Conference PaperPDF Available

Designing a Cryptographic Scheme for e-Surveys in Higher-Education Institutions

Authors:

Abstract

We present design guidelines for a cryptographic scheme destined for an electronic survey software system developed in view of application in higher-education institutions. By using commercial-grade software, we can provide a user-friendly environment that, on the other hand, can also ensure anonymous participation. We describe the implementation of such a system with the Javatrade programming language and the steps taken for its installation and use





 

!"#$%&
"'#()$*+,--.#
 

/  &
&0
0  &&*
" 1 * 0 0
  * & &
& &    "
/  &  &   0&
&  %    & 2
"
    !!


"  #     $
!$#%$#&
 ' ''  !! $
   ' ' $  ( $ $$
) ## $  $ ''
)#  $   %$    '
$  $  $ $ $
*'''
+$$'
$ '' ' '# !  $  
!$!$$*'!
,$$$  !
 $#*#
#   $   $ $
'  $  '  $  
 #$   - 
#$'!!$
.$!! )#'$$
-   !!  $  $  
      '  $ #!  
-   !!   
$#$ 
%$ $' $# $ 
 /    * $ 
  01 23345 01$$  23345 
0623345 +  ' ! 
)$#!$
$
 ' $   # $  ' !$
!  '!!
$    $ !$!
$$'$ 
'  $  $ !$
!' $!')
+'
 -$#!)#'
$$      ! $
$ $ . '$ - $
 $ $  07 5 -  
!     $  8
*     #  ! 
 $ !
%  )#  $ #-!!
' $' # 
9 6 .'  ' $  
*  !
, $ $ $  $  !
))- $  $* 07 
:;;:5  07 <:;;=5 $$    '
$! $ #$!.$
     $   
$!!#>$
?*!$#$
!!  ' $ -! ' $
# !! $  $#$ $  '
 . $# %$   
$# $  *  >!
*!  !? '
' '  # $ *  ' $ 
$   $ '   $#
   ! !#!$ #  $
!  $' $ $   $
! "  ' $ ,! @ '
 >@,?  ' $   ! ' $ 
-'  !*'$
$!!A)!#B
! "
" *   # $* 
$ $      # $  
  $ - $  0* :;;C5 
0$ :;;C5 $  ' 0D :;;:5 
$ * '$-#$ 
%$ ' *  $  '  ! 
# $    -#
$ E $    ' $  $
 , ' $ $    
 %$ ' $ $     
!  # ' #  ' $
$$! !
+!$'''!-!
'$8!$*%)#
$ $ $#$ $.$
' '
  *   ' $ ' $ 
# $ $  
!!E '   . $ $ ''
'  #$$' 
#  - )   $$ $ #
! !!
.      $
$ ) $ $  F '$  
#$''
  ! # ' / # AG- 
  H8  "%$*
2;2'$G :;;IB
%$ *      E 
 
%$  '$ '  *  #
 $ '''$  $ )E
  $    ! $ !!8
    $  $ $&
!!$
 '$ *  $    
$'-E$$
  !! $
      '  $#$
     $ !-"
$ -''
#$  ' #   
 $ $$J$!!$
)  E $ $ *  '
!
# 
%$ !  ' #   $
$!!>$  ?
'  $ # $# "  $
$  0 :;;:5  # )  
#$$.$)$
$#$!'!E
-#  # @ $#'
##$/
- $  " #  ''
#$#$#*
$!!#$$'
%$   $   $#$ 
)    @  !  " 
!' ' $& ' $  " '  $
 $ -) )-
$0K 23325
%$ $ $'$
$' $$ 
  .' $   ! ' 
 @ >$ ) $ $! 
8 $)?  " >$ )
$) $? $$   
#'*'$
-# $0233I5
G$!!E
2 %   $  ) 
,#& ! $  $  %$ 
$$'$!'$
$' 
: %$  '$$@$
"
Figure 1. System architecture.
%$'!$
'    1$ ' $   
# ''  $
!! ''!!$ 
!   @ ($#
         $
! 8''"
!( ' !''
 K$  # !!   ' $
  )  $$ ! 8 @
      $$"  
$ !!
.# $   ' $ ! '  $ 
  E  $!#  ! 
    ' '  #
!  $'
    ! "  $
)A!B# !'
1' # $ !! > $ 
$ ! ? $   ) $ $
'# E
?!'>A#B?
?  !J! ) ! '   
!#!$#$
?$!''
? $ ' !)#   $
 
%$    # $ $ @
$#$$$#!'
 $!''$$
 $ $  $/ ! ) 
 !'$'# )!

