SlideShare a Scribd company logo

Dr ulrich wiesner

Christian Wernberg-Tougaard
Christian Wernberg-Tougaard
1 of 25
Download to read offline
e-Voting A Risk to Democracy Ulrich Wiesner www.ulrichwiesner.de Copenhagen, 17 June 2010
20 years ago... • Copenhagen Meeting on the Human Dimensions of the CSCE, 5-29 June 1990 • Adopting as general standard: – Rule of law – Free, fair, periodical elections – ... – Presence of domestic and international observers in elections
Topics • Situation in Germany • Requirements for democratic elections • Issues • Can cryptography fix it?
Convention on International Trade in Endangered Species, 2010 Testing the Conference E-Voting • "Could everyone please vote 'Yes' now?“ – 128 Yes, 7 No, 2 Abstain • "Is Doha the capital of Qatar?“ – 134 Yes, 2 No, 1 Abstain (Cameroon, Croatia, China) – 135 Yes, 2 Abstain (Nigeria, Azerbaijan) Source: The Economist, 24 March 2010, http://www.economist.com/blogs/babbage/2010/03/electronic_voting
Why eVoting? Inappropriate Reasons Better Reasons • Because it’s cheaper (?) • Multi-vote elections • Because we’ve already (cumulative voting) spent the money on the • Complex voting schemes equipment • Multiple races or high • Because it saves 1 hr of election frequencies counting • „Media attention for Cologne“
e-Voting: what is the issue? • Paper based election: white • eVoting: black box box • Ballot box is passive device • No processing: Output is input • Voting computer is active • Manipulations need to be device conducted under the • Output might be input public’s eyes • Processing not observable
Fraud and errors not observable • PowerVote • PowerFraud Raised as issue •by Commission on Electronic Voting in IE (2003) •by Korthals Altes commission in NL (2007) •by Federal Constitutional Court in DE (2009) Resulted in banning of e-Voting in all three countries
eVoting in Germany Nedap Voting machines – 1999 – 2008 – 2M votes in 2005 – 2’000 of 80’000 polling stations Digital Pen – Introduction in Hamburg abandoned in 2007 – No plans for internet Circle size represents number of polling voting stations using computers
Nedap Voting Computer
Digital Pen • 2D dot pattern, 90 dpi • Dots are offset in 4 directions (up, down, left, right) • Pattern of 6x6 dots provide coordinates for pen, • Addresses* 436 squares of 2x2mm2 e.g. 20’000x20’000 km2 • *)Anoto refers to 60M km2
Certification Process until 2009 • Federal Voting Machine Act (unconstitutional) – Evaluation of sample device by Federal Institute for Physics and Technology – Certification of model by Federal Ministry of Interior – Permission for use in a specific election by Federal Ministry of Interior – No evaluation of individual devices
Principles of Elections • Verifiability, transparency and secrecy (procedure) ensure that elections are free, fair and general (values) se cre t free equal general in public auditable
Constitutional Implementation (Germany) Section 38 (1) Members of the German Bundestag shall be elected in general, direct, free, equal, and secret elections. […] Section 20 (1) The Federal Republic of Germany is a democratic and social federal state.
Election Scrutiny • Complaint to scrutiny committee of Bundestag – Filed Nov 2005 – Rejected Dec 2006 • Complaint to Federal Constitutional court – Filed Feb 2007 – Hearing Oct 2008 – Judgement Mar 2009
