How Not to Prove Your Election Outcome

Опубликовано 1 октября 2019, 1:43

Earlier this year we (Lewis, Pereira, and Teague) examined the source code for the SwissPost e-voting system, intended to be used for Swiss elections in May. The system was in the process of certification for use by up to 100% of Swiss voters in the cantons that chose to use it.

We found three different ways in which a compromised computer could manipulate votes while pretending to provide a proof that no manipulation had taken place. One was a cryptographic trapdoor which allowed a cheating authority to provide a perfectly-verifying proof that it had shuffled the votes correctly, even if the votes had been manipulated. This would leave no way for anyone to detect the fraud. In the light of our findings, the Swiss authorities decided not to offer their e-voting system for upcoming elections in May, citing the need for further reassessment of its security properties.

Although numerous serious security problems have been found in e-voting systems before, this was the first discovery of a fundamental weakness in a cryptographic correctness proof in a system advertised to offer a form of verifiability. This is significant because verification potentially allows a way out of the inscrutability of computers, and perhaps a way forward for securing electronic elections.

In order to explain the importance of this failure, we need to explain what verifiability is, and what it isn’t, and how to tell when you can trust an election outcome even when you don’t trust the computers, administrators, or vendors.

Talk slides: microsoft.com/en-us/research/u...

Learn more about this and other talks at Microsoft Research: microsoft.com/en-us/research/v...