept is process/software-agnostic because anyone can determine amount of work over every vote on the public list regardless the process/software the list was formed by.

Let’s allude to PoW basics. Every record on the list of votes is expected to encompass a so-called nonce (proof) — a sequence of bytes that could only be obtained by repetitive calculations of a cryptographic digest (work), and the digest is calculated over the record being protected. Obviously, a vote is just another member of the record. The nonce is found by trial and error brute-force endeavor. When the record, containing the nonce, is fed back to the digest function [14], a digest produced signals amount of work expected to have been performed. For instance, SHA-256 digest with 20 leading zero bits can conventionally signal 2²⁰ = 1,048,576 repetitions of SHA-256 calculation the record holder has been through on average. With that mechanics in mind, we will consider what other members a voting record could benefit from.

Trust and conspiracy

No role can be trusted, and every possibility to cheat should be explored and discussed. For instance, a rogue authority can use bots to vote with authorizations not representing real people. This is presumably mitigated by the rate-limiting implication of the PoW on one hand, and by correlating polling stations’ throughput with growth of voters list on the other (both discussed above).

The authority could further forge a bunch of PoW-protected votes in advance i.e., taking virtually unlimited time prior elections. To tackle this scenario the platform must issue a non-fudgeable stamp. That platform stamp will be the next member of a voting record covered by PoW. That is, a voter must request the stamp from the platform before embarking on PoW computations. Generally, the platform stamp forces all PoW runs to happen within a limited time frame.

Conversely, the platform could conspire with an adversary or just be one. To ensure the platform couldn’t prepare fraudulent voting records in advance voter-side non-fudgeable stamp must be the next member of a voting record covered by PoW. The voter stamp shares all the properties of a voter receipt used in E2EV; we will later discuss it in detail.

The authority could further conspire with the platform or CDN to de-anonymize votes (breach secrecy) — that remains unaddressed. Finally, organized sabotage by the voters remains a conundrum. For example, if thousands of voters made any false yet coherent claims with the aim to derail elections, we would have little choice but oblige.

Figure 2 shows a data packet that a voter sends to the platform by casting their vote.

CDN-controlled entropy as a service

It is worth noting that a service offering publicly verifiable entropy at infrastructure level exists [16, 17]. It is not practical for us because production is too slow, and tokens are too cumbersome. Instead, we could take advantage of CDN’s highly distributed pool of entropy — Internet users. Specifically, symmetric key or 48-byte master secret in terms of TLS protocol [7] shares entropy from client and server. Although the secret’s derivatives could be used as the sought voter’s stamp (E2EV identifier), the stamp could only be verified within a single TLS session (assuming CDN doesn’t maintain state outside TLS connection). That is prohibitive in practice. Although TLS state is a good source of entropy, we need better control over its CDN-side verification. I envision the following functions in edge-compute environment for example:

edge.verand_get(int n, int s, char* salt)

edge.verand_check(int n, int s, char* verand, char* salt)

where a verifiable random of (n + s) bytes consists of n-byte entropy and first s bytes of HMAC signature [18] of that entropy. This design allows false positive verification with probability 2^-8s traded off against size of the entropy portion. HMAC signature should depend on a salt and a CDN-side secret with a certain lifecycle.

CDN-verifiable and non-fudgeable in that sense UUID appears on a voter’s receipt against their vote. The platform can further stuff that receipt with all other voting options and populate corresponding UUIDs belonging to other voters from a cache (meaning those other votes were cast contemporaneously). Figure 3 shows an example of a receipt where nine solar planets are on ballot:

A voter must remember the choice they made at voting as their UUID on the receipt is against that choice.

Polling stations

As much as electronic voting is appealing for convenience of voting from home, remote mode is inherently prone to coercion, regardless of the capabilities technology holds. Besides, polling stations are indispensable when it comes to verification of the number of voters.

What I hope to improve on, however, is the cost of equipment polling stations operate. Whether voters use own devices or those provided by a polling station — they will be commercial off-the-shelf (COTS) hardware as opposed to specialized builds of today.

Polling stations pose a couple of problems for electronic approach. First of all, the platform needs a way to verify that a voter casts their vote (sends Figure 2 packet to that effect) from a polling station, not somewhere else. Secondly, autocratic states could coerce by polling stations, rigging them up out of sight of the platform and the public.

Both problems can be addressed by “a hand of platform” at every polling station in operation. That “hand” produces time-based one-time passwords (TOTP) [19] for example. In authentication use case, where TOTP commonly serves as a “second factor”, a secret underpinning the algorithm (a seed) can be accessed/extracted by the user, which is fine. Our use case, in contrast, requires the seed to be isolated from the untrusted environment and withstand extraction attempts by the state actors. I could see other pursuits of cryptographic proofs of location in contexts of network infrastructure and witnessing neighbors [20], none of which fits the bill.

Secure element

A secure element (SE) is a system-on-chip (SoC) electronic component targeting primarily IoT sector [21]. Since NXP Semiconductors [22] manufactures similar components for biometric passports, I used their EdgeLock SE050 chip in this research. I further used a high-accuracy real time clock (RTC) DS3231 and a microcomputer Raspberry Pi model 4B (RPi).

The SE stores a secret (key) shared with the platform and calculates HMAC-SHA-256 with that secret and from any input data. It further stores a key-wrapping key as per RFC 3394 [23], which allows updating the secret with its AES-256 cyphertext. All that happens without crossing the boundaries of the chip.

Software running on the RPi supplies an RTC-based input to the SE, reads back HMAC bytes and converts them into TOTP. The platform stores a public registry of associations between polling stations and SEs. Since the platform could deny votes not vouched for by an SE from the registry, a coercive authority might struggle with unregistered stations. Figure 4 shows an experimental SE in action.

TOTP call-flow

The “hand of platform” in polling stations is supported by a pluggable process on top of a query a voter sends to obtain stamps (Figure 2). Figure 5 demonstrates that process by example of a DoS- and brute-force-resistant call-flow with the following features:

• Platform’s responses are cached at the edge for one second. Therefore, the load the platform is subjected to is limited by a number of edge machines in any one second. That holds even if the edge is getting millions requests per second in a DoS scenario.

• Colored elements in Figure 5 change every second. TOTP changes every 30 s. Stamp requester (voter device but may be an adversary) must not be able to discriminate between a valid (green) or an invalid (red) stamp returned, so that a brute-force attack would lack criteria of success.

• Stamps (UTC-SIGN, UTC-HOLE, and STAMP) are base64 encoded Ed25519 signatures of the UTC header. Public keys verifying them should still remain secret during voting period, so that an adversary couldn’t tell valid and invalid stamps apart.

• PASSHEADER guarantees the platform only respond to the edge — not anyone else.

• All shown transactions are encrypted by means of TLS.