Introducing Verifiability in the POLYAS Remote Electronic Voting System

Remote electronic voting continues to attract attention. A greater number of election officials are opting to enable a remote electronic voting channel. More and more scientific papers have been published introducing or improving existing remote electronic voting protocols. However, while the scientific papers focus on different aspects of verifiability, most of the systems in use do not provide verifiability. This gap is closed in this paper by extending a widely used remote electronic voting system, the POLYAS system, to provide verifiability. This approach has been tested in the 2010 election of the German Society for Computer Scientists and will be applied in future elections

ANALISA FAKTOR COMPATIBILITY TERHADAP IMPLEMENTASI E-VOTING

sebuah peralihan proses pemilihan yang bersifat manual kepada bentuk yang terkomputerisasi. Berdasarkan penelitian yang dilakukan oleh rahmad, Compatibility memberikan pengaruh sebesar 80% terhadap minat seseorang dalam menggunakan e-voting (intention to use). Penelitian ini merupakan pengembangan dari penelitian rahmad, dengan melakukan analisa terhadap keterkaitan faktor compatibility dengan implementasi e-voting.Kaitan faktor compatibility terhadap implementasi e-voting dibagi menjadi tiga kelompok yaitu infrastructure & equipment, e-voting technology dan implementation

Formal Treatment of Distributed Trust in Electronic Voting

Electronic voting systems are among the most security critical distributed systems. Different trust concepts are implemented to mitigate the risk of conspiracies endangering security properties. These concepts render systems often very complex and end users no longer recognize whom they need to trust. Correspondingly, specific trust considerations are necessary to support users. Recently, resilience terms have been proposed in order to express, which entities can violate the addressed security properties in particular by illegal collaborations. However, previous works derived these resilience terms manually. Thus, successful attacks can be missed. Based on this approach, we propose a framework to formally and automatically derive these terms. Our framework comprises a knowledge calculus, which allows us to model knowledge and reason about knowledge of collaborating election entities. The introduced framework is applied to deduce previously manually derived resilience terms of three remote electronic voting systems, namely Polyas, Helios and the Estonian voting system. Thereby, we were able to discover mistakes in previous derivations

Introducing Verifiability in the POLYAS Remote Electronic Voting System.

Remote electronic voting continues to attract attention. A greater number of election officials are opting to enable a remote electronic voting channel. More and more scientific papers have been published introducing or improving existing remote electronic voting protocols. However, while the scientific papers focus on different aspects of verifiability, most of the systems in use do not provide verifiability. This gap is closed in this paper by extending a widely used remote electronic voting system, the POLYAS system, to provide verifiability. This approach has been tested in the 2010 election of the German Society for Computer Scientists and will be applied in future elections

Evaluation and Improvement of Internet Voting Schemes Based on Legally-Founded Security Requirements

In recent years, several nations and private associations have introduced Internet voting as additional means to conduct elections. To date, a variety of voting schemes to conduct Internet-based elections have been constructed, both from the scientific community and industry. Because of its fundamental importance to democratic societies, Internet voting – as any other voting method – is bound to high legal standards, particularly imposing security requirements on the voting method. However, these legal standards, and resultant derived security requirements, partially oppose each other. As a consequence, Internet voting schemes cannot enforce these legally-founded security requirements to their full extent, but rather build upon specific assumptions. The criticality of these assumptions depends on the target election setting, particularly the adversary expected within that setting. Given the lack of an election-specific evaluation framework for these assumptions, or more generally Internet voting schemes, the adequacy of Internet voting schemes for specific elections cannot readily be determined. Hence, selecting the Internet voting scheme that satisfies legally-founded security requirements within a specific election setting in the most appropriate manner, is a challenging task. To support election officials in the selection process, the first goal of this dissertation is the construction of a evaluation framework for Internet voting schemes based on legally-founded security requirements. Therefore, on the foundation of previous interdisciplinary research, legally-founded security requirements for Internet voting schemes are derived. To provide election officials with improved decision alternatives, the second goal of this dissertation is the improvement of two established Internet voting schemes with regard to legally-founded security requirements, namely the Polyas Internet voting scheme and the Estonian Internet voting scheme. Our research results in five (partially opposing) security requirements for Internet voting schemes. On the basis of these security requirements, we construct a capability-based risk assessment approach for the security evaluation of Internet voting schemes in specific election settings. The evaluation of the Polyas scheme reveals the fact that compromised voting devices can alter votes undetectably. Considering surrounding circumstances, we eliminate this shortcoming by incorporating out of band codes to acknowledge voters’ votes. It turns out that in the Estonian scheme, four out of five security requirements rely on the correct behaviour of voting devices. We improve the Estonian scheme in that regard by incorporating out of band voting and acknowledgment codes. Thereby, we maintain four out of five security requirements against adversaries capable of compromising voting devices