Helios: web-based truly verifiable voting
20
Helios web-based truly verifiable voting Ben Adida Harvard University MSR Voting Technology Workshop 19 March 2010
-
Upload
ben-adida -
Category
Technology
-
view
1.730 -
download
0
description
quick description of Helios at Microsoft Research Voting Workshop
Transcript of Helios: web-based truly verifiable voting
Heliosweb-based
truly verifiable votingBen Adida
Harvard University
MSR Voting Technology Workshop19 March 2010
“Web Based????”- many elections are happening
on the web already, whether we like it or not.
- online elections are the least auditable of all:you can’t even watch the ballot box.
- opportunity for a clear win:improve auditability of elections that willhappen online no matter what.
- risk: people will think web-based votingis okay for all eelections.
Low-Coercion
- web-based elections assumelow coercion already.
- If the voting public is a subset of the population, there may be inherent limits to coercion.
- e.g. university voting
Technical Concepts
- Probabilistic Encryption & Threshold Decryption.posting ciphertexts safely on a web site
- Homomorphic Tallying.no write-ins, proofs of correct plaintext
- Benaloh Challenge.cast or audit, authenticate only upon cast
- In-Browser Encryption.plaintext only in user’s browser
"AUDIT"
Alice
EncryptedBallot
Alice
DecryptedBallot
Alice
"CAST"
SignedEncryptedBallot
Alice
http://en.wikipedia.org/wiki/Image:Barcode-scanner.jpg
SignedEncryptedBallot
DecryptedBallot
EncryptedBallot
VERIFICATION
"Obama"
Helios System Details
- Python & JavaScript logic & crypto
- Free/Open-Source stack
- Deployed on Google App Engine
- Deployed on Apache/Python/PostgreSQL
- Customizableauthentication, look-and-feel, translations
So, does it work?
- Université catholique de Louvain25,000 eligible voters - 5000 votesUniversity president electionHelios 2.0, optimizedcustomized for UCL (French, improved UI)
- Princeton University undergraduate government5000 eligible voters - 1500 votesauthentication integration with CASHelios 3.0a
Université catholiquede Louvain
[de Marneffe, Pereira, Quisquater]
8
9
10
11
12
most fun tidbit
in the first round,the leader was
short of winningby 2 votes out of 5000.
most interesting lesson
spurious claimsare easily countered
Princeton
15
16
FROM TO 2010 2011 2012 2013
2009-12-14 17:00:002009-12-14 18:00:00 44 68 80 74
2009-12-14 18:00:002009-12-14 19:00:00 26 36 47 43
2009-12-14 19:00:002009-12-14 20:00:00 13 10 16 27
2009-12-14 20:00:002009-12-14 21:00:00 11 21 21 22
2009-12-14 21:00:002009-12-14 22:00:00 6 14 17 18
2009-12-14 22:00:002009-12-14 23:00:00 4 5 9 9
2009-12-14 23:00:002009-12-15 00:00:00 3 1 8 7
2009-12-15 00:00:002009-12-15 01:00:00 0 6 6 6
2009-12-15 01:00:002009-12-15 02:00:00 5 14 6 11
2009-12-15 02:00:002009-12-15 03:00:00 10 15 2 8
2009-12-15 03:00:002009-12-15 04:00:00 3 5 7 5
2009-12-15 04:00:002009-12-15 05:00:00 9 5 5 0
2009-12-15 05:00:002009-12-15 06:00:00 2 1 6 2
2009-12-15 06:00:002009-12-15 07:00:00 2 3 1 5
2009-12-15 07:00:002009-12-15 08:00:00 1 6 2 3
2009-12-15 08:00:002009-12-15 09:00:00 0 1 0 0
2009-12-15 09:00:002009-12-15 10:00:00 0 0 0 0
2009-12-15 10:00:002009-12-15 11:00:00 0 0 0 0
2009-12-15 11:00:002009-12-15 12:00:00 0 0 0 0
2009-12-15 12:00:002009-12-15 13:00:00 0 0 0 0
2009-12-15 13:00:002009-12-15 14:00:00 0 2 1 0
2009-12-15 14:00:002009-12-15 15:00:00 1 2 0 0
2009-12-15 15:00:002009-12-15 16:00:00 0 1 0 0
2009-12-15 16:00:002009-12-15 17:00:00 3 0 1 1
2009-12-15 17:00:002009-12-15 18:00:00 1 0 0 1
2009-12-15 18:00:002009-12-15 19:00:00 1 1 2 1
2009-12-15 19:00:002009-12-15 20:00:00 25 27 4 15
2009-12-15 20:00:002009-12-15 21:00:00 6 5 1 12
2009-12-15 21:00:002009-12-15 22:00:00 0 13 2 3
2009-12-15 22:00:002009-12-15 23:00:00 3 0 1 4
2009-12-15 23:00:002009-12-16 00:00:00 0 2 2 2
2009-12-16 00:00:002009-12-16 01:00:00 1 4 0 1
2009-12-16 01:00:002009-12-16 02:00:00 2 5 4 1
2009-12-16 02:00:002009-12-16 03:00:00 1 3 4 5
2009-12-16 03:00:002009-12-16 04:00:00 0 0 0 0
2009-12-16 04:00:002009-12-16 05:00:00 0 0 0 0
2009-12-16 05:00:002009-12-16 06:00:00 0 0 0 0
2009-12-16 06:00:002009-12-16 07:00:00 0 0 0 0
2009-12-16 07:00:002009-12-16 08:00:00 0 0 0 0
2009-12-16 08:00:002009-12-16 09:00:00 0 0 0 0
2009-12-16 09:00:002009-12-16 10:00:00 0 0 0 0
2009-12-16 10:00:002009-12-16 11:00:00 0 0 0 0
2009-12-16 11:00:002009-12-16 12:00:00 0 0 0 0
2009-12-16 12:00:002009-12-16 13:00:00 0 0 0 0
2009-12-16 13:00:002009-12-16 14:00:00 0 0 0 0
2009-12-16 14:00:002009-12-16 15:00:00 0 0 0 0
2009-12-16 15:00:002009-12-16 16:00:00 0 0 0 0
2009-12-16 16:00:002009-12-16 17:00:00 0 0 0 0
2009-12-16 17:00:002009-12-16 18:00:00 0 0 0 0 0
20
40
60
80
Princeton Winter 2009 Runoff Election, # votes cast per class per hour
2010 2011 2012 2013
most interesting lesson
voting is error-prone ;true verifiability can help recover
Open Problems
- Java!
- additional ways of ensuring that thesame booth code is run by all.
- giving a choice to voters to do a trueinteractive proof of the vote they actually cast.
- STV?
- Deep Issue: is enforced privacy over?