 !  *  $$  
!!     ' '' !
!'!
# $ ' ! $ !! 
,#&  $  '  @ 
"
# $ ! ,#&  
$$!!.
$  )# ' $#  ' $ 
+ ' $ !!8 * $  #
$$$!),#&$
$ #'$@ ''
 * $ !!8 ! )  !' 
#''
.  !   $ $ $ 
!!$ . $ '$ $@    
$*
. $  ! $ !!  $ $
'@  . $) ! !
'     ) >#$ 
?E
Figure 2. Getting a ticket.
%$)'E
--#!J!)!/
- - !/
-*'
%$!! $ '!)L
- ! L '   # $
!!
%$ ! ! ! ) L - ! L
'  .  ,#& 

%$'# - !$)
$!-)!!
. $J$ $' ''
 $ ' )  #  ' )
! $ ) ' !
' )$!!
.$$! $$)8!)
#  * ' $ *  $ "
$ $$ #> !2? %$
*   $ * ) '
 
"  $   !  ,#&E
)$$'$
$  ' $ )  . $ 
,#&$!)
$)' 
.' $ #  $ * ' $ *
 " $  $ *  ( !
#$)8!)%$
!' $*E#''
     $     
 $ ''  .  # 
 $   ' $ !! 
)#  $ *  $

. $'$! $!!  ! $!
 # $ $)8 ! ) +$
$  " '   !# $ $ !
#E
Figure 3. Registering replies.
"$' ,#&$$ )
$    ,#&  $  
'  '  )  '$ '  $
!#@'$'
"# #$!!
$!''!!
%$   $ ) $#!!
$'$)
. $ ' ! $ @  "  
 $  ' $ $ !  !$
!    !!  !

  !!  
!! '' --) ! !
!!/  $     $  ' $
 ! $    $
8!'
% !E
- @ )   $ !!  $
''$)
-")$!$
)#$
- ,#& ) $    $  
 * $  '   . 
)$ $ )$

. $   $    
  ! "   $  !
'  ,
$$$  ' $!
   $'$!!
! %$  ' $ ! ## $
 #$!#!
" $ "    ) $
' $!! $$ $'
'#!J!)!$''
)
$ %
%$   $  !  !
'  ' $ $8 8 $  ##
0:;;I5$,!@'
%$ !# # ## $  %7
05 %$    ' $ $ $
!'-'-'-$!!E
2?%$ &' !
 $  F $#$   
$ $  ' $  M 7$ '
)! !$ 
F> F? 89
:? .! ' $  '
$
'$ ! ! ! 
'  ' $   -!'  . 
$!! '$!!8
' 
1$$ ' !!#  $
   $ <9D >< 9D?
,!-  $ #' # 
!! ''$'E
$)  ''!!
,!-!! !
' '$ !  G $  
  ! #   ' H7D
>H7D##? 0H7 D233I5 . $ $
'>##!'
**?'K
J!
%$# ''!#
H7D-$#  !#!$  "
!)#      $
 $  !!   
 ' $ ' !     
#$'!!
%'$>@"?
#       !
   ! %$ $ '  "ND
>" N D##? 0"ND 23OC5 *
##  $#$ 1 > 1
? 
%$ 1 #    $ 
0+!"ND5 %$     !-
' $ $##
#'-'
. $  $     
! 
.' $ 8 !     
 !$ #
!#!! '"ND$#$1%$
'       $
$''
G !#!$ !  $ $
' ##  !$# %$ $  
'$ 
G    ) " >-"$ -
  0" 23O45? !#!$ $ 
!J! ) !  # $ -#$
'2;:C:;C4'
%# #$A"+2$"B>"+$
#$  2 0"+-2 :;;:5? # #
!  $ # $ F! "#
$ 'H7D
!$ #   # $ #
F!$ '#K."% >K. '
"  %$#?  E $
# ' ! $  %!-F" >
F! " 0F" 23OI5?  
)  $ # %$  )
!$$!8!").
$#$ $ $#$    !
   ! F" >
F!"0F":;;25?!

