Thomas Zacharias will present his joint work with PANORAMIX coordinator Aggelos Kiayias and Bingsheng Zhang (Lancaster University) titled “Ceremonies for End-to-end Verifiable Elections”  at the PKC conference that will be held on March 28-31 2017, Amsterdam, The Netherlands.

Abstract: State-of-the-art e-voting systems rely on voters to perform certain actions to ensure that the election authorities are not manipulating the election result. This so-called  end-to-end (E2E) verifiability” is the hallmark of current e-voting protocols.

In this work, we initiate the study of  e-voting protocols as ceremonies, a notion introduced by Ellison where humans are studied as separate nodes system in the protocol execution. Our approach facilitates a formal study of the impact of the human factor in e-voting security.

We then analyse the Helios system as a case study of an e-voting ceremony. We show how end-to-end verifiability and voter privacy are sensitive to human behaviour in the protocol by characterizing the set of behaviours under which the security can be preserved and also showing explicit scenarios where it fails.

To provide intuition on the interpretation of our results. we provide experimental evaluation with human subjects  from two different sources where people used Helios: the elections of the International Association for Cryptologic Research (IACR) and a poll of senior year computer science students. The outcome of our analysis is a negative one: the auditing behaviour of people (including cryptographers) is not sufficient to ensure the correctness of the tally with good probability in either case studied. The same holds true even for simulated data that capture the case of relatively well trained participants while, finally, the security of the ceremony can be shown but under the assumption of essentially ideally behaving human subjects.

A full version of the paper can be found at the following URL: https://eprint.iacr.org/2015/1166