Pretty Understandable Democracy 2.0

The technological advance is entering almost all aspects of our everyday life. One interesting aspect is the possibility to conduct elections over the Internet. However, many proposed Internet voting schemes and systems build on unrealistic assumptions about the trustworthiness of the voting environment and other voter-side assumptions. Code voting -- first introduced by Chaum [Cha01] -- is one approach that minimizes the voter-side assumptions. The voting scheme Pretty UnderstandableDemocracy [BNOV13] builds on the idea of code voting while it ensures on the server-side an arguably practical security model based on a strict separation of duty, i.e. all security requirements are ensured if any two components do not collaborate in order to violate the corresponding requirement. As code voting and strict separation of duty realizations come along with some challenges (e.g. pre-auditing phase, usability issues, clearAPIs), the goal of our research was to implement Pretty UnderstandableDemocracy and run a trial election. This paper reports about necessary refinements of the original scheme, the implementation process, and atrial election among the different development teams (each team being responsible for one component)

Coercion-Resistant Internet Voting in Practice

Internet voting continues to raise interest both among research and society. Throughout the last decades, many Internet voting schemes have been developed, each one providing particular properties such as receipt-freeness or end-to-end verifiability. One attractive scheme is the JCJ / Civitas scheme due to its property of making coercion attacks ineffective. Neumann and Volkamer [NV12] analyzed the scheme and identified significant usability issues. To overcome these drawbacks, the authors extended the original work by integrating smart cards. In a follow-up work, Neumann et al. [NFVK13] conducted a theoretical performance analysis for this extension and improved the extension towards its applicability in real-world elections. Their analysis left several real-world considerations open for future work. The present work addresses these gaps: We present a prototype implementation of the revised extension and assess its real-world performance. Based on this contribution, we are able to conclude that the revised extension is feasible to be used in real-world elections.&nbsp

Electronic Voting with Fully Distributed Trust and Maximized Flexibility Regarding Ballot Design

One common way to ensure the security in voting schemes is to distribute critical tasks between different entities — so called trustees. While in most election settings election authorities perform the task of trustees, elections in small groups such as board elections can be implemented in a way that all voters are also trustees. This is actually the ideal case for an election as trust is maximally distributed. A number of voting schemes have been proposed for facilitating such elections. Our focus is on a mix net based approach to maximize flexibility regarding ballot design. We proposed and implemented a corresponding voting scheme as an Android smartphone application. We believe smartphones are most likely to be used in the election settings that we consider in the paper. Our implementation also enables voters to remotely participate in the voting process. The implementation enables us to measure timings for the tallying phase for different settings in order to analyze whether the chosen mix net based scheme is suitable for the considered election settings

Towards A Practical JCJ / Civitas Implementation

Internet voting continues to enjoy wide interest from both research and practice. Among the Internet voting schemes developed over the last decades, JCJ / Civitas stands out from the masses due to its innovative approach to resist voter coercion. To achieve its ambitious goal, the scheme builds upon particularly restrictive assumptions and an abstract credential handling rendering the scheme impractical for real-world use. At ARES 2012, Neumann and Volkamer presented a proposal which implements several of these assumptions (voter-side assumptions) and the credential handling by the use of smart cards. While addressing these practical shortcomings of JCJ / Civitas, their proposal did not take performance into account, and accordingly its performance has not been evaluated. In the present work, we revise the ARES proposal from a performance perspective in a security-invariant manner. Based on the herein proposed revisions, we are able to conclude that the revised ARES proposal is feasible to be used in real-world elections

Towards A Practical JCJ / Civitas Implementation

Internet voting continues to enjoy wide interest from both research and practice. Among the Internet voting schemes developed over the last decades, JCJ / Civitas stands out from the masses due to its innovative approach to resist voter coercion. To achieve its ambitious goal, the scheme builds upon particularly restrictive assumptions and an abstract credential handling rendering the scheme impractical for real-world use. At ARES 2012, Neumann and Volkamer presented a proposal which implements several of these assumptions (voter-side assumptions) and the credential handling by the use of smart cards. While addressing these practical shortcomings of JCJ / Civitas, their proposal did not take performance into account, and accordingly its performance has not been evaluated. In the present work, we revise the ARES proposal from a performance perspective in a security-invariant manner. Based on the herein proposed revisions, we are able to conclude that the revised ARES proposal is feasible to be used in real-world elections

Pretty Understandable Democracy 2.0

The technological advance is entering almost all aspects of our everyday life. One interesting aspect is the possibility to conduct elections over the Internet. However, many proposed Internet voting schemes and systems build on unrealistic assumptions about the trustworthiness of the voting environment and other voter-side assumptions. Code voting -- first introduced by Chaum [Cha01] -- is one approach that minimizes the voter-side assumptions. The voting scheme Pretty UnderstandableDemocracy [BNOV13] builds on the idea of code voting while it ensures on the server-side an arguably practical security model based on a strict separation of duty, i.e. all security requirements are ensured if any two components do not collaborate in order to violate the corresponding requirement. As code voting and strict separation of duty realizations come along with some challenges (e.g. pre-auditing phase, usability issues, clearAPIs), the goal of our research was to implement Pretty UnderstandableDemocracy and run a trial election. This paper reports about necessary refinements of the original scheme, the implementation process, and atrial election among the different development teams (each team being responsible for one component)