Black Ice HSM: the safest electronic voting system for cloud environments

The project, framed in the Spanish R&D program RETOS-COLABORACIÓN and that is currently developing the first functional prototype, ends in 2018


Gradiant and the Catalan company SCYTL Secure Electronic Voting are working on the R&D project Black Ice HSM, focused on developing a totally secure and confidential electronic voting system in the cloud. As Daniel A. Rodriguez Silva, researcher at Gradiant, says “there are cryptographic techniques to guarantee data privacy and integrity in sensitive environments such as electronic voting, but it is necessary to protect very well the keys, especially if we want to move the system to a cloud computing environment”.

This initiative arises in 2016 because of SCYTL needed to explore solutions based on cryptographic data protection hardware to facilitate the use of its electronic voting platform in the cloud. The main objective is to develop security mechanisms based on Hardware Secure Modules (HSMs) to build a platform for storing secret data from the electronic voting system in the cloud and to operate with them completely in a private and safe way.

To quote Jordi Puiggalí, director of security and research at SCYTL, “one of the main innovations of this project is how to implement advanced cryptographic algorithms in HSM, something not done by default. The incorporation of these advanced algorithms will allow to implement safe and auditable cryptographic voting protocols, even in cloud-deployed environments”. This way, users can be sure that their electronic voting is totally confidential and even the cloud service provider will not be able to access the sensitive information, because the system incorporates HSM devices with special protection (certified by FIPS 140-2 and Common Criteria EAL4+ standards) that prevents any type of attack that could compromise cryptographic keys.

Black Ice HSM is co-funded by the European Regional Development Fund (ERDF) and the Ministry of Economy, Industry and Competitiveness (Spanish Government).


Cryptographic technology based on cloud computing

Increasingly, today’s society demands all kinds of reliable, secure electronic services that guarantee the privacy of sensitive data. The technology developed by Gradiant for the Black Ice HSM project offers an HSM as a Service or HSMaaS, security solution to be integrated into the SCYTL electronic voting system, providing a REST type interface that allows complex cryptographic operations in the cloud and making easier that this electronic voting system can be taken to the cloud with the guarantee that all sensitive information will remain completely secure and confidential.

An example of such cryptographic operations is the generation of private keys for national elections, the signing of voting receipts or the generation of zero knowledge proofs to ensure the consistency of votes. All operations performed in the HSM environment generate secure records that can be audited to verify the correct operation of the system. In addition, the HSMaaS platform developed by Gradiant is easily scalable and adapts to the needs of the existing demand at any given moment, being able to easily add new HSMs to the service according to the necessities of the company.

Gradiant started working on this type of technology several years ago, thanks to the Science Investment Fund program of Fundación Barrié through the SCAPE project. Since then, Gradiant has been delivering advanced solutions which include the use of HSMs in the cloud aware of the industry needs to ensure the security and privacy of sensitive data they work with, such as government, banking and healthcare.

Share on FacebookGoogle+Tweet about this on TwitterShare on LinkedIn