14,159 research outputs found

    Individual verifiability in electronic voting

    Get PDF
    This PhD Thesis is the fruit of the job of the author as a researcher at Scytl Secure Electronic Voting, as well as the collaboration with Paz Morillo, from the Department of Applied Mathematics at UPC and Alex Escala, PhD student. In her job at Scytl, the author has participated in several electronic voting projects for national-level binding elections in different countries. The participation of the author covered from the protocol design phase, to the implementation phase by providing support to the development teams. The thesis focuses on studying the mechanisms that can be provided to the voters, in order to examine and verify the processes executed in a remote electronic voting system. This work has been done as part of the tasks of the author at the electronic voting company Scytl. Although this thesis does not talk about system implementations, which are interesting by themselves, it is indeed focused on protocols which have had, or may have, an application in the real world. Therefore, it may surprise the reader by not using state of the art cryptography such as pairings or lattices, which still, although providing very interesting properties, cannot be efficiently implemented and used in a real system. Otherwise, the protocols presented in this thesis use standard and well-known cryptographic primitives, while providing new functionalities that can be applied in nowadays electronic voting systems. The thesis has the following contents: A survey on electronic voting systems which provide voter verification functionalities. Among these systems we can find the one used in the Municipal and Parliamentary Norwegian elections of 2011 and 2013, and the system used in the Australian State of New South Wales for the General State Elections in 2015, in which the author has had an active participation in the design of their electronic voting protocols. A syntax which can be used for modeling electronic voting systems providing voter verifiability. This syntax is focused on systems characterized by the voter confirming the casting of her vote, after verifying some evidences provided by the protocol. Along with this syntax, definitions for the security properties required for such schemes are provided. A description of the electronic voting protocol and system which has been used in 2014 and 2015 elections in the Swiss Canton of Neuchâtel, which has individual verification functionalities, is also provided in this thesis, together with a formal analysis of the security properties of the scheme and further extensions of the protocol. Finally, two new protocols which provide new functionalities respect to those from the state of the art are proposed: A new protocol providing individual verifiability which allows voters to defend against coertion by generating fake proofs, and a protocol which makes a twist to individual verifiability by ensuring that all the processes executed by the voting device and the remote server are correct, without requiring an active verification from the voter. A formal analysis of the security properties of both protocols is provided, together with examples of implementation in real systems.Aquesta tesi és fruit de la feina de l'autora com a personal de recerca a la empresa Scytl Secure Electtronic Voting, així com de la col·laboració amb la Paz Morillo, del departament de matemàtica aplicada a la UPC, i el Alex Escala, estudiant de doctorat. A la feina a Scytl, l'autora ha participat a varis projectes de vot electrònic per a eleccions vinculants a nivell nacional, que s'han efectuat a varis països. La participació de la autora ha cobert tant la fase de disseny del protocol, com la fase de implementació, on ha proveït suport als equips de desenvolupament. La tesi estudia els mecanismes que es poden proporcionar als votants per a poder examinar i verificar els processos que s'executen en sistemes de vot electrònic. Tot i que la tesi no parla de la implementació dels sistemes de vot electrònic, sí que s'enfoca en protocols que han tingut, o poden tenir, una aplicació pràctica actualment. La tesi té els continguts següents: Un estudi en sistemes de vot electrònic que proporcionen funcionalitats per a que els votants verifiquin els processos. Entre aquests sistemes, trobem el que es va utilitzar a les eleccions municipals i parlamentàries a Noruega als anys 2011 i 2013, així com el sistema utilitzat a l'estat Australià de New South Wales, per a les eleccions generals de 2015, sistemes en els que l'autora ha participat directament en el diseny dels seus protocols criptogràfics. La tesi també conté una sintaxi que es pot utilizar per modelar sistemes de vot electrònic que proporcionen verificabilitat individual (on verifica el votant). Aquesta sintaxi s'enfoca en sistemes caracteritzats pel fet de que el votant confirma la emissió del seu vot un cop ha verificat unes evidències sobre ell, proporcionades pel protocol. A més de la sintaxi, es proporcionen definicions de les propietats de seguretat d'aquestts sistemes. La tesi també conté una descripció del sistema i protocol de vot electrònic que s'utilitza al cantó Suís de Neuchâtel a partir del 2014, el qual té funcionalitats per a que els votants verifiquin certs processos del sistema. La tesi a més conté un anàlisi de la seguretat de l'esquema, així com possibles extensions del protocol. Finalment, la tesi inclou dos protocols nous que proporcionen noves característiques i funcionalitats respecte als existents a l'estat de l'art de la tècnica. El primer permet a un votant defendre's de un coaccionador generant proves falses, i el segon fa un canvi de paradigma de la verificabilitat individual, de forma que el votant no ha de verificar certs processos per a saber que s'han efectuant correctament. La tesi inclou un anàlisi formal de les propietats de seguretat dels dos protocols, així com exemples de com podrien ser implementats en un escenari real.Postprint (published version