German Federal Constitutional Court (2 BvC 3/07 – March 2009) 1. The fundamental decision for the principles of democracy, republic and conduct of law require elections to be conducted in a transparent manner. 2. All relevant steps need to be verifiable by the public (unless other constitutional principles require something else) 3. If voting technology is used, all relevant steps of the election and the determination of the result need to be verifiable by any citizen and without any specialist knowledge . http://www.bundesverfassungsgericht.de/entscheidungen/rs20090303_2bvc000307en.html
Cryptography Conflicting goals: Secrecy of vote and transparency/auditability In e-Voting, you can’t have both
Approach • What all proposals have in common: – Ballots have a unique id (random/serial number) – Voters receive a receipt which contains their vote in an encrypted form – All encrypted votes are published – Voter can verify that his vote is on the list
Cryptography and Elections • Proposals: – Prêt-à-Voter (P A Ryan, D Chaum, S A Schneider, 2005) – ThreeBallot (R L Rivest, 2006) – Scratch & Vote (B Adida, R Rivest, 2006 ) – Punchscan (D Chaum, 2006) – Scantegrity (D Chaum, 2007) – Bingo-Voting (J M Bohli, J Müller-Quade, S Röhrich, 2007) – VoteBox (D Wallach et al, 2007) – Scantegrity 2 (D Chaum, R Rivest et al, 2008)
Scantegrity 2 • Goal: provide additional security to optical scanning systems 123456 123456 123456 123456 123456 123456 1AC Candidate A Candidate A Candidate A W46 Candidate B Candidate B Candidate B J3C Candidate C Candidate C J3C Candidate C #123456 #123456 #123456 prepare hide vote David Chaum et al., 2007 D. Chaum, R. Rivest, et al., 2008
Bingo Voting • Preparation Phase – For each voter, prepare a random number for every candidate (“dummy votes”) – Commit to candidate/number pairs – Commitments are shuffled and published on bulletin board Jens-Matthias Bohli, Jörn Müller-Quade, Bulletin Board Stefan Röhrich, 2007
Bingo Voting Vote for Candidate A • Voting Phase – Voter selects candidate – Fresh random number is generated (“Bingo”) and presented to voter – Machine will print receipt with • fresh random number next to chosen candidate • Dummy votes next to other candidates Bingo Voting Receipt #365345 – Voter verifies that fresh random number is next to Candidate A Candidate B Candidate C Candidate D Candidate A 7274005338 Candidate B 4331957287 the chosen candidate 6590639838 9833598816 2520374482 8363113427 7212101090 1256726340 0886217910 1929824271 Candidate C 0683785432 • Voter takes receipt home 0493602852 1282600713 4765268594 4819451232 6198852851 7628033922 2108748691 6588916051 3676093186 9837776014 5298189700 0499224103 Candidate D 6875191193 for later verification 9878973891 3001529408 4331957287 6730909097 2907441205 9453541167 6875191193 9292058742 1796122212 4044134963 9799374379 4839552381 • Receipt does not allow the 9478710903 0139099844 9424374180 1707764919 0683785432 1129607005 6737547570 7873063572 voter to proof his vote 3381155817 4714748971 8367481777 6882788475 5985589286 2959387527 7767137671 6576688585 ... ... ... ... Bulletin Board
Bingo Voting • With his vote for Candidate A, the voter reduces the number of remaining dummy votes for all other voters by 1 • At the end of the election, the result can be determined (and verified) by counting the un-used dummy votes.
Bingo Voting • Post Voting Phase – Publish results – Publish all receipts – List all unused dummy votes and corresponding commitments – Prove that every unopened commitment was used on one receipt • Makes use of Randomized Partial Checking
Cryptography - Issues • Implementation • Usability • Verifiability • Complexity
Summary • Transparency and Verifiability! – Fundamental feature – Legitimates elected body • Trade offs not acceptable: – Secrecy vs. transparency/verifiability – Verifiability vs. election efficiency wahlcomputer@ulrichwiesner.de

