How not to prove your election outcome

Thomas Haines, Sarah Jamie Lewis, Olivier Pereira, Vanessa Teague

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

31 Citations (Scopus)

Abstract

The Scytl/SwissPost e-voting solution was intended to provide complete verifiability for Swiss government elections. We show failures in both individual verifiability and universal verifiability (as defined in Swiss Federal Ordinance 161.116), based on mistaken implementations of cryptographic components. These failures allow for the construction of "proofs"of an accurate election outcome that pass verification though the votes have been manipulated. Using sophisticated cryptographic protocols without a proper consideration of what properties they offer, and under which conditions, can introduce opportunities for undetectable fraud even though the system appears to allow verification of the outcome.Our findings are immediately relevant to systems in use in Switzerland and Australia, and probably also elsewhere.

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages644-660
Number of pages17
ISBN (Electronic)9781728134970
DOIs
Publication statusPublished - May 2020
Externally publishedYes
Event41st IEEE Symposium on Security and Privacy, SP 2020 - San Francisco, United States
Duration: 18 May 202021 May 2020

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
Volume2020-May
ISSN (Print)1081-6011

Conference

Conference41st IEEE Symposium on Security and Privacy, SP 2020
Country/TerritoryUnited States
CitySan Francisco
Period18/05/2021/05/20

Fingerprint

Dive into the research topics of 'How not to prove your election outcome'. Together they form a unique fingerprint.

Cite this