    Public Evidence from Secret Ballots

    Full text link
    Elections seem simple---aren't they just counting? But they have a unique, challenging combination of security and privacy requirements. The stakes are high; the context is adversarial; the electorate needs to be convinced that the results are correct; and the secrecy of the ballot must be ensured. And they have practical constraints: time is of the essence, and voting systems need to be affordable and maintainable, and usable by voters, election officials, and pollworkers. It is thus not surprising that voting is a rich research area spanning theory, applied cryptography, practical systems analysis, usable security, and statistics. Election integrity involves two key concepts: convincing evidence that outcomes are correct and privacy, which amounts to convincing assurance that there is no evidence about how any given person voted. These are obviously in tension. We examine how current systems walk this tightrope.Comment: To appear in E-Vote-Id '1

    Distributed Protocols at the Rescue for Trustworthy Online Voting

    Get PDF
    While online services emerge in all areas of life, the voting procedure in many democracies remains paper-based as the security of current online voting technology is highly disputed. We address the issue of trustworthy online voting protocols and recall therefore their security concepts with its trust assumptions. Inspired by the Bitcoin protocol, the prospects of distributed online voting protocols are analysed. No trusted authority is assumed to ensure ballot secrecy. Further, the integrity of the voting is enforced by all voters themselves and without a weakest link, the protocol becomes more robust. We introduce a taxonomy of notions of distribution in online voting protocols that we apply on selected online voting protocols. Accordingly, blockchain-based protocols seem to be promising for online voting due to their similarity with paper-based protocols

    State of Alaska Election Security Project Phase 2 Report

    Get PDF
    A laska’s election system is among the most secure in the country, and it has a number of safeguards other states are now adopting. But the technology Alaska uses to record and count votes could be improved— and the state’s huge size, limited road system, and scattered communities also create special challenges for insuring the integrity of the vote. In this second phase of an ongoing study of Alaska’s election security, we recommend ways of strengthening the system—not only the technology but also the election procedures. The lieutenant governor and the Division of Elections asked the University of Alaska Anchorage to do this evaluation, which began in September 2007.Lieutenant Governor Sean Parnell. State of Alaska Division of Elections.List of Appendices / Glossary / Study Team / Acknowledgments / Introduction / Summary of Recommendations / Part 1 Defense in Depth / Part 2 Fortification of Systems / Part 3 Confidence in Outcomes / Conclusions / Proposed Statement of Work for Phase 3: Implementation / Reference

    HandiVote: simple, anonymous, and auditable electronic voting

    Get PDF
    We suggest a set of procedures utilising a range of technologies by which a major democratic deficit of modern society can be addressed. The mechanism, whilst it makes limited use of cryptographic techniques in the background, is based around objects and procedures with which voters are currently familiar. We believe that this holds considerable potential for the extension of democratic participation and control
    corecore