IKTPLUSS-IKT og digital innovasjon

Traditional voting systems have significant limitations. From a security viewpoint, they rely on trust in election officials, which limits independent verifiability and prevents high assurance in vote confidentiality. In addition, traditional voting has issues regarding errors in counting, accessibility, and timeliness. There is an acknowledged need for more advanced voting systems. Many voting system vendors claim that their products are secure, but vendors in general have a dismal security record. This was last seen in Switzerland, where members of the project helped find serious vulnerabilities. This project will focus on three specific areas that are critical for adoption of modern voting systems. * Voter confidence. Few voters care about cryptographic details, but user acceptance relies on understanding. Voting systems must be designed so that voters believe in their security and integrity. * Security proofs. Cryptographers now routinely give mathematical security proofs for protocols. Obtaining such proofs for typical complex voting systems will require innovative proof techniques. * Long-term security. Voting records must remain secure for a very long time. Quantum computers is one specific long-term threat against most current cryptographic voting systems. We will contribute to increased confidence in voting systems, and thereby also in the integrity of the electoral process. Our emphasis on security proofs for voting systems will improve the overall assurance of voting systems, both directly and by establishing a scientific standard in the field of voting systems. This project will also generate new knowledge with regard to cryptographic protocols, in particular about protocols involving humans and the practicability of automatic verification for complicated, real-world protocols. So far, the project has developed alternative approaches to elections (verifiable postal voting), assurance through verifying security proofs (automatic verification and code generation), practical voting systems with post-quantum security, security definitions and cryptanalysing real-world voting systems.

This project will investigate the security of voting systems and increase our assurance in state-of-the-art voting systems. We have identified three specific areas which are critical in progressing towards adoption of modern voting systems to the benefit of society. * User confidence. Most users are not interested in the cryptographic details, but user acceptance relies on an understanding of the processes involved. Voting systems must be designed so that voters believe in their security and integrity. * Security proofs. In the cryptographic community it is now routine to provide a mathematical security proof for algorithms and protocols. This is not typically the case for electronic voting systems deployed today. Obtaining such proofs for typical complex voting systems will require innovative proof methods. * Long-term security. Electronic records will be protected by cryptography, but they will be public and must remain secure into the future. A specific long-term threat against most existing voting system is quantum computers. This project will address each of these areas. We will contribute to increased confidence in our voting systems, and thereby also in the integrity of the electoral process. Our emphasis on security proofs for voting systems will improve the overall assurance of voting systems, both directly and by establishing a scientific standard in the field of voting systems. This project will also generate new knowledge with regard to cryptographic protocols, in particular about protocols involving humans and the practicability of automatic verification for complicated, real-world protocols.