Secure electronic election schemes – a matter of democracy
Some of Douglas Wikström’s research in cryptography focuses on electronic voting systems. The goal is to create systems that preserve voter privacy and guarantee correctness of the tally.
In Sweden, elections are expected to be direct, free and preserve voter privacy. An electronic election scheme, i.e., an election scheme where the election is conducted using computers, should be as reliable as the classical paper-based system. Voters input their votes at one end of a system, the votes are encrypted somehow and at the other end decrypted votes are output (that can not be tied to individual voters).
In order to increase the reliability of the system so-called zero knowledge proofs can be used. They are used to let computers prove they are following the protocol, which guarantees correctness, and indirectly voter privacy as well.
As a further security measure to decrease the risk of compromising the ballot secret, several computers are used that between themselves share encryption keys, and that can only decrypt votes when a certain number of the computers are working together.
Together with his postdoc Shahram Khazaei and PhD student Björn Terelius, Douglas Wikström has recently studied two electronic election schemes and discovered security flaws. He notes the risks of having electronic election schemes that lack either zero knowledge proofs or a proper security analysis.
"Ultimately, the question is if a country can guarantee that an election is carried out in a democratic way", says Wikström.
Cryptography appeared as an academic discipline in the 1970’s and so it is a relatively new research area with lots of things still happening. It was not until the mid-1980’s that the concept of zero knowledge proof was discovered. The first efficient zero knowledge proof for mix-nets did not appear until 2001, after Wikström had started his doctoral studies. (Mix-nets are used to tally the result while preserving the voter privacy.)
There are a number of different zero knowledge proofs involved in electronic votin systems. Wikström is working on a kind of standard for these zero knowledge proofs, a standard which is thought to be used on a broad scale by a number of different stakeholders.
The practical result of Wikström’s research has been used in Israel and will be used in Victoria State, Australia. This provides an opportunity to see how his research kan be used in real life.