Background

Most online voting systems operate based on a trusted solution. This means that the security and integrity of the system is dependent on the administration team operating it. End to End Verifiable solutions are designed to remove any aspect of Administrator interference of the solution, giving the voter the ability to check the system directly. There are significant differences between the two types of solutions.

Trusted election system

Typically, an independent organisation is used to setup and manage the online election process. They can see the votes coming in, who has voted and how they have voted, they have access to all parts of the process at every stage. Those that have access to the administration of the online voting system therefore are trusted that they will not do anything that impacts the election result or the process. In the UK currently most if not all election online election process is provided as ‘Trusted’ solutions. Some organisations mention they have End to End online election systems and services, these are still trusted solutions whereby the organization has end to end control of the process, however, are not comparable to a true End to End Verifiable solution.

End-to-End Verifiable election system

Verifiable systems work independently of any administrator once setup and are locked prior to any votes being cast. At the close of the election, they can only be unlocked by those authorised to do so, and typically can include several authorised persons each with a part of the unlock key.  Meaning that a number of those authorised persons must use each part of the key to unlock the  results. During the election period voters, independent auditors, academia, and observers can check that the system is performing as expected using universal verification measures such as:

Cast as intended

Individual verifiability: Systems contain a mechanism for the voter to get proof the vote has not been changed during the process of casting the vote and ballot encryption process.

Registered as cast

Individual verifiability: Systems should include “append-only” publicly available bulletin board functions to allow voters to check their encrypted vote has not been altered or removed throughout the election process.

Counted as registered

Universal verifiability: The count process generates proof that certify the correctness of the calculated results. Meaning the election result corresponds to the content of all encrypted votes cast during the election process.

Systems also should offer considerable security controls to ensure no external interference occurs, these at a minimum should include:

Digital signature

These provide verification mechanisms that assure all cast votes come from eligible voters only. In addition, digital signatures certify the fact that no votes have been tampered with during the voting process.

End-to-End encryption

This ensures that under no circumstances results can be read without the necessary key(s) being used to unlock them.

Mix-net

A Mix-net is the virtual equivalent of a physical ballot box being shaken prior to opening to ensure the sequence in which the ballots are cast is mixed up. Also, the mixing procedure breaks any connection between a voter identity and their vote.  After the mixing procedure, all votes are safely decrypted and are completely anonymised.

Summary

End to End verifiable systems are built on prominent scientific reviewed crypto algorithms, provide full documentation, transparency, and auditability from end-to-end during the election process. They remove the human administration aspect of running an election and creating the result. Consequently, they can be audited and checked during the processes ensuring trust and credibility of both the process and the result.

UK Engage

UK Engage are an experienced election services provider with both Trusted and End-to-End Verifiable solutions, with a dedicated team of election professionals delivering elections daily. Both postal and online services can be provided as part of our ISO9001 and ISO27001 certifications. Contact us on 0161 209 4808 or email enquiries@uk-engage.org

 

 

Engage with Us

Do you have an election, ballot, poll, referendum, AGM or another process you need help with

Contact Us

Pin It on Pinterest