Recommended

Mitch Trachtenberg: Open Source for Election Integrity
Mitch Trachtenberg: Open Source for Election IntegrityMitch Trachtenberg: Open Source for Election Integrity
Mitch Trachtenberg: Open Source for Election IntegrityFriprogsenteret
 
Agenda
AgendaAgenda
AgendaChristian Wernberg-Tougaard
 
Oracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardOracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardChristian Wernberg-Tougaard
 
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014Christian Wernberg-Tougaard
 
GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014Christian Wernberg-Tougaard
 
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Christian Wernberg-Tougaard
 
Keynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationKeynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationChristian Wernberg-Tougaard
 
OECD Recommendation on Digital Government Strategies
OECD Recommendation on Digital Government StrategiesOECD Recommendation on Digital Government Strategies
OECD Recommendation on Digital Government StrategiesOECD Governance
 

Recommended

Mitch Trachtenberg: Open Source for Election Integrity
Mitch Trachtenberg: Open Source for Election IntegrityMitch Trachtenberg: Open Source for Election Integrity
Mitch Trachtenberg: Open Source for Election IntegrityFriprogsenteret
 
Agenda
AgendaAgenda
AgendaChristian Wernberg-Tougaard
 
Oracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardOracle Social Welfare and the Cloud - WernbergTougaard
Oracle Social Welfare and the Cloud - WernbergTougaardChristian Wernberg-Tougaard
 
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014
ICT-enablement of Minimum Income Support - EU Seminar April 3rd 2014Christian Wernberg-Tougaard
 
GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014GCC Social Security Conference - Ryiadh April 10th 2014
GCC Social Security Conference - Ryiadh April 10th 2014Christian Wernberg-Tougaard
 
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Christian Wernberg-Tougaard
 
Keynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationKeynote Address: Changing Public Sector Through ICT-innovation
Keynote Address: Changing Public Sector Through ICT-innovationChristian Wernberg-Tougaard
 
OECD Recommendation on Digital Government Strategies
OECD Recommendation on Digital Government StrategiesOECD Recommendation on Digital Government Strategies
OECD Recommendation on Digital Government StrategiesOECD Governance
 
Carsten schürmann eVoting
Carsten schürmann eVotingCarsten schürmann eVoting
Carsten schürmann eVotingChristian Wernberg-Tougaard
 
fingerprint based electronic voting machine
fingerprint based electronic voting machinefingerprint based electronic voting machine
fingerprint based electronic voting machinesanthu652
 
1_unit-1.1_Introduction to DIP.pptx
1_unit-1.1_Introduction to DIP.pptx1_unit-1.1_Introduction to DIP.pptx
1_unit-1.1_Introduction to DIP.pptxBUCHUPALLIVIMALAREDD2
 
THE RIDDLERS
THE RIDDLERSTHE RIDDLERS
THE RIDDLERSRishabh Daga
 
Input Devices Project For ITT Students
Input Devices Project For ITT StudentsInput Devices Project For ITT Students
Input Devices Project For ITT StudentsAkhil Sethiya
 
Fingerprint based voting machine ppt
Fingerprint based voting machine pptFingerprint based voting machine ppt
Fingerprint based voting machine pptitzmemidhu
 
Handwritten Signature Verification using Artificial Neural Network
Handwritten Signature Verification using Artificial Neural NetworkHandwritten Signature Verification using Artificial Neural Network
Handwritten Signature Verification using Artificial Neural NetworkEditor IJMTER
 
E-Voting Technology
E-Voting TechnologyE-Voting Technology
E-Voting TechnologyGautam Kumar
 
Jordi barrat
Jordi barratJordi barrat
Jordi barratChristian Wernberg-Tougaard
 
Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Christian Wernberg-Tougaard
 
Tarvi martens eVoting Estonia
Tarvi martens eVoting EstoniaTarvi martens eVoting Estonia
Tarvi martens eVoting EstoniaChristian Wernberg-Tougaard
 
Robert krimmer reduced
Robert krimmer reducedRobert krimmer reduced
Robert krimmer reducedChristian Wernberg-Tougaard
 
Christian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard
 
Christian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting SummaryChristian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting SummaryChristian Wernberg-Tougaard
 
Christian bull eVoting
Christian bull eVoting Christian bull eVoting
Christian bull eVoting Christian Wernberg-Tougaard
 
Skagestein cp hjune2010_static
Skagestein cp hjune2010_staticSkagestein cp hjune2010_static
Skagestein cp hjune2010_staticChristian Wernberg-Tougaard
 
VDAB Employment Services
VDAB Employment ServicesVDAB Employment Services
VDAB Employment ServicesChristian Wernberg-Tougaard
 
Uwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment ServicesUwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment ServicesChristian Wernberg-Tougaard
 
Servei De Ocupaci
Servei De OcupaciServei De Ocupaci
Servei De OcupaciChristian Wernberg-Tougaard
 
