View
401
Download
4
Category
Preview:
DESCRIPTION
Citation preview
e-Voting
A Risk to Democracy
Ulrich Wiesner
www.ulrichwiesner.de
Copenhagen, 17 June 2010
20 years ago...
• Copenhagen Meeting on the Human
Dimensions of the CSCE, 5-29 June 1990
• Adopting as general standard:
– Rule of law
– Free, fair, periodical elections
– ...
– Presence of domestic and international observers
in elections
Topics
• Situation in Germany
• Requirements for democratic elections
• Issues
• Can cryptography fix it?
Convention on International Trade in
Endangered Species, 2010
Testing the Conference E-Voting
• "Could everyone please vote 'Yes' now?“
– 128 Yes, 7 No, 2 Abstain
• "Is Doha the capital of Qatar?“
– 134 Yes, 2 No, 1 Abstain (Cameroon, Croatia, China)
– 135 Yes, 2 Abstain (Nigeria, Azerbaijan)
Source: The Economist, 24 March 2010, http://www.economist.com/blogs/babbage/2010/03/electronic_voting
Why eVoting?
Inappropriate Reasons
• Because it’s cheaper (?)
• Because we’ve already
spent the money on the
equipment
• Because it saves 1 hr of
counting
• „Media attention for
Cologne“
Better Reasons
• Multi-vote elections
(cumulative voting)
• Complex voting schemes
• Multiple races or high
election frequencies
e-Voting: what is the issue?
• Paper based election: white box
• Ballot box is passive device
• No processing: Output is input
• Manipulations need to be conducted under the public’s eyes
• eVoting: black box
• Voting computer is active device
• Output might be input
• Processing not observable
Fraud and errors not observable
• PowerVote • PowerFraud
Raised as issue
•by Commission on Electronic Voting in IE (2003)
•by Korthals Altes commission in NL (2007)
•by Federal Constitutional Court in DE (2009)
Resulted in banning of e-Voting in all three countries
eVoting in Germany
Nedap Voting machines
– 1999 – 2008
– 2M votes in 2005
– 2’000 of 80’000 polling
stations
Digital Pen
– Introduction in Hamburg
abandoned in 2007
– No plans for internet
voting Circle size represents number of polling
stations using computers
Nedap Voting Computer
Digital Pen
• 2D dot pattern, 90 dpi
• Dots are offset in 4 directions (up,
down, left, right)
• Pattern of 6x6 dots provide
coordinates for pen,
• Addresses* 436 squares of 2x2mm2
e.g. 20’000x20’000 km2
• *)Anoto refers to 60M km2
Certification Process until 2009
• Federal Voting Machine Act (unconstitutional)
– Evaluation of sample device by Federal Institute
for Physics and Technology
– Certification of model by Federal Ministry of
Interior
– Permission for use in a specific election by Federal
Ministry of Interior
– No evaluation of individual devices
Principles of Elections
free
equal
general
secret
in public auditable
• Verifiability, transparency and secrecy (procedure)
ensure that elections are free, fair and general (values)
Constitutional Implementation (Germany)
Section 38 (1)
Members of the German Bundestag shall be elected in
general, direct, free, equal, and secret elections. […]
Section 20 (1)
The Federal Republic of Germany is a democratic and
social federal state.
Election Scrutiny
• Complaint to scrutiny
committee of
Bundestag
– Filed Nov 2005
– Rejected Dec 2006
• Complaint to Federal
Constitutional court
– Filed Feb 2007
– Hearing Oct 2008
– Judgement Mar 2009
German Federal Constitutional Court (2 BvC 3/07 – March 2009)
1. The fundamental decision for the principles of democracy, republic and conduct of law require elections to be conducted in a transparent manner.
