7

There are many design goals for an e-voting system. My question concerns a conflict between 2 particular goals:

  • A voter should be able to verify that their vote was correctly tallied
  • A voter should not be able to prove how they voted (to prevent vote selling)

I've looked into various e-voting systems and none of them appear to be able to satisfy these 2 goals simultaneously.

Some researchers argue that end-to-end auditability and receipt-freeness should be considered to be orthogonal properties. (Wikipedia)

Is this an unsolved problem?

bkoodaa
  • 629
  • 7
  • 12
  • It has been proven that e-voting systems cannot unconditionally satisfy privacy and verifiability simultaneously. By comparison, e-voting systems can satisfy privacy and verifiability with overwhelming probability. Indeed, the e-voting protocol proposed by Juels, Catalano & Jakobsson simultaneously achieves these two properties. – user2768 Apr 18 '17 at 14:59
  • The paper you referenced states: "We also do not treat the problem of enabling voters to verify that their votes have been counted." – bkoodaa Apr 18 '17 at 20:51
  • 1
    I don't know why they wrote that, they also write "In the full paper, we offer formal definitions for...verifiability of election schemes, a detailed security-proof outline...", which supports my claim. Perhaps refer to http://www.cs.cornell.edu/projects/civitas/papers/clarkson_civitas_tr.pdf. – user2768 Apr 19 '17 at 09:47
  • That paper is amazing! – bkoodaa Apr 20 '17 at 10:42
  • If you adopt the same mechanisms that paper voting uses the problem is easily solved. e-voting has never been a technical issue. You're actually worrying about a political problem. – Paul Uszak Apr 26 '17 at 21:27
  • @PaulUszak Paper voting does not offer verifiability. That's acceptable, because the way tallying is done, no single person is able to steal the election (compared to remote e-voting, where a single hacker/system administrator/software provider/hardware provider can change the election outcome). For this reason remote e-voting has to be verifiable. If you read the Civitas paper linked above you, I'm sure you will change your mind. This is a technical problem. – bkoodaa Apr 26 '17 at 21:34
  • A student report from 2007? ICBC Bank is valued at $3T. If a single hacker could steal all that money, your little election would not really matter as the world would end. It hasn't and the bank prospers. It's nothing to do with IT if you read a little more broadly. – Paul Uszak Apr 26 '17 at 22:13
  • @PaulUszak I'm not sure if you are serious or trolling, but I'll respond anyway. That "student report" has been cited 305 times and in that they present the technical solution to the technical problem which you claim does not exist. – bkoodaa Apr 26 '17 at 22:35
  • @PaulUszak With regards to bank hacking, here's a news article about a $300M bank hack: https://www.rt.com/news/232627-banks-hacked-russian-expert/ although this is not relevant to voting at all. Banking has very different security requirements. In particular, they don't have to keep transactions anonymous, which makes it very hard to get away with the money. – bkoodaa Apr 26 '17 at 22:37
  • @PaulUszak With regards to hacking elections, here is an independent review of Estonia's e-voting system: https://estoniaevoting.org/findings/summary/ Here's a case from the U.S.: https://arstechnica.com/tech-policy/2015/04/meet-the-e-voting-machine-so-easy-to-hack-it-will-take-your-breath-away/ – bkoodaa Apr 26 '17 at 22:40
  • Voting isn't anonymous, at least not in the UK. This speaks directly to your 2nd bullet point. I'll leave it there. – Paul Uszak Apr 26 '17 at 23:22
  • The big difference between hacking an election and hacking a bank is that you can usually 'undo' a bank hack and recover the money, I've heard something like 1% of all electronic transactions are fraudulent but I'm sure its a cat and mouse game where the bank recovers most of the stolen money (and has insurance on the remaining losses). – daniel Apr 28 '17 at 09:45

3 Answers3

3

The second property is formally called receipt freeness. Any voting system based on probabilistic encryption cannot be receipt free, because the voter uses a random value to construct the vote, this random value can serve as a receipt. The solution given to this problem is by having an authority create the vote and the voter simply selects it from a presented list. The first protocol to achieve this is as far as I know is the one described in the paper Receipt-free secret-ballot elections from Benaloh and Tuinstra. A more widely used example is Efficient receipt-free voting based on homomorphic encryption from Hirt and Sako. You can check these references especially the second one on details about how to achieve verifiability.

Panagiotis Grontas
  • 843
  • 5
  • 14
1

I believe you can have a system that gives a receipt that increases personal voter confidence but cannot be used to prove how a voter voted. But this method requires already having a shared secret between the voter and the voting authority. Also the voter can only prove to themselves that their vote was tallied correctly, they couldn't show this proof to someone else.

A voter couldn't say "look at this evidence that the government didn't count my vote" but also couldn't say "look at this evidence that I voted for who you told me to".

https://security.stackexchange.com/questions/152044/is-this-voting-system-secure-in-an-information-theory-sense

daniel
  • 912
  • 5
  • 15
0

Punchscan does this, though it's not a purely electronic system. I'm not aware of any purely electronic (online) system that satisfies these properties, but having a paper trail makes audits easier and improves security anyway. Scantegrity is an updated version.

SAI Peregrinus
  • 5,836
  • 19
  • 26