Benlog

Category: crypto

  • Crypto as in Crypto

    Crypto as in Crypto

    Is crypto short for cryptography or cryptocurrencies? Grab your pitchforks! I’ve ranted against crypto-means-bitcoin since I first heard it. But the last few days have me wondering if we, the greying and already-grey cryptographers, should just accept it. At the very least, when prominent VC Fred Wilson keeps calling it crypto, we have to realize we…

  • Blockchain and Voting

    Blockchain and Voting

    Blockchain and Bitcoin may prove to be amazing innovations that change our daily lives, but I doubt they will materially impact how we vote. Here’s why. What Blockchain Is and Isn’t The common way to describe Blockchain is something like: it’s a database, only instead of being run by one central computer you have to…

  • Power & Accountability

    So there’s this hot new app called Secret. The app is really clever: it prompts you to share secrets, and it sends those secrets to your social circle. It doesn’t identify you directly to your friends. Instead, it tells readers that this secret was written by one of their friends without identifying which one. The…

  • there are 3 kinds of crypto

    When we use terminology that is too broad, too coarse-grained, we make discussion more difficult. That sounds obvious, but it’s easy to miss in practice. We’ve made this mistake in spades with crypto. Discussing the field as one broad topic is counter-productive and leads to needless bickering. I see 3 major kinds of crypto: b2c…

  • it’s the randomness, stupid

    The New York Times is reporting that a flaw has been found in RSA. The original paper is here, and it looks like a second team was about to release similar information, so they’ve posted an explanatory blog post, which I recommend. A number of people are understandably concerned. Since I couldn’t find a simple…

  • encryption is (mostly) not magic

    A few months ago, Sony’s Playstation Network got hacked. Millions of accounts were breached, leaking physical addresses and passwords. Sony admitted that their data was “not encrypted.” Around the same time, researchers discovered that Dropbox stores user files “unencrypted.” Dozens (hundreds?) closed their accounts in protest. They’re my confidential files, they cried, why couldn’t you…

  • Wombat Voting: Open Audit Elections in Israel

    My friend Alon Rosen is leading an effort with colleagues Amon Ta-Shma, Ben Riva, and Yoni Ben-Nun in Israel to implement and deploy in-person open-audit voting. The project is called Wombat Voting. It combines a number of existing cryptographic techniques in a very nice package. Oh, and they’ve implemented it and used it to run…

  • grab the pitchforks!… again

    I’m fascinated with how quickly people have reached for the pitchforks recently when the slightest whiff of a privacy/security violation occurs. Last week, a few interesting security tidbits came to light regarding Dropbox, the increasingly popular cloud-based file storage and synchronization service. There’s some interesting discussion of de-duplication techniques which might lead to Oracle attacks,…

  • intelligently designing trust

    For the past week, every security expert’s been talking about Comodo-Gate. I find it fascinating: Comodo-Gate goes to the core of how we handle trust and how web architecture evolves. And in the end, this crisis provides a rare opportunity. warning signs Last year, Chris Soghoian and Sid Stamm published a paper, Certified Lies [PDF],…

  • everything I know about voting I learned from American Idol

    Tonight, American Idol began online voting. Yes, I’m a fan of American Idol, but don’t let that fool you: I’m still a bitchin’ cryptographer. I suspect that American Idol online voting will give rise to many questions such as “wow, awesome, now when can I vote in US Elections with my Facebook account?” and “Why…

  • Facebook, the Control Revolution, and the Failure of Applied Modern Cryptography

    In the late 1990s and early 2000s, it was widely assumed by most tech writers and thinkers, myself included, that the Internet was a “Control Revolution” (to use the words of Andrew Shapiro, author of a book with that very title in 1999). The Internet was going to put people in control, to enable buyers…

  • Crisis in the Java Community… could they have used a secret-ballot election?

    There is a bit of a crisis in the Java community: the Apache Foundation just resigned its seat on the Java Executive Committee, as did two individual members, Doug Lea and Tim Peierls. From what I understand, the central issue appears to be that Oracle, the new Java “owner” since they acquired Sun Microsystems, is…

  • keep your hands off my session cookies

    For years, security folks — myself included — have warned about the risk of personalized web sites such as Google, Facebook, Twitter, etc. being served over plain HTTP, as opposed to the more secure HTTPS, especially given the proliferation of open wifi networks. But warnings from security freaks rarely get people’s attention. A demonstration is…

  • Facebook can and should do more to proactively protect users

    A few days ago, the Wall Street Journal revealed that Facebook apps were leaking user information to ad networks. Today, Facebook proposed a scheme to address this issue. This is good news, but I’m concerned that Facebook’s proposal doesn’t address the underlying issue fully. Facebook could be doing a lot more to protect its users,…

