Cryptography towards a new kind of election?
Computer scientists at the Harvard School of Engineering and Applied Sciences recently deployed the first “practical, Web-based, secure, verifiable voting system.” After testing through 2008 and early 2009, the system, dubbed “Helios,” was used for the university presidential elections at the Belgian Université Catholique de Louvain (UCL) in the first week of March 2009. The system uses asymmetric cryptography and mixnets to provide anonymity, ballot integrity, and open, public verifiability. The system is designed to be used to what they call “low-coercion” elections, because they have not provided any way for users to change their vote at another time if the user has been coerced into voting a certain way. But, the system does provide cryptographic auditing that allows any voter to verify that their vote has been correctly recorded, and allows anyone to verify that all recorded votes have been correctly tallied, something standard elections in the USA don’t even guarantee.
This project rose out of the recognition that relatively recent advancements in cryptography and computer science have paved the way for the possibility of actually implementing election protocols that guarantee ballot casting assurance, universal verifiability, and voter secrecy. One issue that the developers of this system are facing is that the public is not really aware (or if they are, they fail to recognize the implications) of the lack of these properties in our current election system. Especially as absentee balloting is becoming more popular, there is little guarantee that 1) your vote is ever received, 2) that no one changed en route, 3) that it was counted at all, and 4) that is was counted correctly. The Helios system allows the user to verify 1, 2, and 3, and allows anyone to verify 4. The source for the Helios system is available for free under Creative Commons, and an online server is available for general use.
This new development is especially important given the recent Diebold debacle which emphasized the importance of Kerckhoffs’ principle in the development of important security systems. Entrusting something as important as democracy to some proprietary, secret code hacked up by some people under investigation for putting Trojans in ATMs is no way to go. It will be interesting whether or not this new style of election will ever be used in general governmental elections, but it hints that the day when we may actually be able to cast e-votes with confidence is drawing near. If you are interested in more details of the Helios system, a follow-up security review will be posted shortly.