End-to-End Verifiable Voting

Loading...

En provenance du cours de University of Michigan

Securing Digital Democracy

100 notes

University of Michigan

Securing Digital Democracy

100 notes

In this course, you'll learn what every citizen should know about the security risks--and future potential — of electronic voting and Internet voting. We'll take a look at the past, present, and future of election technologies and explore the various spaces intersected by voting, including computer security, human factors, public policy, and more.

À partir de la leçon

New Technology and Policy

Lessons learned

Post-Election Auditing16:40

End-to-End Verifiable Voting12:30

Verifying an E2E Result11:01

Rencontrer les enseignants

J. Alex Halderman
Associate Professor
Electrical Engineering and Computer Science

What if we could use technology to fundamentally change the way that we

provide election security? To make elections that were more secure,

more verifiable with higher voter confidence than, than ever before.

This is the promise that is driving a very active field of research in computer

science today. Into what are called end to end verifiable

voting systems. So as, as a voter today you don't really

know what's happening behind the curtain. Even if the process is observable few

voters will actually be there to watch it. You, you'll probably have to trust other

people to be there making sure that everything's being done right.

Often you don't even get to choose who those people are so there's always going

to be some room for doubt in the back of your mind that your vote was counted

correctly. But let's say we wanted to have some way

to dispel this doubt. We actually wanted to have a system that,

that could give every voter some notion of verifiability.

So, this is what end to end or E2E voter verifiability is all about.

In an E2E system, as a voter you can be sure that your vote is cast as you

intended, that your vote is counted as you cast it and that all votes are counted as

cast. And this isn't just in principle, I mean

you can verify that your personal vote was counted the way you cast it.

So let me give you a thought experiment to prove that this is at least possible in

principle. So what if our voting system involved the

following. We were going to collect everyone's ballot

and then the next day in the newspaper we're going to print everyone's name and

address together with how they voted. So we can see that this provides these

properties. You can verify that your vote was cast the

way you intended. You can verify it was counted the way you

cast it. It's going to be possible for every voter

to do that. So you can be sure that if there's

significant discrepancies, they're going to be caught.

There's one major problem with this, it's not a secret ballot.

So the question is, can we provide a system that has all these verifiability

properties, but also ensures that no voter can demonstrate how he or she voted to a

third party, that provides a strong notion of ballot secrecy.

Many researchers think the answer is yes. We can provide a system that is both

verifiable and maintains the secret ballot And the way that they propose to do this

is by introducing computer cryptography to the process.

So here's how the voting process might look to a, a voter using an E2E

verifiable voting system. They vote normally using the, the whatever

process they use being it a DRE or an op- scan paper ballot.

But at the end of the process they'd get a verifiable receipt, maybe something that

looks like this. So the receipt is something you can take

home with you but it provides a secret ballot because it, it doesn't show how you

voted. Instead you get a long sequence of letters

and digits or a bar code. Either of these is essentially a computer

record of your vote that's been encrypted with a secret key you don't have.

So this is going to be something that you can use to check that your individual

ballot was counted correctly but that can't be used to prove to anyone else how

you voted. We're also going to have to change the way

that the election results are posted. Instead of publishing in the newspaper the

way everyone voted, we're going to replace those voter choices with the same kind of

encrypted form of each person's ballot. So, now you have a way to check your

result and to check that it's actually been incorporated into the count.

The first thing you can check is that the election total is correct.

And so the way this happens is that you can take all of those encrypted ballots

that were published in the paper, and perform a mathematical proof that shows

that they add up to whatever totals have been announced on election day.

I'll show you a bit about how that works later.

But now, any voter who cares to do so can A, check that their own encrypted ballots

are listed in the totals, can check that the other voters whose names appear there

are legitimate voters, the officials haven't just made up people along with

their votes, and they can check the mathematical proof of the correctness of

the tally. So these things together provide you with

very strong evidence that the election outcome was correct.

And you can do this without having to trust that the people performing the

counts were doing their jobs correctly or that they're fundamentally honest.

So, this is the promise of E2E verifiable systems.

So one neat thing about E2E is that it won't necessarily change what voters have

to do. Voter participation is fundamentally

optional. Voters can use their receipts to check

that their results are properly recorded, or they can just throw their receipts in

the trash. If enough voters check, however, this is

like a, a form of distributed audit, and any large fraud is extremely likely to be

caught. The other thing that voters can do is try

to verify the accuracy of that mathematical proof that the announced

totals match the published receipts or the encrypted votes.

