Eric Dubuis

Measures to establish trust in internet voting

Technical research has achieved strong advances in addressing security concerns in internet voting, yet the solutions are complicated and difficult to explain to the public. Accordingly, internet voting commonly faces opposition despite the benefits voters and authorities may expect. It appears that security features are only one premise underlying a systems acceptance among the electorate. The other challenge is to exploit these features at establishing the required trust among the public. In this paper we introduce a number of measures meant to help at gaining trust. We hereby emphasize the importance of taking the exposition of a systems security features and the remaining risks as the foundation of any strategy. After describing the proposed measures and discussing both their advantages and pitfalls, we relate them to four commonly known applied internet voting systems.

Cast-as-Intended Verification in Electronic Elections Based on Oblivious Transfer

In this paper, we propose a new method for cast-as-intended verification in remote electronic voting. We consider a setting, in which voters receive personalized verification code sheets from the authorities over a secure channel. If the codes displayed after submitting a ballot correspond to the codes printed on the code sheet, a correct ballot must have been submitted with high probability. Our approach for generating such codes and transferring them to the voter is based on an existing oblivious transfer protocol. Compared to existing cast-as-intended verification methods, less cryptographic keys are involved and weaker trust and infrastructure assumptions are required. This reduces the complexity of the process and improves the performance of certain tasks. By looking at cast-as-intended verification from the perspective of an oblivious transfer, our approach also contributes to a better understanding of the problem and relates it to a well-studied cryptographic area of research.

Pseudo-Code Algorithms for Verifiable Re-encryption Mix-Nets

Implementing the shuffle proof of a verifiable mix-net is one of the most challenging tasks in the implementation of an electronic voting system. For non-specialists, even if they are experienced software developers, this task is nearly impossible to fulfill without spending an enormous amount of resources into studying the necessary cryptographic theory. In this paper, we present one of the existing shuffle proofs in a condensed form and explain all the necessary technical details in corresponding pseudo-code algorithms. The goal of presenting the shuffle proof in this form is to make it accessible to a broader audience and to facilitate its implementation by non-specialists.