Friday, January 27, 2017

Secure voting Protocols for Online Elections

Please refer to http://obvioustruths.blogspot.in/2017/01/failure-modes-of-internet-based.html for a short post on risks in online voting. This is a follow-up article discussing a few interesting technical issues. The post quoted above deals with the current state of the art and says

“A service provider usually makes available the software and related infrastructure for running an election to the entity holding the election over the Internet. The service provider is selected to be a trusted partner, and is beyond suspicion”.

It is quite unnecessary and undesirable to use systems that require the service provider to share secrets with the voters. A cryptographic technique named  
enables voters to encrypt and publish their votes. Election results can be computed using the encrypted votes without decrypting individual votes. We can expect such techniques to be in practical use in future. A whole variety of safeguards are, however, required to ensure that an election is carried out in a fair and transparent manner without any mischief-makers being able to alter the results.

Discussions of some of the considerations involved can be found in
Swiss Online Voting Protocol  (select from the displayed page the PDF document with this name and download it) and in 
Creating an online service and an app for conducting secure elections and persuading organizations to use them is not mere technical work. It requires entrepreneurial spirit, management & marketing abilities in addition to technical knowledge and skills. A student project involving a team of three or four students could address this problem.

Straightforward engineering is not sufficient to implement a system in which a service provider does not have to share secrets. The need for advanced cryptographic techniques and the need to design a system free of weaknesses make this project a special one. If it was any simpler, many software houses would be marketing their solutions by now.