They can either verify the accuracy using an application that they wrote themselves,

because the cryptography is all publicly described.

Or they can download applications to do this from a source that they trust.

Or they can just believe verifications that are done and published by political

parties or other institutions they trust. Or they can just do what they do now,

accept the results without question. So this sounds great.

Potentially this would be a, a huge security advantage.

But there are lots of details we have to get right.

Two of the most important questions are, how do voters know that these receipts

they get actually match their choices? They could just be random numbers that

have been made up, or encryptions of some other vote.

The second question is, how are voters supposed to be convinced that the

published encrypted votes actually correspond to the announced tallies?

How does that process of the mathematical proof work, and is it going to be

convincing for voters? So here's one way an E2E system could

convince you that, that encrypted receipt actaully matches the choices on your

ballot. So let's see you're at the polls and

you're about to cast your ballot, you've already filled it out and you've received

an, a receipt that's allegedly the encryption of your ballot.

This kind of scheme, would give you a choice.

You can either cast the ballot then and there and accept that the receipt is

correct, or you can challenge the receipt. If you cast, your ballot will go into the

box. If you challenge, then the election

officials will have to decrypt that encrypted ballot, and show you that it

actually matches your choices. So in this way you can repeat this

challenge process as many times as you want until you're satisfied.

If at any point you open it up and, you find that it's not your intended vote then

that's evidence that the system was trying to cheat, and we can proceed to

investigate and find the cause. So end to end systems have been a subject

of research for many years now. But only in the, the past few years have

they started to emerge from the laboratory, and be something that's,

that's been tested in actual practice. Probably the system that's gotten the most

use and most real world experience is one called Scantegrity.

Scantegrity is an end to end verifiable voting system that is used with optical

scan paper ballots of the type that we're all familiar with.

It involves just a few changes to the process from the voter's perspective.

First you're given a ballot that has bubbles that are pre-printed with

verification codes written in invisible ink.

You use a special pen to cast your vote and mark the bubbles and when you mark a

bubble you're given a short alphanumeric code that corresponds to each choice you

made. The voter gets to write these codes down,

together with the serial number of the ballot, and that forms their cryptographic

receipt. Then after the election, voters can go

online and use a website to verify that their receipt matches the ballot that's

been recorded. And they can verify later through a public

audit process that all of the other votes were totaled up correctly and match the

official tallies. Scantegrity is great because it's just a

fairly simple addition to existing optical scan balloting.

But it provides these, these end to end verifiable properties, for voters who, who

would like to take advantage of them. And if enough voters do, that strengthens

the process for everyone. Because it's like another form of

distributed audit. Scantegrity has been tested now in two

real elections for public office, both in Tacoma Park, Maryland, in 2009 and then in

2011. The researchers learned a lot from these

processes and have gone back to the lab in hopes of perfecting the system and making

it something that's broadly usable in other places as well.

Another E2E system that has recently emerged form the lab is a system called

Helios and unlike Scantegrity, Helios is designed for online elections.

Voters visit a website and fill out their ballot in a form in their browser and then

they're given a cryptographic receipt in the form of a block of text that they can copy

out of the browser program. Voter's can verify this receipt in several

ways, either directly through the Helios website.

Or if they don't trust it they can go to a independent website.

Or they can even implement the Helios software themselves and verify it that

way. Helios has yet to be used in a binding

election for public office. In fact their, the creators of Helios say,

that it's nowhere near being ready to be used in real public elections.

But it has been used in some large scale private elections, including the election

for the presidency of the International Association for Cryptographic Research.

Helios raises some difficult questions. Is internet voting using an end to end

verifiable system something we can make secure?

There are a number of attacks that you can imagine would be possible.

Including attacks on the user's client system.

Malware on the client could interfere both with vote casting and with vote

verification. So, unless users verify their vote on a

separate uninfected device the malware could change the vote without being

detected. Because of questions like this it's

difficult to be sure whether E2E voting will ever be something strong enough to

provide actually secure internet voting we can rely on.

But it's likely that if internet voting is ever something we can secure, some

technology like this will be a part of it.

Explorer notre catalogue

Rejoignez-nous gratuitement et obtenez des recommendations, des mises à jour et des offres personnalisées.

Coursera propose un accès universel à la meilleure formation au monde, en partenariat avec des universités et des organisations du plus haut niveau, pour proposer des cours en ligne.

© 2019 Coursera Inc. Tous droits réservés.

Télécharger dans l'App Store

Disponible sur Google Play