Security in e-voting

Abstract

Abstract Systems for electronic voting (e-voting systems), including systems for voting over the Internet and systems for voting in a voting booth, have been employed in many countries. However, most of the systems used in practice today do not provide a sufficient level of security. For example, programming errors and malicious behavior resulting in the loss of votes and incorrect election outcomes easily go undetected. In fact, numerous problems with e-voting systems have been reported in various countries. Therefore, in recent years modern e-voting systems have been designed that, among others, allow voters to check that their votes were counted correctly, even if voting machines and servers have programming errors or are outright malicious. In this paper, after a brief discussion of the problems of today's e-voting systems, we explain fundamental security properties modern e-voting systems should provide, including the above mentioned so-called verifiability property, and present a simple e-voting system to illustrate some of these properties. One important goal of our work is to provide security guarantees of such systems not only for abstract mathematical/cryptographic models of the systems but for the implementation of the systems directly. This requires us to combine various techniques and tools from security/cryptography, program analysis, and verification.