& '%%%%
%# !'-'
$'#-!!E
2 %$ @   #  $
! 8   %$  ! $
 '    -! #$'$ 
$  $ !J! ) !  $ '
!)###.'$&'$
!!$27 $ ! 
$!!
F$ ! 8  $  ! ' $ !
$! $#$
!' $    $  
!
:F$" #!
 $  $8 1' !
$!#
=  $- ! !  $ 
!" #$,#&
F$ ' $  $  $ $ ' 
''  ( $  !! $ ''
$'$
, $ $  ' $# $ ' $ 
( $  M7 $  
$-E
2 %$'!)##+!"ND8
'
: .  ! )  '    $
! '   ' $ $ 

%$ & '  '    $ 2
7'$
, $ $  ' $# 7 * 
$:PIP2:7 #$
#! !!*!!$P2:7 
#   I;  2;;  ! 
$$  $ $  ) ! '
$!!
( %)
%$  $!! !$$
*  $     '  -
  $ E   
#!!#$#
!!$#$!! 
#  #  %$#$ $ ! '
!  ) $ '' )
!!8$!#*
%$ $ ! $
 $ # ! ' 
$ $#   $   $ $  $
! 
%$'!$$#$$'!
#   !#  $ %7
!# # ##  !  !' -
! #$#$     !#
'$$
+  ! $ $     
$$ '$ $  $   
' E $ $ )  #  $#$
$$$$
$ ! $ # ' )8
!J! )! . $!  $
$!-#'$$
)     ' #  
# ) ! ) ' )  
$ ' ,$ $    
# !$! ## $ " ) !  $
'#$' $@
G !!8 ') $  *
' $ -' $ $!  $ 
$ 
*
0* :;;C5 *  * 3&
$  /* 1 # 7 @
:;;=:;;C
0F":;;25 K."% 45 
67.:;;2
01233451<!
0&&8
2334
01$$  233451$$  +! 9
!$:2334
0$ :;;C5 $  *1 ; *
 $ .FFF "  9 JG
:;;C
0 233I5  DG $ " #9
    7 
 - 
$!EJJ#JJ:QCJ#
$

0F" 23OI5 K."% 45 & 
+)*,23OI
0+!"ND5 +!"ND #  !
$!EJJ$*#
05  !# # ## " 7  .
"@"
$!EJJ
06 23345 6 1$$  & 5 $!5
!2334
0D:;;:5D16#6*$
&0& *9(--(
07 <:;;=5 7<7 < $;
*# K @ ' .
7$:;;=
07  :;;:5 7    1*1<= .FFF
"! ,,::;;:
07 5 7 -  #   
$!EJJ#
0K 23325 K +" " D
02 !"
=I2;>2332?!!PP=-PI;
0 :;;:5   ! 5
>* $ & 9$ $
@'1:;;:
0"23O45D"$  D&
? !    2 #
23O4
0"+-2 :;;:5 K."% 4 5 
6@-*(:;;:
0"ND 23OC5 $   1 G
"FN@FDE 
 F#$ * ##
.
' 7 #  '  9#'$ 23OC
7 ".<G.F% )$!   !  
7 $#!!:C3(:IC23OC
0 :;;I5  ! AB8
B8 C 7 8 $ 
##,!@':;;I
0H7 D 233I5 $< %2 > DE%>F =
)# ' 2C-K-3I  - 
$!EJJ=#J%J- -3I222C$

