Authentication Techniques, Client-Side Voting Software, and Secure Platform Mechanisms

Electronic voting is still a hot topic. You can mainly distinguish between three types of electronic voting, namely direct recording electronic voting devices in polling stations, scan based electronic voting systems, and remote electronic voting. In this paper we focus on the last category and in particular we discuss three dimensions that are specific for remote Internet voting. These are voter identification and authentication techniques, client-side voting software used to cast the vote and secure platform mechanisms to overcome vulnerabilities of the client used by the voter to cast her vote. We describe and analyze different implementations of each of these in the context of remote Internet voting, and assess their performance based on usability, security, costs, and maintenance issues. We identify combinations that cannot be applied at the same time and make recommendations for the application of particular implementations for specific types of elections

Mental Models of Verifiability in Voting

In order for voters to verify their votes, they have to carry out additional steps besides selecting a candidate and submitting their vote. In previous work, voters have been found to be confused about the concept of and motivation for verifiability in electronic voting when confronted with it. In order to better communicate verifiability to voters, we identify mental models of verifiability in voting using a questionnaire distributed online in Germany. The identified mental models are Trusting No Knowledge Observer Personal Involvement and Matching models. Within the same survey, we identify terms that can be used in place of ‘verify’ as well as security-relevant metaphors known to the voters that can be used to communicate verifiability

Recommendations for E-Voting System Usability: Lessons from Literature for Interface Design, User Studies and Usability Criteria

These recommendations are for use in the following: E-Voting System Interface Design User Studies Usability Criteria While studies in the literature focus on a variety of e‐voting systems, including voting machines and punch cards, the recommendations here are for Internet‐based and cryptographically‐verifiable voting systems. Readers interested in more information i

Partial Verifiability in POLYAS for the GI Elections

We discuss the use of POLYAS, an Internet voting system, in GI elections before 2010, in 2010 and 2011, as well as in future. We briefly describe how the system was extended in 2010 to provide partial verifiability and how the integrity of the GI election result was verified in the 2010 and 2011 elections. Information necessary for partial verifiability has so far only been made available to a small group of researchers. In future it would be ideal to make this, and more information, available to the general public, or to GI members, in order to increase the level of verifiability. We highlight legal considerations accompanying these possibilities, including publishing more details about the election results, the requirement for secret elections and avoiding vote buying, and how to handle complaints. Motivated by legal constraints, we propose further improvements to the POLYAS system. Finally, we generalize our findings to any partially verifiable Internet voting system

Introducing Verifiability in the POLYAS Remote Electronic Voting System

Remote electronic voting continues to attract attention. A greater number of election officials are opting to enable a remote electronic voting channel. More and more scientific papers have been published introducing or improving existing remote electronic voting protocols. However, while the scientific papers focus on different aspects of verifiability, most of the systems in use do not provide verifiability. This gap is closed in this paper by extending a widely used remote electronic voting system, the POLYAS system, to provide verifiability. This approach has been tested in the 2010 election of the German Society for Computer Scientists and will be applied in future elections

Developing and Testing a Visual Hash Scheme

Users find comparing long meaningless strings of alphanumeric characters difficult, yet they have to carry out this task when comparing cryptographic hash values for https certificates and PGP keys, or in the context of electronic voting. Visual hashes - where users compare images rather than strings - have been proposed as an alternative. With the visual hashes available in literature, however, people are unable to sufficiently distinguish more than 30 bits. Obviously, this does not provide adequate security against collision attacks. Our goal is to improve the situation: a visual hash scheme was developed, evaluated through pilot user studies and improved iteratively, leading to CLPS, which encodes 60 distinguishable bits using Colours, Patterns and Shapes. In the final user study, participants attained an average accuracy rate of 97% when comparing two visual hash images, with one placed above the other. CLPS was further tested in two follow-up studies, simulating https certificate validation and verifying in remote electronic voting. The results of this work and their implications for practical applications of visual hash schemes are discussed

Pretty Understandable Democracy - A Secure and Understandable Internet Voting Scheme

Internet voting continues to raise interest. A large number of Internet voting schemes are available, both in use, as well as in research literature. While these schemes are all based on different security models, most of these models are not adequate for high-stake elections. Furthermore, it is not known how to evaluate the understandability of these schemes (although this is important to enable voters' trust in the election result). Therefore, we propose and justify an adequate security model and criteria to evaluate understandability. We also describe an Internet voting scheme, Pretty Understandable Democracy, show that it satisfies the adequate security model and that it is more understandable than Pretty Good Democracy, currently the only scheme that also satisfies the proposed security model

Voter, what message will motivate you to verify your vote?

There is increasing interest in verifiable Internet voting systems that enable voters to verify the integrity of their vote on the voting platform prior to casting it, and any interested party to verify the integrity of the election results. The ease with which a vote can be verified plays a key role. Empowering individual voters to act as interested yet objective verifiers increases the probability of fraud detection. Verifying constitutes additional effort, something humans resist unless the benefits are compelling enough. Thus, what is the best way to provide such motivation? We report on a survey, distributed to 123 respondents, in which we explore the effects of three types of motivating messages on voters’ intention to verify a vote, using a smartphone app. The motivating messages were intended to increase the intention to verify a vote. Our findings have persuaded us that further research on the use of motivating messages in the context of verifiable voting is warranted