OPA For Unemployment
OPA For UnemploymentOPA For Unemployment
OPA For UnemploymentChristian Wernberg-Tougaard
 
Digital Impact On Labor
Digital Impact On LaborDigital Impact On Labor
Digital Impact On LaborChristian Wernberg-Tougaard
 
WCC Unemployment Presentation
WCC Unemployment PresentationWCC Unemployment Presentation
WCC Unemployment PresentationChristian Wernberg-Tougaard
 

More Related Content

Similar to Dr ulrich wiesner

fingerprint based electronic voting machine
fingerprint based electronic voting machinefingerprint based electronic voting machine
fingerprint based electronic voting machinesanthu652
 
Input Devices Project For ITT Students
Input Devices Project For ITT StudentsInput Devices Project For ITT Students
Input Devices Project For ITT StudentsAkhil Sethiya
 
Fingerprint based voting machine ppt
Fingerprint based voting machine pptFingerprint based voting machine ppt
Fingerprint based voting machine pptitzmemidhu
 
Handwritten Signature Verification using Artificial Neural Network
Handwritten Signature Verification using Artificial Neural NetworkHandwritten Signature Verification using Artificial Neural Network
Handwritten Signature Verification using Artificial Neural NetworkEditor IJMTER
 
E-Voting Technology
E-Voting TechnologyE-Voting Technology
E-Voting TechnologyGautam Kumar
 

Similar to Dr ulrich wiesner (8)

Carsten schürmann eVoting
Carsten schürmann eVotingCarsten schürmann eVoting
Carsten schürmann eVoting
 
fingerprint based electronic voting machine
fingerprint based electronic voting machinefingerprint based electronic voting machine
fingerprint based electronic voting machine
 
1_unit-1.1_Introduction to DIP.pptx
1_unit-1.1_Introduction to DIP.pptx1_unit-1.1_Introduction to DIP.pptx
1_unit-1.1_Introduction to DIP.pptx
 
THE RIDDLERS
THE RIDDLERSTHE RIDDLERS
THE RIDDLERS
 
Input Devices Project For ITT Students
Input Devices Project For ITT StudentsInput Devices Project For ITT Students
Input Devices Project For ITT Students
 
Fingerprint based voting machine ppt
Fingerprint based voting machine pptFingerprint based voting machine ppt
Fingerprint based voting machine ppt
 
Handwritten Signature Verification using Artificial Neural Network
Handwritten Signature Verification using Artificial Neural NetworkHandwritten Signature Verification using Artificial Neural Network
Handwritten Signature Verification using Artificial Neural Network
 
E-Voting Technology
E-Voting TechnologyE-Voting Technology
E-Voting Technology
 

More from Christian Wernberg-Tougaard

Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Christian Wernberg-Tougaard
 
Christian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard
 
Public Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg TougaardPublic Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg TougaardChristian Wernberg-Tougaard
 

More from Christian Wernberg-Tougaard (16)

Jordi barrat
Jordi barratJordi barrat
Jordi barrat
 
Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010Initial Consideration re eVoting in Denmark 2010
Initial Consideration re eVoting in Denmark 2010
 
Tarvi martens eVoting Estonia
Tarvi martens eVoting EstoniaTarvi martens eVoting Estonia
Tarvi martens eVoting Estonia
 
Robert krimmer reduced
Robert krimmer reducedRobert krimmer reduced
Robert krimmer reduced
 
Christian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting IntroductionChristian Wernberg-Tougaard eVoting Introduction
Christian Wernberg-Tougaard eVoting Introduction
 
Christian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting SummaryChristian Wernberg-Tougaard eVoting Summary
Christian Wernberg-Tougaard eVoting Summary
 
Christian bull eVoting
Christian bull eVoting Christian bull eVoting
Christian bull eVoting
 
Skagestein cp hjune2010_static
Skagestein cp hjune2010_staticSkagestein cp hjune2010_static
Skagestein cp hjune2010_static
 
VDAB Employment Services
VDAB Employment ServicesVDAB Employment Services
VDAB Employment Services
 
Uwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment ServicesUwv Werkbedrijf Employment Services
Uwv Werkbedrijf Employment Services
 
