Machine-checked proofs for electronic voting: privacy and verifiability for Belenios

International audienceWe present a machine-checked security analysis of Belenios-a deployed voting protocol used already in more than 200 elections. Belenios extends Helios with an explicit registration authority to obtain eligibility guarantees. We offer two main results. First, we build upon a recent framework for proving ballot privacy in EasyCrypt. Inspired by our application to Belenios, we adapt and extend the privacy security notions to account for protocols that include a registration phase. Our analysis identifies a trust assumption which is missing in the existing (pen and paper) analysis of Belenios: ballot privacy does not hold if the registrar misbehaves, even if the role of the registrar is seemingly to provide eligibility guarantees. Second, we develop a novel framework for proving strong verifiability in EasyCrypt and apply it to Belenios. In the process, we clarify several aspects of the pen-and-paper proof, such as how to deal with revote policies. Together, our results yield the first machine-checked analysis of both ballot privacy and verifiability properties for a deployed electronic voting protocol. Perhaps more importantly, we identify several issues regarding the applicability of existing definitions of privacy and verifiability to systems other than Helios. While we show how to adapt the definitions to the particular case of Belenios, our findings indicate the need for more general security notions for electronic voting protocols with registration authorities

E-Voting in an ubicomp world: trust, privacy, and social implications

The advances made in technology have unchained the user from the desktop into interactions where access is anywhere, anytime. In addition, the introduction of ubiquitous computing (ubicomp) will see further changes in how we interact with technology and also socially. Ubicomp evokes a near future in which humans will be surrounded by “always-on,” unobtrusive, interconnected intelligent objects where information is exchanged seamlessly. This seamless exchange of information has vast social implications, in particular the protection and management of personal information. This research project investigates the concepts of trust and privacy issues specifically related to the exchange of e-voting information when using a ubicomp type system

Combatting electoral traces: the Dutch tempest discussion and beyond

In the Dutch e-voting debate, the crucial issue leading to the abandonment of all electronic voting machines was compromising radiation, or tempest. Other countries, however, do not seem to be bothered by this risk. In this paper, we use actor-network theory to analyse the socio-technical origins of the Dutch tempest issue in e-voting, and its consequences for e-voting beyond the Netherlands. We introduce the term electoral traces to denote any physical, digital or social evidence of a voter's choices in an election. From this perspective, we provide guidelines for risk analysis as well as an overview of countermeasures

Electronic plebiscites

We suggest a technology and set of procedures by which a major democratic de?cit of modern society can be addressed. The mechanism, whilst it makes limited use of cryptographic techniques in the background, is based around objects and procedures with which voters are currently familiar. We believe that systems like this hold considerable potential for the extension of democratic participation and control

Public Evidence from Secret Ballots

Elections seem simple---aren't they just counting? But they have a unique, challenging combination of security and privacy requirements. The stakes are high; the context is adversarial; the electorate needs to be convinced that the results are correct; and the secrecy of the ballot must be ensured. And they have practical constraints: time is of the essence, and voting systems need to be affordable and maintainable, and usable by voters, election officials, and pollworkers. It is thus not surprising that voting is a rich research area spanning theory, applied cryptography, practical systems analysis, usable security, and statistics. Election integrity involves two key concepts: convincing evidence that outcomes are correct and privacy, which amounts to convincing assurance that there is no evidence about how any given person voted. These are obviously in tension. We examine how current systems walk this tightrope.Comment: To appear in E-Vote-Id '1

E-VOTING SYSTEMS: A TOOL FOR E-DEMOCRACY

Using electronic voting systems is divisive as some countries used such systems and others did not. Electronic voting (e-voting) is relatively a new concept based on its application that aims at reducing errors and improving the convenience and integrity of election process. This paper tried to explore the factors that influence the adoption of such systems in a university environment. The study utilized a sample of 302 bachelor degree students in a public Jordanian university and in relation to students’ council election process. Results indicated that students were keen on the concepts of trust and usefulness of e-voting when adopting such systems. The study supported the findings of TAM in the area of technology acceptance. Conclusions are at the end of this paper.E-government, e-democracy, e-voting, students’ elections.

Building a Multimodal, Trust-Based E-Voting System

This paper addresses the issue of voter identification and authentication, voter participation and trust in the electoral system. A multimodal/hybrid identification and authentication scheme is proposed which captures what a voter knows – PIN, what he has – smartcard and what he is – biometrics. Massive participation of voters in and out of the country of origin was enhanced through an integrated channel (kiosk and internet voting). A multi-trust voting system is built based on service oriented architecture. Microsoft Visual C#.Net, ASP.Net and Microsoft SQL Server 2005 Express Edition components of Microsoft Visual Studio 2008 was used to realize the Windows and Web-based solutions for the electronic voting system