Skip to content

Instantly share code, notes, and snippets.

@dsernst

dsernst/Secure Internet Voting.md

Last active August 2, 2022 09:40
Show Gist options
  • Save dsernst/df05e250bc1386f186d3c6f930681fb5 to your computer and use it in GitHub Desktop.
Save dsernst/df05e250bc1386f186d3c6f930681fb5 to your computer and use it in GitHub Desktop.
Download ZIP
Secure internet voting
Raw
Secure Internet Voting.md

Proof-of-Vote: A Simple Cryptosystem for Secure Internet Voting

by David Ernst, www.liquid.us

A method to democratically vote online, that provably ensures to the individual voter that their vote was cast and counted correctly, without tampering, while still protecting their vote privacy.

Note: This is designed for our issue-based liquid democracy platform, not traditional elections.

Goals:

  • Allow individuals to vote using their own digital devices.
  • Allow any voter to verify that their vote was entered correctly.
  • Allow any third party to independently tabulate the results of the vote.
  • Don't reveal the contents of anyone's vote.
  • Don't require individuals to manage their own cryptographic keys, or install any new software.
  • Support hundreds of millions of active users.

Requirements:

  • The voter controls an email address that no one else has access to.
  • The voting platform has already determined who is eligible to vote, and has an email address for each.
  • During the voting period, the voter has access to an internet device that can make secure https connections to the voting platform.

Procedure

  1. Voter Registration: A user, identified by an email address example@email.com, is already verified as an eligible voter in their district.

  2. Email authentication: The user can login to the voting platform with a special link sent to their email.

  3. The user views an individual voting item — 2016-e: Should the city approve $10,000,000 in new bonds to fix the potholes on Main St?

  4. Voting: The user decides to vote yea. The user also picks a secret passphrase that allows them to verify their vote isn't tampered with: CorrectHorseBatteryStaple.

  5. Unique hash: Based on the unique characteristics of their vote — their email, the item-id, their position, and their passphrase — a unique vote identifier is calculated using a one-way hashing function (this example uses https://www.browserling.com/tools/scrypt).

scrypt({
  plaintext: "<example@email.com>, 2016-e, yea, CorrectHorseBatteryStaple",
  salt: undefined,
  outputSize: 32,
  cpuDifficulty: 16384,
  memoryDifficulty: 8,
  parallelizationDifficulty: 1,
}) => 1bbed06e1afe7b52c72c13da4fb7b860ca75be682d515d002b4d894c143068b6
  1. Publish vote: An entry is added to a public record of all votes to represent their vote:
yea 1bbed06e1afe7b52c72c13da4fb7b860ca75be682d515d002b4d894c143068b6
  • The platform can automatically give the voter their unique vote id, so they don't have to go through the trouble of manually calculating the hash themselves. But the individual always can (and occassionally ought to) do it themselves, to keep the platform honest.
  1. View results: At the end of the voting period, the entire public record of votes can be viewed to calculate a winner. Example:
# https://liquid.us/audit/2016-e.txt

yea 77a14de056bf7ee73629501fd7942c41e59dc857c404b4f6f426a3c2fdbfbab2
yea 609a0a0f6a08067930e5671ff7ac768323b9d4694f4d201622b1db3d5c271df8
yea 1bbed06e1afe7b52c72c13da4fb7b860ca75be682d515d002b4d894c143068b6
nay ee1d08fa4a2419d65077b247a089165f4a83b6cac8c3e651fcbe937e81fd954d
yea fcd651f744bef16442162c166df2e06d439a472820917d976cd5d3e8acbb5ced
nay 039d4af6f0cceebce7b9cd0f28243861cdea8ca86118e8e108a5d7a865759e0f

The results are: 4 votes yea, 2 votes nay.

Review:

Does the procedure meet the stated goals?

Allow individuals to vote using their own digital devices.

Yes, this goal is met.

In addition to their own devices, a voter can also use a device provided to them by others. This could be from a friend, or for public use such as in a library or community center.

Allow any voter to verify that their vote was entered correctly.

Yes, this goal is met, assuming the hashing algorithm is open-source and cryptographically secure, and the voter remembers the 4 unique pieces that make up their vote — their email, the item-id, their position, and their passphrase. They can independently calculate their vote's unique identifier and confirm (CTRL-F) their unique vote is in the list of all votes, with the correct position.

One concern is that this process is too technical for the everyday voter. Even so, the platform is still kept accountable because of the possibility that any voter may independently audit their vote.

Allow any third party to independently tabulate the results of the election.

Yes, this goal is met, since the record of all votes is published.

Don't reveal the author of any votes.

Yes, this goal is met, but this privacy could be lost.

While all votes are published, only the position and the vote's unique identifier, created from a one-way hashing function, are included in the public record. So by default, the individual voter's position is kept private.

This privacy could be compromised if another party learns the input that went into the hashing function: their email, the item-id, their position, and their secret passphrase.

This privacy could be compromised if the voter's device is compromised. A keylogger, screen recorder, or a man-in-middle attack could all reveal a voter's position to a third party at the time the vote was cast.

This privacy could be compromised from a brute-force attack on the hash.

The item-id acts like a simple salt, so that pre-computed hashes can't be re-used across votes, when the voter, position (a simple yea or nay), and secret may all remain the same.

Brute-force attacks can be strengthened against by using longer and unique inputs, in particular by using a passphrase with greater entropy.

Additional strength comes from the expensive hashing function: scrypt. Since this function has adjustable difficulty, the system can limit the number of hashes that can be calculated within a certain timeframe. This significantly raises the cost of a successful brute-force attack.

Although the system may be assumed reasonably secure at the time of the vote, this will not hold in the future. Developments in computing hardware will eventually compromise the privacy of individuals' past votes.

Don't require individuals to manage their own cryptographic keys, or install any new software.

Yes, this goal is met.

No additional software needs to be installed by the end user. Their security is based on protecting their email inbox, similar to requirements for mainstream online banking and other everyday online tasks.

The platform can offer additional security features like Two Factor Authentication, as extra identity checks, but that is outside the scope of this document.

Support hundreds of millions of active users.

Yes, this goal is met.

This cryptosystem offers similar verification and immutability benefits as a blockchain-based system, but can be built upon traditional SQL infrastructure already proven to scale to billions of active users.

@dsernst
Copy link
Author

dsernst commented Nov 13, 2017
edited

I've added a comment to the intro that this system is designed for our liquid democracy platform use-case (www.liquid.us), not real-world elections. Different risk profile. Much more independent security review necessary as we grow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment