Combatting electoral traces: the Dutch tempest discussion and beyond

In the Dutch e-voting debate, the crucial issue leading to the abandonment of all electronic voting machines was compromising radiation, or tempest. Other countries, however, do not seem to be bothered by this risk. In this paper, we use actor-network theory to analyse the socio-technical origins of the Dutch tempest issue in e-voting, and its consequences for e-voting beyond the Netherlands. We introduce the term electoral traces to denote any physical, digital or social evidence of a voter's choices in an election. From this perspective, we provide guidelines for risk analysis as well as an overview of countermeasures

A TECHNOLOGICAL FRAMEWORK FOR TRANSPARENT E-VOTING SOLUTION IN THE NIGERIAN ELECTORAL SYSTEM

This paper presents the design of a technological framework for electronic voting (E-voting) systems in Nigeria. The traditional voting system with paper ballots used in the Nigeria electoral system is time consuming and in most cases marred with irregularities due to system and/or human errors. These irregularities usually results in inconclusive electoral decisions, violent arguments, and expensive litigations. Certain technologies and recently card readers with biometric authentication have been employed to achieve transparent polls. However, high level frauds still accompany results due to human control of these technological devices and have not generated the required trust resulting in a drastic decrease in voter participation. The framework presented here seeks to combine different e-voting technologies in a way that best suit the Nigeria electoral system in order to build trust and boost participation. The result is an automated polling system that requires minimum supervision with adequate transparency and accuracy of the voting process. The framework showcased how a cost saving real-time electoral procedure can be achieved, with the presentation of precise and accurate results at the end of any election.  http://dx.doi.org/10.4314/njt.v35i3.2

Voting: What Has Changed, What Hasn't, & Why: Research Bibliography

Since the origins of the Caltech/MIT Voting Technology Project in the fall of 2000, there has been an explosion of research and analysis on election administration and voting technology. As we worked throughout 2012 on our most recent study, Voting: What Has Changed, What Hasn’t, & What Needs Improvement, we found many more research studies. In this research bibliography, we present the research literature that we have found; future revisions of this research bibliography will update this list.Carnegie Corporation of New Yor

Universally Verifiable Poll-Site Voting Schemes Providing Everlasting Privacy

Computer based voting brings up huge challenges for technology. On the one hand an electronic voting system has to be transparent enough to allow verification of its correct functioning; on the other hand, it must ensure that these verification procedures do not allow an attacker to violate voter privacy. Both requirements can be addressed by providing cryptographically secured voting receipts. Each voter cast his or her vote in encoded form and receives a copy of the recorded ballot as receipt. The voters can use these receipts to verify that their vote is contained in the input of the tally. Furthermore, the encoded votes are publicly processed, which allows voters and observers to check that the election outcome has been determined correctly. However, to provide a private and free election, no voter should be able to prove to someone else for whom he or she voted. This must not only be prevented during the election, but also afterwards for an indefinite period of time. Especially with respect to everlasting privacy this is not ensured by most verifiable voting systems. If the receipt contains, for instance, the voting decision encrypted using some public key cryptography, an attacker can determine the candidates selected as soon as the underlying computational problem has been solved for the key length chosen. In this work we provide a summary of privacy weaknesses that may arise in verifiable electronic poll-site voting systems, and we identify and solve open issues. More precisely, we concentrate on the following three questions: (1) How can we show correct anonymization of votes in an efficient and privacy preserving manner using a generic approach? (2) How can we introduce everlasting privacy to mixing and homomorphic tallying based voting schemes? (3) How can we reduce the amount of trust voters have to put in authorities regarding privacy? In electronic voting so-called reencryption mix-nets are used to anonymize votes. These mix-nets shuffles votes in a universally verifiable manner, i.e., they publish some audit information allowing voters and observers to verify that the votes came out as they went in. In practice, mostly generic verification procedures are used to show correctness of this process. However, many of them do not provide an adequate level of privacy. To address (1), we investigate several proposals and introduce a new protocol that combines existing approaches but improves them with respect to privacy and efficiency. Another drawback of mixing based voting schemes is that all implementations provide computational privacy only. We address (2) by presenting a mix-net that uses a homomorphic and unconditionally hiding commitment scheme to encode the votes and audit data, implying everlasting privacy. The correctness of the anonymization process is guaranteed with overwhelming probability, even if all authorities collaborate. An implication of our result is that many current voting systems that use mix-nets can be upgraded to everlasting privacy. Subsequently, we show that this protocol can be applied to Prêt à Voter and Split-Ballot imposing only minor changes to current implementations. The same approach is used to introduce everlasting privacy to homomorphic tallying based schemes. The votes are encoded with an unconditionally hiding commitment scheme, they are homomorphically tallied in public, and the result is decoded afterwards. To show that our solution can be applied to poll-site voting, we describe how the Scratch & Vote voting system can be improved using our tallying protocol. Again only minor changes to the classical scheme are necessary. To address (3), the approach of non-personalized receipts is analyzed. If the receipts handed out to the voters do not contain a link to their vote cast, they do not have to put their trust in authorities keeping this association secret. We introduce an electronic ballot box that generates non-personalized receipts using a process that is similar to the anonymization procedure carried out by mix-nets. The correctness of the receipt generation is universally verifiable. Furthermore, our approach improves on existing solutions with respect to correctness and privacy. Finally, we compare all voting systems that are improved in this work, highlight their advantages and disadvantages, and conclude with key issues for future work

Um modelo ontológico do sistema eleitoral brasileiro

Dissertação (mestrado)—Universidade de Brasília, Faculdade de Ciência da Informação, Programa de Pós-Graduação em Ciência da Informação, 2014.O voto é mais do que a informação registrada de uma opção. É um fenômeno que contempla: as percepções do eleitor sobre suas opções, as influências legítimas e ilegítimas, a percepção que o eleitor tem da opção dos outros, a utilidade de seu voto, a escolha, o registro em si do voto e o cômputo das escolhas individuais. Nesse contexto, o sistema eleitoral contempla os instrumentos e mecanismos empregados em países democráticos para constituir os poderes Executivo e Legislativo. Para promover a democracia, tais instrumentos e mecanismos devem ser projetados de forma adequada. Contudo, o conjunto de conceitos envolvidos no domínio eleitoral é complexo envolve aspectos distantes do senso comum. Logo, a definição adequada desses conceitos é condição necessária para explicar, comparar, avaliar e construir tais instrumentos e mecanismos de forma adequada. Assim, esta dissertação propõe um modelo de ontologia, aplicado ao sistema eleitoral brasileiro, fundamentado na proposta de Arquitetura da Informação do Grupo de Brasília. Para tanto, utiliza a Teoria da Escolha Social, a Teoria Geral da Arquitetura da Informação, ontologias de fundamentação e de processos e o paradigma de metassistema para propor um modelo em camadas que represente de forma adequada o domínio eleitoral, desde a epistemologia até a prática. A partir da perspectiva da liberdade do eleitor no ato de votar, instancia-se o modelo nas camadas da ciência e da prática, utilizando o sistema eleitoral brasileiro como base empírica. ___________________________________________________________________________________ ABSTRACTThe vote is more than the recorded information of a choice. It is a phenomenon that includes: the voter’s perceptions about their options, legitimate and illegitimate influences, the voter’s perception of the other’s choice, the value of their vote, their choices, the vote’s registry per se and the tally of their individual choices. In this context, the electoral system covers the instruments and mechanisms in use by democratic countries to constitute the executive and legislative powers. To promote democracy, such instruments and mechanisms should be designed appropriately. However, the set of concepts involved in the electoral domain is complex and involves aspects far from common sense. Therefore, to explain, compare, evaluate and build such instruments and mechanisms, a proper definition of these concepts is necessary. Thus, this dissertation proposes an ontology model, applied to the Brazilian electoral system, based on the proposed Information Architecture Group of Brasília. This dissertation also applies the Social Choice’s Theory, the General Theory of Architecture of Information, the foundational and process ontologies and the metasystem paradigm to propose a layered model to adequately represent the electoral domain, from epistemology to practice. On the perspective of voter’s freedom in voting act, the Brazilian electoral system is instantiated by the model as an empirical basis

Integrità elettorale e voto regionale

La sezione monografica ha un duplice intento. Da un lato, dar conto di alcuni degli sviluppi e delle problematiche di integrità elettorale associati alla dimensione propriamente procedurale delle consultazioni elettorali in Italia. In particolare sono stati considerati argomenti problematici che impattano sia sulla formazione dell’offerta politica (la trasparenza nella selezione e proposta delle coalizioni e delle candidature); la possibilità di un terzo mandato per i Presidenti di regione; l’uso della propaganda online nelle campagne elettorali regionali; l’espressione della partecipazione (l’opportunità di dotarsi di modalità di voto elettronico; l’incidenza del voto non valido nelle elezioni parlamentari in prospettiva comparata europea. Dall’altro lato si è inteso soffermare l’attenzione sul voto regionale, con riferimento ad alcuni degli aspetti procedurali appena richiamati, ma anche (secondo una prassi consolidata della Rivista) all’analisi delle elezioni regionali del febbraio 2023 – segnate da un forte tasso di astensionismo nonché da una netta affermazione della coalizione conservatrice che ha vinto le elezioni politiche del settembre 2022 – nelle due Regioni più popolose d’Italia: Lazio e Lombardia. L’insieme dei contributi si contraddistingue, oltre che per l’approfondimento dei temi con una particolare attenzione alla dimensione empirica, per la sua interdisciplinarietà che offre spazio a contributi di taglio non solo giuridico ma anche politologico

Privacy Issues in an Electronic Voting Machine

In this paper, we describe the Open Voting Consortium's voting system and discuss the privacy issues inherent in this system. By extension, many of the privacy issues in this paper also apply to other electronic voting machines, such as DREs (Direct Recording Electronic voting machines). The privacy issues illustrate why careful and thorough design is required to ensure voter privacy and ballot secrecy

Privacy issues in an electronic voting machine

In this paper, we describe the Open Voting Consortium’s voting system and discuss the privacy issues inherent in this system. By extension, many of the privacy issues in this paper also apply to other electronic voting machines, such as DREs (Direct Recording Electronic voting machines). The privacy issues illustrate why careful and thorough design is required to ensure voter privacy and ballot secrecy

Privacy Issues in an Electronic Voting Machine

This paper describes how the OVC model ensures ballot privacy. The OVC has developed the model for an electronic voting system largely in response to the reliability, usability, security, trustworthiness, and accessibility concerns of other voting systems. Privacy was kept in mind throughout the process of designing this system. Section 2 of this paper discusses the requirements for a secret ballot in more detail. Section 3 considers how secrecy could be compromised in some systems. Section 4 describes the architecture of the polling place components of the OVC system. Section 5 describes how the OVC handles the privacy concerns. Conclusion, acknowledgements, and references follow. While this paper focuses mostly on privacy issues for US-based elections, and how they are addressed in the OVC system, many of the issues raised are applicable elsewhere. 2. Secret Ballot Requirements The public policy goals of secret balloting ---to protect the privacy of the elector and minimize undue intimidation and influence---are supported by federal election laws and regulations. The Help America Vote Act of 2002 codifies this as "anonymity" and "independence" of all voters, "privacy" and "confidentiality" of ballots and requires that the Federal Election Commission create standards that "[preserve] the privacy of the voter and the confidentiality of the ballot." The Federal Election Commission (FEC) has issued a set of Voting System Standards (VSS) that serve as a model of functional requirements that elections systems must meet before they can be certified for use in an election. The FEC VSS state explicitly: To facilitate casting a ballot, all systems shall: [...] Protect the secrecy of the vote such that the system cannot reveal any information about how a particular voter ..