676 research outputs found
The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election
In the world's largest-ever deployment of online voting, the iVote Internet
voting system was trusted for the return of 280,000 ballots in the 2015 state
election in New South Wales, Australia. During the election, we performed an
independent security analysis of parts of the live iVote system and uncovered
severe vulnerabilities that could be leveraged to manipulate votes, violate
ballot privacy, and subvert the verification mechanism. These vulnerabilities
do not seem to have been detected by the election authorities before we
disclosed them, despite a pre-election security review and despite the system
having run in a live state election for five days. One vulnerability, the
result of including analytics software from an insecure external server,
exposed some votes to complete compromise of privacy and integrity. At least
one parliamentary seat was decided by a margin much smaller than the number of
votes taken while the system was vulnerable. We also found protocol flaws,
including vote verification that was itself susceptible to manipulation. This
incident underscores the difficulty of conducting secure elections online and
carries lessons for voters, election officials, and the e-voting research
community
Public Evidence from Secret Ballots
Elections seem simple---aren't they just counting? But they have a unique,
challenging combination of security and privacy requirements. The stakes are
high; the context is adversarial; the electorate needs to be convinced that the
results are correct; and the secrecy of the ballot must be ensured. And they
have practical constraints: time is of the essence, and voting systems need to
be affordable and maintainable, and usable by voters, election officials, and
pollworkers. It is thus not surprising that voting is a rich research area
spanning theory, applied cryptography, practical systems analysis, usable
security, and statistics. Election integrity involves two key concepts:
convincing evidence that outcomes are correct and privacy, which amounts to
convincing assurance that there is no evidence about how any given person
voted. These are obviously in tension. We examine how current systems walk this
tightrope.Comment: To appear in E-Vote-Id '1
Usable Verifiable Secrecy-Preserving E-Voting
In this paper we propose the usage of QR-Codes to enable
usable veriable e-voting schemes based on code voting. The idea { from a
voter\u27s perspective { is to combine code voting proposed by Chaum with
the cast-as-intended verication mechanism used e.g. in Switzerland (using
a personal initialization code, return codes per option, a conrmation code
and a nalisation code); while all codes to be entered into the e-voting
system by voters are available as QR-Code (i.e. one personalised QR
voting code per voting option and one personal conrmation QR-Code).
We conduct a user study to evaluate the usability and user experience
of such an approach: both the code sheets and the election webpage are
based on usability research in this area but adopted for our idea. As
our proposal performs good wrt. usability, we discuss how such usable
front-ends enable more secure e-voting systems in respect to end-to-end
veriability and vote secrecy
Potential and challenges of e-voting in the European Union
European Union Democracy Observatory (EUDO)This study was commissioned and supervised by the European Parliament’s Department for Citizens’ Rights and Constitutional Affairs at the request of the AFCO Committee. It addresses the potentials and challenges of the implementation of Internet voting in European Parliament elections. It considers the social, political, legal, and technological implications of its introduction as an alternative to on-paper ballot and builds on the recent experience of previous trials and successful e-enabled elections to issue technical recommendations regarding Internet voting in the European Union
A formal analysis of the Neuchâtel e-voting protocol
International audienceRemote electronic voting is used in several countries for legally binding elections. Unlike academic voting protocols, these systems are not always documented and their security is rarely analysed rigorously. In this paper, we study a voting system that has been used for electing political representatives and in citizen-driven referenda in the Swiss canton of Neuchâtel. We design a detailed model of the protocol in ProVerif for both privacy and verifiability properties. Our analysis mostly confirms the security of the underlying protocol: we show that the Neuchâtel protocol guarantees ballot privacy, even against a corrupted server; it also ensures cast-as-intended and recorded-as-cast verifiability, even if the voter's device is compromised. To our knowledge, this is the first time a full-fledged automatic symbolic analysis of an e-voting system used for politically-binding elections has been realized
A formal analysis of the Neuchâtel e-voting protocol
Remote electronic voting is used in several countries for legally binding elections. Unlike academic voting protocols, these systems are not always documented and their security is rarely analysed rigorously. In this paper, we study a voting system that has been used for electing political representatives and in citizen-driven referenda in the Swiss canton of Neuchâtel. We design a detailed model of the protocol in ProVerif for both privacy and veri-fiability properties. Our analysis mostly confirms the security of the underlying protocol: we show that the Neuchâtel protocol guarantees ballot privacy, even against a corrupted server; it also ensures cast-as-intended and recorded-as-cast verifiability, even if the voter's device is compromised. To our knowledge, this is the first time a full-fledged automatic symbolic analysis of an e-voting system used for politically-binding elections has been realized
Blockchain based voting system for Jordan parliament elections
Covid-19 pandemic has stressed more than any-time before the necessity for conducting election processes in an electronic manner, where voters can cast their votes remotely with complete security, privacy, and trust. The different voting schema in different countries makes it very difficult to utilize a one fits all system. This paper presents a blockchain based voting system (BBVS) applied to the Parliamentary elections system in the country of Jordan. The proposed system is a private and centralized blockchain implemented in a simulated environment. The proposed BBVS system implements a hierarchical voting process, where a voter casts votes at two levels, one for a group, and the second for distinct members within the group. This paper provides a novel blockchain based e-Voting system, which proves to be transparent and yet secure. This paper utilizes synthetic voter benchmarks to measure the performance, accuracy and integrity of the election process. This research introduced and implemented new algorithms and methods to maintain acceptable performance both at the time of creating the blockchain(s) for voters and candidates as well as at the time of casting votes by voters
Pretty Understandable Democracy 2.0
The technological advance is entering almost all aspects of our everyday life. One interesting aspect is the possibility to conduct elections over the Internet. However, many proposed Internet voting schemes and systems build on unrealistic assumptions about the trustworthiness of the voting environment and other voter-side assumptions. Code voting -- first introduced by Chaum [Cha01] -- is one approach that minimizes the voter-side assumptions. The voting scheme Pretty UnderstandableDemocracy [BNOV13] builds on the idea of code voting while it ensures on the server-side an arguably practical security model based on a strict separation of duty, i.e. all security requirements are ensured if any two components do not collaborate in order to violate the corresponding requirement. As code voting and strict separation of duty realizations come along with some challenges (e.g. pre-auditing phase, usability issues, clearAPIs), the goal of our research was to implement Pretty UnderstandableDemocracy and run a trial election. This paper reports about necessary refinements of the original scheme, the implementation process, and atrial election among the different development teams (each team being responsible for one component)
- …