Anonymous and Secure Electronic Voting: Protecting our Democratic Infrastructure
In the last decade, there have been several attempts in Europe and the US to move from paper-based voting to electronic voting. Many of these attempts have failed. A recent study on Estonia’s Internet electronic voting system reports:
“What we found alarmed us. There were staggering gaps in procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers, such as Russia. These attacks could alter votes or leave election outcomes in dispute. We have confirmed these attacks in our lab — they are real threats. We urgently recommend that Estonia discontinue use of the system."
We wish to design and implement a working system that is both practical and secure, and make it available to testing by researchers in Israel and abroad. The core of the problem with electronic voting is that often the integrity of the whole election relies on the correct functioning of the electronic equipment. However, in reality, one cannot trust any part of the system, be it hardware or software, and the challenge is to devise a cryptographic protocol that enables the verification of the correct functionality of a complicated, digital system, where the verification has to be made by a human being.
This situation has led to the introduction of the notion of "software independence". A voting system is software-independent if an undetected change or error in its software cannot cause an undetectable change or error in an election outcome. Several software-independent cryptographic protocols were suggested, including Pret-a-vote, Punchscan and Scantegrity. Scantegrity II was used in the Takoma Park municipal elections in Novemeber 2008.
We wish to implement a dual voting system, combining cryptographic and paper election, that combines the flavor of traditional paper based systems, while guaranteeing all the advantages of cryptographic electronic voting. We believe the transition to electronic voting is inevitable, and that there is no alternative to software-independent voting. In this research, we will study the delicate security issues involving electronic voting and will implement and test such a system.