Trust and Trustworthiness of Voting Systems

Democracy is a defining feature of civilised societies, but it is delicate and vulnerable. In recent years, we have seen the threats to democratic processes brought into sharp relief, and, arguably, we have witnessed some spectacular failures of democracy. The increasing digitisation of democracy brings with it the potential to enrich it but also a raft of novel and poorly understood attack vectors.

In this talk I will discuss attempts by the information security and crypto communities to address the challenge making elections secure. It is essential that an election deliver not only the correct outcome, but also sufficient evidence to demonstrate to all, especially the losers, that it is the correct outcome. And of course, all this must be achieved without undermining ballot privacy or coercion resistance. Furthermore, it is essential that any solution be not only technically valid but also supremely usable and acceptable to all stakeholders.

Most approaches to voter-verifiable elections involve the voter checking the presence of an encryption of her vote on a secure bulletin board (public ledger) in the input to the (verifiable) tabulation process. In this talk, by contrast, I will outline a new voter-verification scheme, Selene, that allows each voter to confirm that her vote is correctly counted in an intuitive, transparent fashion: by identifying the vote in plaintext in the tally via a private, deniable tracker. In particular, I will present a recent enhancement of Selene that does away with the need for trackers and provides greater privacy and counters the coercer tracker collision threat. Our hope is that this will provide not only a trustworthy system but also one that will inspire the trust of all stakeholders.