2,759 research outputs found
Public Evidence from Secret Ballots
Elections seem simple---aren't they just counting? But they have a unique,
challenging combination of security and privacy requirements. The stakes are
high; the context is adversarial; the electorate needs to be convinced that the
results are correct; and the secrecy of the ballot must be ensured. And they
have practical constraints: time is of the essence, and voting systems need to
be affordable and maintainable, and usable by voters, election officials, and
pollworkers. It is thus not surprising that voting is a rich research area
spanning theory, applied cryptography, practical systems analysis, usable
security, and statistics. Election integrity involves two key concepts:
convincing evidence that outcomes are correct and privacy, which amounts to
convincing assurance that there is no evidence about how any given person
voted. These are obviously in tension. We examine how current systems walk this
tightrope.Comment: To appear in E-Vote-Id '1
The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election
In the world's largest-ever deployment of online voting, the iVote Internet
voting system was trusted for the return of 280,000 ballots in the 2015 state
election in New South Wales, Australia. During the election, we performed an
independent security analysis of parts of the live iVote system and uncovered
severe vulnerabilities that could be leveraged to manipulate votes, violate
ballot privacy, and subvert the verification mechanism. These vulnerabilities
do not seem to have been detected by the election authorities before we
disclosed them, despite a pre-election security review and despite the system
having run in a live state election for five days. One vulnerability, the
result of including analytics software from an insecure external server,
exposed some votes to complete compromise of privacy and integrity. At least
one parliamentary seat was decided by a margin much smaller than the number of
votes taken while the system was vulnerable. We also found protocol flaws,
including vote verification that was itself susceptible to manipulation. This
incident underscores the difficulty of conducting secure elections online and
carries lessons for voters, election officials, and the e-voting research
community
Secure and Verifiable Electronic Voting in Practice: the use of vVote in the Victorian State Election
The November 2014 Australian State of Victoria election was the first
statutory political election worldwide at State level which deployed an
end-to-end verifiable electronic voting system in polling places. This was the
first time blind voters have been able to cast a fully secret ballot in a
verifiable way, and the first time a verifiable voting system has been used to
collect remote votes in a political election. The code is open source, and the
output from the election is verifiable. The system took 1121 votes from these
particular groups, an increase on 2010 and with fewer polling places
Recommended from our members
Gaining assurance in a voter-verifiable voting system
The literature on e-voting systems has many examples of discussion of the correctness of the computer and communication algorithms of such systems, as well as discussions of their vulnerabilities. However, a gap in the literature concerns the practical need (before adoption of a specific e-voting system) for a complete case demonstrating that the system as a whole has sufficiently high probability of exhibiting the desired properties when in use in an actual election. This paper discusses the problem of producing such a case, with reference to a specific system: a version of the Prêt à Voter scheme for voter-verifiable e-voting. We show a possible organisation of a case in terms of four main requirements – accuracy, privacy, termination and ‘trustedness’– and show some of the detailed organisation that such a case should have, the diverse kinds of evidence that needs to be gathered and some of the interesting difficulties that arise
A smart contract system for decentralized borda count voting
In this article, we propose the first self-tallying decentralized e-voting protocol for a ranked-choice voting system based on Borda count. Our protocol does not need any trusted setup or tallying authority to compute the tally. The voters interact through a publicly accessible bulletin board for executing the protocol in a way that is publicly verifiable. Our main protocol consists of two rounds. In the first round, the voters publish their public keys, and in the second round they publish their randomized ballots. All voters provide Non-interactive Zero-Knowledge (NIZK) proofs to show that they have been following the protocol specification honestly without revealing their secret votes. At the end of the election, anyone including a third-party observer will be able to compute the tally without needing any tallying authority. We provide security proofs to show that our protocol guarantees the maximum privacy for each voter. We have implemented our protocol using Ethereum's blockchain as a public bulletin board to record voting operations as publicly verifiable transactions. The experimental data obtained from our tests show the protocol's potential for the real-world deployment
- …