  • For deniability, faking data even the owner can’t prove is fake

    I was speaking with a colleague yesterday about Loopt, the location-based social network, the rise of location-based services and the incredible privacy challenges they present. I heard the Loopt folks give a talk a few months ago, and I was generally impressed with the measures they’re taking to protect their users’ data. I particularly enjoyed…

  • Sometimes it’s not counter-intuitive

    Bruce Schneier writes that it’s reasonable for unmanned drones to broadcast unencrypted video streams, because the video stream is not that useful to enemies, and given that many people need access to the video feed, the key distribution problem would be very difficult to manage, and some allies could be severely handicapped if they happened…

  • Takoma Park 2009: the conclusion

    Well, it’s been a few weeks of craziness at home and catching up on other work, but I’ve finally wrapped up the Takoma Park 2009 audit. The final step: letting you, dear reader, run the audit all on your own. You’ll find the complete instructions here on the auditing site. I haven’t tested this on…

  • Takoma Park: verifying the shuffle and the unopened ballots

    So the votes have been cast, the uncertified tally has been released, and the confirmation codes have been published for all voters to check. Now, it’s time to make sure that the coded votes, which were shuffled via the Shuffle Tables into the decoded votes in the Results table, were indeed shuffled and decoded correctly.…

  • Takoma Park: auditing the auditor

    Rick Carback from the Scantegrity team just pointed out to me that my totals are not quite the same as theirs, and he surmises that I may have read the Instant Runoff rules incorrectly. Specifically, my code considers that ballots that skip a rank, i.e. that go directly to choice #2 and never indicate a…

  • Takoma Park: and those provisional ballots?

    Coverage of the Takoma Park election continues, with a good article in Wired. And so does the audit! Some people who showed up on election day couldn’t be verified as registered voters. Thanks to one of the useful HAVA provisions, they got to vote provisionally, meaning their ballot was set aside in an envelope labeled…

  • Takoma Park: so can I see my confirmation code already?

    [This post is part of my Auditing the Takoma Park Municipal Election series.] So the votes have been cast, and voters went home. Some of them wrote down their confirmation codes. They probably checked those codes against the official Scantegrity web site. But why would they trust that web site to do all of the…

  • Takoma Park: Meeting 2

    [This post is part of my Auditing the Takoma Park Municipal Election series.] OK, so a couple of days ago we verified the initial P table and D tables for all 6 wards in tomorrow‘s Takoma Park election. Now comes Meeting 2, which was held a couple of weeks ago to open up a random…

  • Takoma Park Election: the 7 steps of auditing

    [This post is part of my Auditing the Takoma Park Municipal Election series.] If you’ve been following, we know what the voter experience is going to be like on Tuesday, and we know what the auditing process is going to be like. So, can we audit this thing already? Yes, we can. Here are the…

  • Takoma Park 2009: Verifying the Tally from the Confirmation Codes

    [This post is part of my Auditing the Takoma Park Municipal Election series.] We’ll now consider the auditing portion of the Takoma Park election. This is a little bit involved, so we’ll take our time. Importantly, the typical voter does not need to burden themselves with this complexity. All that Valerie, our voter, needs to…

  • Takoma Park 2009: the voter experience

    For background on this post, check out the Auditing Takoma Park 2009 Election. I’m gathering all documentation on a Google Site. This blog will continue to serve as the narrative, while the datasets and documentation will live on the Google Site, and I’ll refer to them as needed from this blog. Let’s begin with an…

  • Auditing the Takoma Park Election

    In November of this year, citizens of Takoma Park, Maryland will use the Scantegrity voting system in their municipal election. This is a significant milestone for open-audit voting systems: the first time a government official is elected using a voting system that is verifiable from start to finish by any observer, even resistant to insider…

  • Schneier on self-enforcing protocols and voting

    Bruce Schneier pens another great article on how certain protocols between people who do not trust one another can be set up to prevent cheating without third-party oversight. Of course, the gem of the article pertains to voting: Modern voting systems are rife with the potential for cheating, but an open show of hands in…

  • Back from Israel – talks and press

    Just got back from a trip to Israel, mostly vacation but a couple of very fun days at the Electronic Voting Workshop organized by IDC Herzliya and Tel Aviv University. A great group of folks, some very lively discussion, and a very productive workshop in Israel before they deploy electronic voting machines (imagine that, debating…

  • Voting Workshop in Israel

    In a couple of weeks, I’ll be in Israel at a voting workshop organized by Ran Canetti, Alon Rosen, Ronitt Rubinfeld, and Assaf Jacob. I’ll be giving a talk on voting security and a second talk on Helios. The workshop will be free and open to the public, and it should be an interesting mix…

  • What Verifying an Election Means

    The election at the Université Catholique de Louvain is over, the winner has been declared. So, what does it mean that this was, supposedly, a verifiable election? It means that you can go to the audit web site. There, you’ll find a detailed specification that describes the file formats, encryption mechanisms, and process by which…