Distributed Protocols at the Rescue for Trustworthy Online Voting

While online services emerge in all areas of life, the voting procedure in many democracies remains paper-based as the security of current online voting technology is highly disputed. We address the issue of trustworthy online voting protocols and recall therefore their security concepts with its trust assumptions. Inspired by the Bitcoin protocol, the prospects of distributed online voting protocols are analysed. No trusted authority is assumed to ensure ballot secrecy. Further, the integrity of the voting is enforced by all voters themselves and without a weakest link, the protocol becomes more robust. We introduce a taxonomy of notions of distribution in online voting protocols that we apply on selected online voting protocols. Accordingly, blockchain-based protocols seem to be promising for online voting due to their similarity with paper-based protocols

Secure and Verifiable Electronic Voting in Practice: the use of vVote in the Victorian State Election

The November 2014 Australian State of Victoria election was the first statutory political election worldwide at State level which deployed an end-to-end verifiable electronic voting system in polling places. This was the first time blind voters have been able to cast a fully secret ballot in a verifiable way, and the first time a verifiable voting system has been used to collect remote votes in a political election. The code is open source, and the output from the election is verifiable. The system took 1121 votes from these particular groups, an increase on 2010 and with fewer polling places

E-VOTING SYSTEMS: A TOOL FOR E-DEMOCRACY

Using electronic voting systems is divisive as some countries used such systems and others did not. Electronic voting (e-voting) is relatively a new concept based on its application that aims at reducing errors and improving the convenience and integrity of election process. This paper tried to explore the factors that influence the adoption of such systems in a university environment. The study utilized a sample of 302 bachelor degree students in a public Jordanian university and in relation to students’ council election process. Results indicated that students were keen on the concepts of trust and usefulness of e-voting when adopting such systems. The study supported the findings of TAM in the area of technology acceptance. Conclusions are at the end of this paper.E-government, e-democracy, e-voting, students’ elections.

E-Voting in an ubicomp world: trust, privacy, and social implications

The advances made in technology have unchained the user from the desktop into interactions where access is anywhere, anytime. In addition, the introduction of ubiquitous computing (ubicomp) will see further changes in how we interact with technology and also socially. Ubicomp evokes a near future in which humans will be surrounded by “always-on,” unobtrusive, interconnected intelligent objects where information is exchanged seamlessly. This seamless exchange of information has vast social implications, in particular the protection and management of personal information. This research project investigates the concepts of trust and privacy issues specifically related to the exchange of e-voting information when using a ubicomp type system

The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election

In the world's largest-ever deployment of online voting, the iVote Internet voting system was trusted for the return of 280,000 ballots in the 2015 state election in New South Wales, Australia. During the election, we performed an independent security analysis of parts of the live iVote system and uncovered severe vulnerabilities that could be leveraged to manipulate votes, violate ballot privacy, and subvert the verification mechanism. These vulnerabilities do not seem to have been detected by the election authorities before we disclosed them, despite a pre-election security review and despite the system having run in a live state election for five days. One vulnerability, the result of including analytics software from an insecure external server, exposed some votes to complete compromise of privacy and integrity. At least one parliamentary seat was decided by a margin much smaller than the number of votes taken while the system was vulnerable. We also found protocol flaws, including vote verification that was itself susceptible to manipulation. This incident underscores the difficulty of conducting secure elections online and carries lessons for voters, election officials, and the e-voting research community

Glimmers: Resolving the Privacy/Trust Quagmire

Many successful services rely on trustworthy contributions from users. To establish that trust, such services often require access to privacy-sensitive information from users, thus creating a conflict between privacy and trust. Although it is likely impractical to expect both absolute privacy and trustworthiness at the same time, we argue that the current state of things, where individual privacy is usually sacrificed at the altar of trustworthy services, can be improved with a pragmatic $Glimmer$ $of$ $Trust$, which allows services to validate user contributions in a trustworthy way without forfeiting user privacy. We describe how trustworthy hardware such as Intel's SGX can be used client-side -- in contrast to much recent work exploring SGX in cloud services -- to realize the Glimmer architecture, and demonstrate how this realization is able to resolve the tension between privacy and trust in a variety of cases