2. All relevant steps need to be verifiable by the public (unless other constitutional principles require something else)
3. If voting technology is used, all relevant steps of the election and the determination of the result need to be verifiable by any citizen and without any specialist knowledge .
http://www.bundesverfassungsgericht.de/entscheidungen/rs20090303_2bvc000307en.html
Cryptography
Conflicting goals: Secrecy of vote and
transparency/auditability
In e-Voting, you can’t have both
Approach
• What all proposals have in common:
– Ballots have a unique id (random/serial number)
– Voters receive a receipt which contains their vote
in an encrypted form
– All encrypted votes are published
– Voter can verify that his vote is on the list
Cryptography and Elections
• Proposals:– Prêt-à-Voter (P A Ryan, D Chaum, S A Schneider, 2005)
– ThreeBallot (R L Rivest, 2006)
– Scratch & Vote (B Adida, R Rivest, 2006 )
– Punchscan (D Chaum, 2006)
– Scantegrity (D Chaum, 2007)
– Bingo-Voting (J M Bohli, J Müller-Quade, S Röhrich, 2007)
– VoteBox (D Wallach et al, 2007)
– Scantegrity 2 (D Chaum, R Rivest et al, 2008)
Scantegrity 2
• Goal: provide additional security to optical
scanning systems
Candidate C
Candidate B
Candidate A
123456
#123456
Candidate CJ3C
Candidate BW46
Candidate A1AC
123456
#123456
123456 123456
David Chaum et al., 2007
D. Chaum, R. Rivest, et al., 2008
Candidate CJ3C
Candidate B
Candidate A
123456
#123456
123456
prepare hide vote
Bingo Voting
• Preparation Phase
– For each voter, prepare
a random number for
every candidate
(“dummy votes”)
– Commit to
candidate/number pairs
– Commitments are
shuffled and published
on bulletin board
Bulletin BoardJens-Matthias Bohli, Jörn Müller-Quade,
Stefan Röhrich, 2007
Bingo Voting
Receipt #365345
Candidate A 7274005338
Candidate B 4331957287
Candidate C 0683785432
Candidate D 6875191193
Candidate A
6590639838
9833598816
0493602852
1282600713
4765268594
9878973891
3001529408
1796122212
9478710903
0139099844
3381155817
4714748971
...
Candidate B
2520374482
8363113427
4819451232
6198852851
7628033922
4331957287
6730909097
4044134963
9424374180
1707764919
8367481777
6882788475
...
Candidate C
7212101090
1256726340
2108748691
6588916051
3676093186
2907441205
9453541167
9799374379
0683785432
1129607005
5985589286
2959387527
...
Candidate D
0886217910
1929824271
9837776014
5298189700
0499224103
6875191193
9292058742
4839552381
6737547570
7873063572
7767137671
6576688585
...
Bingo Voting
• Voting Phase– Voter selects candidate
– Fresh random number is generated (“Bingo”) and presented to voter
– Machine will print receipt with • fresh random number next
to chosen candidate
• Dummy votes next to other candidates
– Voter verifies that fresh random number is next to the chosen candidate• Voter takes receipt home
for later verification
• Receipt does not allow the voter to proof his vote
Vote for
Candidate A
Bingo Voting
Receipt #365345
Candidate A 7274005338
Candidate B 4331957287
Candidate C 0683785432
Candidate D 6875191193
Bulletin Board
Bingo Voting
• With his vote for Candidate A, the voter reduces the number of remaining dummy votes for all other voters by 1
• At the end of the election, the result can be determined (and verified) by counting the un-used dummy votes.
Bingo Voting
• Post Voting Phase
– Publish results
– Publish all receipts
– List all unused dummy votes and corresponding
commitments
– Prove that every unopened commitment was
used on one receipt
• Makes use of Randomized Partial Checking
Cryptography - Issues
• Implementation
• Usability
• Verifiability
• Complexity
Summary
• Transparency and Verifiability!
– Fundamental feature
– Legitimates elected body
• Trade offs not acceptable:
– Secrecy vs. transparency/verifiability
– Verifiability vs. election efficiency
wahlcomputer@ulrichwiesner.de
Recommended