Servei De Ocupaci
Servei De OcupaciServei De Ocupaci
Servei De Ocupaci
 
OPA For Unemployment
OPA For UnemploymentOPA For Unemployment
OPA For Unemployment
 
Digital Impact On Labor
Digital Impact On LaborDigital Impact On Labor
Digital Impact On Labor
 
WCC Unemployment Presentation
WCC Unemployment PresentationWCC Unemployment Presentation
WCC Unemployment Presentation
 
Digitizing Social Welfare
Digitizing Social WelfareDigitizing Social Welfare
Digitizing Social Welfare
 
Public Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg TougaardPublic Sector Innovation Amcham Eu Wernberg Tougaard
Public Sector Innovation Amcham Eu Wernberg Tougaard
 

Dr ulrich wiesner

  • 1. e-Voting A Risk to Democracy Ulrich Wiesner www.ulrichwiesner.de Copenhagen, 17 June 2010
  • 2. 20 years ago... • Copenhagen Meeting on the Human Dimensions of the CSCE, 5-29 June 1990 • Adopting as general standard: – Rule of law – Free, fair, periodical elections – ... – Presence of domestic and international observers in elections
  • 3. Topics • Situation in Germany • Requirements for democratic elections • Issues • Can cryptography fix it?
  • 4. Convention on International Trade in Endangered Species, 2010 Testing the Conference E-Voting • "Could everyone please vote 'Yes' now?“ – 128 Yes, 7 No, 2 Abstain • "Is Doha the capital of Qatar?“ – 134 Yes, 2 No, 1 Abstain (Cameroon, Croatia, China) – 135 Yes, 2 Abstain (Nigeria, Azerbaijan) Source: The Economist, 24 March 2010, http://www.economist.com/blogs/babbage/2010/03/electronic_voting
  • 5. Why eVoting? Inappropriate Reasons Better Reasons • Because it’s cheaper (?) • Multi-vote elections • Because we’ve already (cumulative voting) spent the money on the • Complex voting schemes equipment • Multiple races or high • Because it saves 1 hr of election frequencies counting • „Media attention for Cologne“
  • 6. e-Voting: what is the issue? • Paper based election: white • eVoting: black box box • Ballot box is passive device • No processing: Output is input • Voting computer is active • Manipulations need to be device conducted under the • Output might be input public’s eyes • Processing not observable
  • 7. Fraud and errors not observable • PowerVote • PowerFraud Raised as issue •by Commission on Electronic Voting in IE (2003) •by Korthals Altes commission in NL (2007) •by Federal Constitutional Court in DE (2009) Resulted in banning of e-Voting in all three countries
  • 8. eVoting in Germany Nedap Voting machines – 1999 – 2008 – 2M votes in 2005 – 2’000 of 80’000 polling stations Digital Pen – Introduction in Hamburg abandoned in 2007 – No plans for internet Circle size represents number of polling voting stations using computers
  • 10. Digital Pen • 2D dot pattern, 90 dpi • Dots are offset in 4 directions (up, down, left, right) • Pattern of 6x6 dots provide coordinates for pen, • Addresses* 436 squares of 2x2mm2 e.g. 20’000x20’000 km2 • *)Anoto refers to 60M km2
  • 11. Certification Process until 2009 • Federal Voting Machine Act (unconstitutional) – Evaluation of sample device by Federal Institute for Physics and Technology – Certification of model by Federal Ministry of Interior – Permission for use in a specific election by Federal Ministry of Interior – No evaluation of individual devices
  • 12. Principles of Elections • Verifiability, transparency and secrecy (procedure) ensure that elections are free, fair and general (values) se cre t free equal general in public auditable
  • 13. Constitutional Implementation (Germany) Section 38 (1) Members of the German Bundestag shall be elected in general, direct, free, equal, and secret elections. […] Section 20 (1) The Federal Republic of Germany is a democratic and social federal state.
  • 14. Election Scrutiny • Complaint to scrutiny committee of Bundestag – Filed Nov 2005 – Rejected Dec 2006 • Complaint to Federal Constitutional court – Filed Feb 2007 – Hearing Oct 2008 – Judgement Mar 2009
