Information Security Seminar 

08/06/2010, 16:15 — 17:15 — Room P4.35, Mathematics Building
Ralf Kuesters, University of Trier

Central Security Requirements of E-Voting Systems: Verifiability, Accountability, and Coercion-Resistance

Systems for electronic voting (e-voting systems), including systems for voting over the Internet and systems for voting in a voting booth, are supposed to simplify the process of carrying out elections and potentially make the voting process more secure and reliable. These systems are among the most challenging and complex security-critical systems, with a rich set of intricate security requirements they have to fulfill. For example, besides keeping the votes of individual voters private (privacy of votes), they should allow voters to check that their votes were counted correctly (verifiability), since voting machines might have programming errors or might have been tampered with. By providing voters with receipts of how they voted, this problem on its own is easy to solve. However, at the same time vote buying and voter coercion should be prevented (coercion-resistance). Moreover, in case a problem occurs, it should be possible to hold election officials accountable for their misbehavior (accountability). In recent work, we have formalized important security requirements for e-voting systems, including coercion-resistance, verifiability, and accountability. In this talk, I will discuss these requirements informally and sketch our formal definitions. I will also present several state-of-the-art voting systems and discuss their security with respect to our security definitions. The talk is intended for a broad audience and does not require any background on e-voting systems or cryptography. This talk is based on joint work with Tomasz Truderung and Andreas Vogt.