Verifiable Electronic Voting on the radar

This year’s European Conference of Electoral Management Bodies took place last month, with the conference topic as “New technologies in elections: public trust and challenges for electoral management bodies” [1].   Conclusion 21 of the conference “pointed to the issue of verifiability of the vote if electronic voting is used and the importance of providing effective means of verification whilst conducting e-enabled elections”.

Verifiability within an electronic voting system is concerned with providing ways to check that the system is processing votes correctly [2]. The ability to check that votes have been handled properly provides a way of countering bugs or deliberate software errors, as well as cyber attacks on election systems, and thereby provides confidence in the integrity of the election result.   However, designing verifiability into a system is challenging: on the one hand it needs to provide voters with a way of checking that their vote has been counted correctly within the overall tally, and a way of challenging the election if they find it has not; on the other hand it needs to maintain strict vote privacy so that voters cannot prove to anyone else how they voted.

Proposals in the academic literature tend to meet this challenge through use of cryptography, allowing the voter to cast the vote in encrypted form, and then providing mechanisms that allow the encrypted vote to be decrypted in such a way that it cannot be linked back to the voter. The voter is able to check that the encrypted vote has been properly recorded by the system – this is known as individual verifiability. Anonymisation and decryption of all the votes together can be carried out in a publicly verifiable way, where all the cryptographic steps can be independently checked. End-to-end verifiability demands ways of verifying all the steps, from verifying the vote is cast-as-intended (the encryption of the vote is correct), to recorded-as-cast (the encrypted vote is in the system), to counted-as-recorded (the votes have been processed correctly).   Eligibility verifiability is another aspect, concerned with being able to verify that all recorded votes are indeed from eligible voters.

Verifiability is now reaching the point where it is emerging from the electronic voting research community and impacting on the elections world. It is encouraging that electoral management bodies are recognizing the benefits that it can bring. Several verifiable systems have already been used, in political elections [3,4] and in University elections [5,6], and the state-of-the-art is still being developed. Our own experience of deploying a verifiable polling place voting system in the 2014 Victorian State Election, Australia [4] demonstrated that such systems are now feasible in practice. There are still many technical and sociological challenges ahead, but only verifiability can achieve the level of trust required for electronic elections.

 

References

[1] Synopsis of 13th European Conference of Electoral Management Bodies, April 14-15, 2016. Bucharest Rumania. http://www.venice.coe.int/webforms/documents/default.aspx?pdffile=CDL-EL%282016%29001syn-e

[2] Steve Schneider and Alan Woodward: E-Votng: Trust but Verify, Scientific American guest blog 2012.  http://blogs.scientificamerican.com/guest-blog/e-voting-trust-but-verify/

[3] Richard Carback, David Chaum, Jeremy Clark, John Conway, Aleksander Essex, Paul S. Herrnson, Travis Mayberry, Stefan Popoveniuc, Ronald L. Rivest, Emily Shen, Alan T. Sherman, Poorvi L. Vora: Scantegrity II Municipal Election at Takoma Park: The First E2E Binding Governmental Election with Ballot Privacy. USENIX Security Symposium 2010

[4] Craig Burton, Chris Culnane, Steve Schneider: Secure and Verifiable Electronic Voting in Practice: the use of vVote in the Victorian State Election. CoRR abs/1504.07098 (2015)

[5] Olivier de Marneffe, Olivier Pereira, Jean-Jacques Quisquater: Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios. EVT/WOTE 2009

[6] Jonathan Ben-Nun, Niko Fahri, Morgan Llewellyn, Ben Riva, Alon Rosen, Amnon Ta-Shma, Douglas Wikström: A New Implementation of a Dual (Paper and Cryptographic) Voting System. Electronic Voting 2012