... Some related work that both focuses on e-learning and security but were not relevant enough for the scenario with examinations can be found in [21,22,23,24]. ...
Conference Paper
Full-text available
We investigate the receipt-freeness issue of electronic voting protocols. Receipt-freeness means that a voter neither obtains nor is able to construct a receipt proving the content of his vote. M. Hirt [Multi-party computation: efficient protocols, general adversaries, and voting, Ph.D. Thesis, ETH-Zürich (2001)] proposed a receipt-free voting scheme by introducing a third-party randomizer and by using divertible zero-knowledge proof of validity and designated-verifier re-encryption proof. This scheme satisfies receipt-freeness under the assumption that the randomizer does not collude with a buyer and a two-way untappable channel exists between voters and the randomizer. But an untappable channel is hard to implement in the real world and will cause inconvenience to voters although it is provided. In this paper we extend Hirt’s results such that a tamper-resistant randomizer, a secure hardware device such as a smart card or a Java card, replaces the role of a third-party randomizer and untappable channel. Moreover K-out-of-L receipt-free voting is provided in a more efficient manner by introducing divertible proof of difference.
Article
Full-text available
We present a voting protocol that protects voters' privacy and achieves uni- versal verifiability, receipt-freeness, and uncoercibility without ad hoc physical assumptions or procedural constraints (such as untappable channels, voting booths, smart cards, third-party randomizers, and so on). We discuss under which conditions the scheme allows voters to cast write-in ballots, and we show how it can be practically implemented through voter-verified (pa- per) ballots. The scheme allows voters to combine voting credentials with their chosen votes applying the homomorphic properties of certain probabilistic cryptosystems.
Article
Full-text available
Amb aquest projecte es vol proposar un esquema criptogràfic que permeti realitzar una enquesta de forma electrònica. La solució es basa en criptografia de clau pública, que en la actualitat es fa servir de manera habitual tant en el comerç electrònic com en altres aplicacions criptogràfiques. Con este proyecto se quiere proponer un esquema criptográfico que permita realizar una encuesta de forma electrónica. La solución se basa en criptografía de clavo pública, que en la actualidad se utiliza de manera habitual tanto en el comercio electrónico como en otras aplicaciones criptográficas. The aim of this project is to propose a cryptographic scheme that enables a survey to be conducted electronically. The solution is based on public-key cryptography, which is commonly used at present both in e-commerce and in other cryptographic applications.
Article
In a world facing so many and such rapid technological developments, the statistical processes of National Statistical Institutes (NSI's) can not remain unchanged. This paper argues that the change from paper questionnaires and paper publications to electonic questionnaires and electronic publications makes a Business Process Redesign of NSI's inevitable. The traditional stove-pipe approach, where each individual survey had its own questionnaire and publications, must be replaced by a new approach focused on external sources (for data collection) and external customers (for dissemination). As a result, the internal processes will be integrated, and the focus will be on corporate databases instead of separate departmental databases. Some aspects of the new approach will be illustrated by examples of developments at Statistics Netherlands (SN).
Article
Election officials are examining technologies to address a wide range of voting issues. The problems observed in the November 2000 US election accelerated existing trends to get rid of lever machines, punch-cards, and hand-counted paper ballots and replace them with mark-sense balloting, Internet, and automatic teller machine (ATM) kiosk style computer-based systems. An estimated US 22-4 billion will be spent in the United States and Canada to update voting systems during the next decade. Voting online might enable citizens to vote even if they are unable to get to the polls. Yet making these methods work right turns out to be considerably more difficult than originally thought. New electronic voting systems pose risks as well as solutions. As it turns out, many of the voting products currently for sale provide less accountability, poorer reliability, and greater opportunity for widespread fraud than those already in use. This paper discusses the technology available and how to ensure accurate ballots.
Article
The paper presents a secret balloting system for elections carried out in a computer network. The system has some features not possessed by customary secret balloting systems and does not rely on trusted persons and group work to the same extent as customary systems. Our system uses protocols based on public-key cryptography.
Article
An encryption method is presented with the novel property that publicly re- vealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: 1. Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intended recipient. Only he can decipher the message, since only he knows the corresponding decryption key. 2. A message can be \signed" using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed en- cryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in \electronic mail" and \electronic funds transfer" systems. A message is encrypted by representing it as a number M, raising M to a publicly specied
Article
An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intended recipient. Only he can decipher the message, since only he knows the corresponding decryption key. A message can be “signed” using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in “electronic mail” and “electronic funds transfer” systems. A message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n , of two large secret prime numbers p and q. Decryption is similar; only a different, secret, power d is used, where e * d = 1(mod (p - 1) * (q - 1)). The security of the system rests in part on the difficulty of factoring the published divisor, n .
Article
The latest receipt system provided by electronic voting machines at polling places is discussed. In this system, the voter can see his or her choices clearly printed on the receipt in the voting booth. The voter can use it to ensure that the votes it contains are included correctly in the final tally, after taking it out of the booth. As the choices are safely encrypted before it is removed from the booth, the receipt cannot be used to show others. An invalid receipt would irrefutably indicate incorrect operation of election equipment.