1,939 research outputs found
The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election
In the world's largest-ever deployment of online voting, the iVote Internet
voting system was trusted for the return of 280,000 ballots in the 2015 state
election in New South Wales, Australia. During the election, we performed an
independent security analysis of parts of the live iVote system and uncovered
severe vulnerabilities that could be leveraged to manipulate votes, violate
ballot privacy, and subvert the verification mechanism. These vulnerabilities
do not seem to have been detected by the election authorities before we
disclosed them, despite a pre-election security review and despite the system
having run in a live state election for five days. One vulnerability, the
result of including analytics software from an insecure external server,
exposed some votes to complete compromise of privacy and integrity. At least
one parliamentary seat was decided by a margin much smaller than the number of
votes taken while the system was vulnerable. We also found protocol flaws,
including vote verification that was itself susceptible to manipulation. This
incident underscores the difficulty of conducting secure elections online and
carries lessons for voters, election officials, and the e-voting research
community
Applying Block Chain Technologies to Digital Voting Algorithms
Voting is a fundamental aspect to democracy. Many countries have advanced voting systems in place, but many of these systems have issues behind them such as not being anonymous or verifiable. Additionally, most voting systems currently have a central authority in charge of counting votes, which can be prone to corruption. We propose a voting system which mitigates many of these issues. Our voting system attempts to provide decentralization, pseudoanonymity, and verifiability. For our system, we have identified the requirements, implemented the backbone of the system, recognized some of its shortcomings, and proposed areas of future work on this voting system
An individually verifiable voting protocol with complete recorded-as-intended and counted-as-recorded guarantees
Democratic principles demand that every voter should be able to individually
verify that their vote is recorded as intended and counted as recorded, without
having to trust any authorities. However, most end-to-end (E2E) verifiable
voting protocols that provide universal verifiability and voter secrecy
implicitly require to trust some authorities or auditors for the correctness
guarantees that they provide.
In this paper, we explore the notion of individual verifiability. We evaluate
the existing E2E voting protocols and propose a new protocol that guarantees
such verifiability without any trust requirements. Our construction depends on
a novel vote commitment scheme to capture voter intent that allows voters to
obtain a direct zero-knowledge proof of their vote being recorded as intended.
We also ensure protection against spurious vote injection or deletion post
eligibility verification, and polling-booth level community profiling
Blockchain, consensus, and cryptography in electronic voting
Motivated by the recent trends to conduct electronic elections using blockchain technologies, we review the vast literature on cryptographic voting and assess the status of the field. We analyze the security requirements for voting systems and describe the major ideas behind the most influential cryptographic protocols for electronic voting. We focus on the great importance of consensus in the elimination of trusted third parties. Finally, we examine whether recent blockchain innovations can satisfy the strict requirements set for the security of electronic voting
Internet Voting Protocols: An Analysis of the Cryptographic Operations per Phase
Internet voting is a good option for Colombia thanks to the expansion of mobile technology throughout the country and the interest of the government to implement the e-voting. For this reason, we study the e-voting protocols to establish if any of them is suitable for Colombian elections. However some of them imply a great number of cryptographic operations and therefore a great computational cost for the devices, which sometimes exceed their capacity. In this paper, we determine the number of cryptographic operations per phase of four e-voting protocols: one based on blind signatures (Li, Hwang and Lai protocol), one based on mix nets (Meng protocol), one based on homomorphic encryption (EVIV protocol) and one used in real electoral processes (I-Voting for Estonian Elections). Then, we analyze the changes in the number of operations when the number of voters, number of votes, number of authorities and number of candidates increase for small, medium and large elections. Finally, we establish the protocol that imply a less number of cryptographic operations and is suitable for big electoral processes, such as congress elections in Colombia
Security Requirement Analysis of Blockchain-based E-Voting Systems
In democratic countries such as India, voting is a fundamental right given to
citizens of their countries. Citizens need to physically present and cast their
vote in ballot-paper-based voting systems. Most of the citizens fail to fulfill
this constraint and have stayed away from their fundamental duty.
Electronic-voting systems are often considered one efficient alternative in
such situations. Blockchain Technology is an emerging technology that can
provide a real solution as it is characterized by immutable, transparent,
anonymous, and decentralized properties. This paper presents a security
requirement analysis for e-voting systems and evaluates blockchain technology
against these requirements
- …