Online voting for independent elections is generally supported by trusted election providers. Typically these providers do not offer any way in which a voter can verify their vote, so the providers are trusted with ballot privacy and ensuring correctness. Despite the desire to offer online voting for political elections, this lack of transparency and verifiability is often seen as a significant barrier to the large-scale adoption of online elections. Adding verifiability to an online election increases transparency and integrity, allowing voters to verify that their vote has been recorded correctly and included in the tally. However, replacing existing online systems with those that provide verifiable voting requires new algorithms and code to be deployed, and this presents a significant business risk to commercial election providers. In this paper we present the first step in an incremental approach which minimises the business risk but demonstrates the advantages of verifiability, by developing an implementation of key elements of a Selene-based verifiability layer and adding it to an operational online voting system. Selene is a verifiable voting protocol that uses trackers to enable voters to confirm that their votes have been captured correctly while protecting voter anonymity. This results in a system where even the election authority running the system cannot change the result in an undetectable way, and gives stronger guarantees on the integrity of the election than were previously present. We explore the challenges presented by adding a verifiability layer to an operational system. We describe the results of two initial trials, which obtained that survey respondents found this form of verifiability easy to use and that they broadly appreciated it. We conclude by outlining the further steps in the road-map towards the deployment of a fully trustworthy online voting system.
翻译:独立选举的在线投票一般得到信任的选举提供者的支持。 通常,这些提供者不提供选民可以核查其投票的任何方式,因此提供者以投票隐私和确保正确性。 尽管希望为政治选举提供在线投票,但缺乏透明度和可核查性往往被视为大规模通过在线选举的重大障碍。 增加在线选举的可核查性增加了透明度和完整性,使选民能够核实他们的投票记录正确并被纳入计票系统。 但是,用提供可核查投票的系统取代现有的在线系统,需要部署新的算法和代码,这对商业选举提供者构成重大商业风险。 在本文中,我们提出一个渐进办法的第一步,该办法将业务风险降到最低,但显示可核查性的好处,办法是开发一个基于Selenene的可核查层的关键要素,并将其添加到一个可操作的在线投票系统。 Selene是一个可核查的投票程序,利用追踪者来确认他们的投票记录正确无误,同时保护选民匿名性。 在这样一个系统中,即使是选举当局也不能改变选举结果,在不易错的在线选举过程中,我们提出一个更强有力的在线选举结果,我们从初步选举调查中更清楚地说明选举结果。