1 / 20

Online Voting Opportunities and Risks

Online Voting Opportunities and Risks. STOA Workshop at the European Parliament Brussels, 17 March 2011 Prof. Dr. Rüdiger Grimm IT Risk Management Universität Koblenz-Landau. Agenda. How it is today Security concern Trust challenge Solution.

ash
Download Presentation

Online Voting Opportunities and Risks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Online VotingOpportunities and Risks STOA Workshop at the European Parliament Brussels, 17 March 2011 Prof. Dr. Rüdiger Grimm IT Risk Management Universität Koblenz-Landau

  2. Agenda • How it is today • Security concern • Trust challenge • Solution Grimm 2011: Online Voting

  3. Legally Binding Internet Elections in Europe in 2011 • Switzerland • Legally binding internet electionsin February 2011 for all cantons • since 2002, pilots in Zürich, Neuenburg and Geneva • Norway • legally binding municipal elections in 2011 • Internet voting and paper-ballot voting • voter can recast his/her electronic vote multiple times • terminal voting overrides Internet voting • paper votes override electronic votes • open source system (ErgoGroup & Scytl) • cryptographic protocol integrated into high school maths Grimm 2011: Online Voting

  4. Legally Binding Internet Elections in Europe in 2011 • Estonia • legally binding Internet elections since 2005 • Internet voting and paper-ballot voting • voter can recast his/her electronic vote multiple times • newer electronic vote overrides older vote • paper vote overrides electronic vote • new for elections in March 2011: mobile authentication Grimm 2011: Online Voting

  5. Estonia [http://www.vvk.ee/voting-methods-in-estonia/engindex/statistics, 04.03.2011] Grimm 2011: Online Voting

  6. Online voting out there in the world • … • France, French citizens abroad, 2003 tests • The Netherlands, citizens abroad • Germany, more than 30 real voting in private area • UK, tests 2002, 2003, 2007 • Portugal, 2004 EU and 2005 Parliament Tests • Austria, since 2003, voting in academic area and for citizens abroad • … and a lot more in the USA Grimm 2011: Online Voting

  7. Online voting systems in use • Polyas, Germany • Association of Computer Science (GI) Bodies • Research Funding Association (DFG) Bodies • Helios, USA/Belgium • Undergraduate Student Government at Princeton in Spring 2011 • Student elections at the Université catholique de Louvain in 2010 • International Association for Cryptologic Research (IACR) in 2010 • voter turnout ~30% (compared to ~20% with paper-based elections) • Presidential election at the Université catholique de Louvain in 2009 • Many more for research and demonstration • Bingo, ThreeBallot, Prêt à Voter, Punchscan, … Grimm 2011: Online Voting

  8. Classical advantage • Ubiquity and 24-7 • Seamless integration in everyday communication,esp. of Internet generation • Easy-to-use, also for complex applications  Increase of participation Grimm 2011: Online Voting

  9. Online 24,1% Participation 16,9% 20,5% 17,5% 13,7% Online Participation in GI Board Elections Registered Voters Casted Votes Grimm 2011: Online Voting

  10. Agenda • How it is today • Security Concern • Trust Challenge • Solution Grimm 2011: Online Voting

  11. Correctness and Anonymity • Do machines • Does network • Are our votes • Will our votes remain • Are there hidden access points for manipulation ?? work as we expect ?? secret ?? Grimm 2011: Online Voting

  12. Security can be provided, technically • Several solutions for anonymity, e.g., blind signatures and separation of duty • Organizational approach of protection profile and system security evaluation by Common Criteria • See BSI basic protection profile and Polyas evaluation  Security is manageable But How do people KNOW that these security features work? Grimm 2011: Online Voting

  13. Security can be provided, technically • But how do people KNOW that these security features work? • Cars work safely, if they do not crash • Voting systems work safely, if … they do not crash?? • Public relies on experts certification • Is trust in experts’ statement sufficient? • Are there better procedures to feel (see, touch, experience…) security… and to check correctness? Grimm 2011: Online Voting

  14. Agenda • How it is today • Security Concern • Trust Challenge • Solution Grimm 2011: Online Voting

  15. Verifiability • March 2009, German Constitutional Law has stated as basic requirement: • Verifiability of voting process by everyone • Even without deeper knowledge of technology • What is verifiability? • Cast as intended (individually) • Stored as cast (individually, universally) • Tallied as stored (universally) Grimm 2011: Online Voting

  16. Verification encrypt cast-as-intended cast ballot recorded-as-cast decrypt counted-as-recorded Grimm 2011: Online Voting

  17. Verification by Bulletin Board recorded-as-cast encrypt encrypted-as-intended cast ballot cast-as-intended publish ballots decrypt decrypted-as-recorded publish votes counted-as-recorded Bräunlich/Grimm, 25.2.2011 Grimm 2011: Online Voting

  18. Agenda • How it is today • Security Concern • Trust Challenge • Solution Grimm 2011: Online Voting

  19. Solution • Internet Voting can provide better functionality than paper voting • Ubiquity and 24-7 • Seamless integration in everyday communication,esp. of Internet generation • Easy-to-use, also for complex applications • Universal and individual verification • Multiple voting (recast) • Multiple media (paper, terminal, Internet) • Integration with eParticipation Grimm 2011: Online Voting

  20. References Johannes Pichler (Hrsg.): Überlegungen zur Hebung demokratischer Partizipation – Provokationen und Optionen. Schriften zur Rechtspolitik, Band 31, Neuer Wissenschaftlicher Verlag, Wien, Graz 2010. Krimmer, Robert; and Grimm, Rüdiger (Eds.): Electronic Voting 2010, 2008, and 2006. Lecture Notes in Informatics, Bonn 2010, 2008, and 2006, resp. Volkamer, M., Vogt, R.: Common Criteria Protection Profile For Basic Set of Security Requirements for Online Voting Products. BSI-CC-PP-0037, Version 1.0, 18. April 2008. http://www.bsi.bund.de/ Estonia: http://www.vvk.ee/voting-methods-in-estonia/engindex/statistics Helios: http://heliosvoting.org/about-us/ Polyas: http://www.polyas.de/ Grimm 2011: Online Voting

More Related