  • 15. German Federal Constitutional Court (2 BvC 3/07 – March 2009) 1. The fundamental decision for the principles of democracy, republic and conduct of law require elections to be conducted in a transparent manner. 2. All relevant steps need to be verifiable by the public (unless other constitutional principles require something else) 3. If voting technology is used, all relevant steps of the election and the determination of the result need to be verifiable by any citizen and without any specialist knowledge . http://www.bundesverfassungsgericht.de/entscheidungen/rs20090303_2bvc000307en.html
  • 16. Cryptography Conflicting goals: Secrecy of vote and transparency/auditability In e-Voting, you can’t have both
  • 17. Approach • What all proposals have in common: – Ballots have a unique id (random/serial number) – Voters receive a receipt which contains their vote in an encrypted form – All encrypted votes are published – Voter can verify that his vote is on the list
  • 18. Cryptography and Elections • Proposals: – Prêt-à-Voter (P A Ryan, D Chaum, S A Schneider, 2005) – ThreeBallot (R L Rivest, 2006) – Scratch & Vote (B Adida, R Rivest, 2006 ) – Punchscan (D Chaum, 2006) – Scantegrity (D Chaum, 2007) – Bingo-Voting (J M Bohli, J Müller-Quade, S Röhrich, 2007) – VoteBox (D Wallach et al, 2007) – Scantegrity 2 (D Chaum, R Rivest et al, 2008)
  • 19. Scantegrity 2 • Goal: provide additional security to optical scanning systems 123456 123456 123456 123456 123456 123456 1AC Candidate A Candidate A Candidate A W46 Candidate B Candidate B Candidate B J3C Candidate C Candidate C J3C Candidate C #123456 #123456 #123456 prepare hide vote David Chaum et al., 2007 D. Chaum, R. Rivest, et al., 2008
  • 20. Bingo Voting • Preparation Phase – For each voter, prepare a random number for every candidate (“dummy votes”) – Commit to candidate/number pairs – Commitments are shuffled and published on bulletin board Jens-Matthias Bohli, Jörn Müller-Quade, Bulletin Board Stefan Röhrich, 2007
  • 21. Bingo Voting Vote for Candidate A • Voting Phase – Voter selects candidate – Fresh random number is generated (“Bingo”) and presented to voter – Machine will print receipt with • fresh random number next to chosen candidate • Dummy votes next to other candidates Bingo Voting Receipt #365345 – Voter verifies that fresh random number is next to Candidate A Candidate B Candidate C Candidate D Candidate A 7274005338 Candidate B 4331957287 the chosen candidate 6590639838 9833598816 2520374482 8363113427 7212101090 1256726340 0886217910 1929824271 Candidate C 0683785432 • Voter takes receipt home 0493602852 1282600713 4765268594 4819451232 6198852851 7628033922 2108748691 6588916051 3676093186 9837776014 5298189700 0499224103 Candidate D 6875191193 for later verification 9878973891 3001529408 4331957287 6730909097 2907441205 9453541167 6875191193 9292058742 1796122212 4044134963 9799374379 4839552381 • Receipt does not allow the 9478710903 0139099844 9424374180 1707764919 0683785432 1129607005 6737547570 7873063572 voter to proof his vote 3381155817 4714748971 8367481777 6882788475 5985589286 2959387527 7767137671 6576688585 ... ... ... ... Bulletin Board
  • 22. Bingo Voting • With his vote for Candidate A, the voter reduces the number of remaining dummy votes for all other voters by 1 • At the end of the election, the result can be determined (and verified) by counting the un-used dummy votes.
  • 23. Bingo Voting • Post Voting Phase – Publish results – Publish all receipts – List all unused dummy votes and corresponding commitments – Prove that every unopened commitment was used on one receipt • Makes use of Randomized Partial Checking
  • 24. Cryptography - Issues • Implementation • Usability • Verifiability • Complexity
  • 25. Summary • Transparency and Verifiability! – Fundamental feature – Legitimates elected body • Trade offs not acceptable: – Secrecy vs. transparency/verifiability – Verifiability vs. election efficiency wahlcomputer@ulrichwiesner.de