Prêt à Voter

Prêt à Voter is an E2E voting system devised by Peter Ryan of the University of Luxembourg. It aims to provide guarantees of accuracy of the count and ballot privacy that are independent of software, hardware etc. Assurance of accuracy flows from maximal transparency of the process, consistent with maintaining ballot privacy. In particular, Prêt à Voter enables voters to confirm that their vote is accurately included in the count whilst avoiding dangers of coercion or vote buying. [1]

The key idea behind the Prêt à Voter approach is to encode the vote using a randomized candidate list. The randomisation of the candidate list on each ballot form ensures the secrecy of each vote. Incidentally, it also removes any bias towards the top candidate that can occur with a fixed ordering.

The value printed on the bottom of the receipt is the key to extraction of the vote. Buried cryptographically in this value is the information needed to reconstruct the candidate order and so extract the vote encoded on the receipt. This information is encrypted with secret keys shared across a number of tellers. Thus, only the set of tellers acting together are able to interpret the vote encoded on the receipt. No individual agent or machine involved in the election should ever be able to tie a particular voter to a particular decrypted vote.

After the election, voters (or perhaps proxies acting on their behalf) can visit the Web Bulletin Board (WBB) and confirm their receipts appear correctly. Once this is over, the tellers take over and perform anonymising mixes and decryption of the receipts. All the intermediate stages of this process are posted to the WBB and are audited later.

There are various auditing mechanisms to ensure that all the steps, the creation of the ballot forms, the mixing and decryption and so on were all performed correctly, but these are carefully designed so as not to impinge on ballot privacy. [2] [3] [4]

Example

[edit]

Suppose that our voter is called Anne. At the polling station, Anne chooses, at random, a ballot form sealed in an envelope. An example of such a form is shown below:

Table 1
Candidates Mark X
Idefix
Asterix
Panoramix
Obelix
3994025096

In the booth, Anne extracts her ballot form from the envelope and makes her selection in the usual way by placing a cross in the right-hand column against the candidate of choice (or, in the case of a Single Transferable Vote (STV) system for example, she marks her ranking against the candidates). For example, a vote for Asterix is given by:

Table 2
Candidates Mark X
Idefix
Asterix X
Panoramix
Obelix
3994025096

Once her selection has been made, she separates the left and right hand strips along a perforation and discards the left hand strip. She is left with the right hand strip which now constitutes her privacy protected receipt, as shown in Table 3.

Table 3
Mark X
.
X
.
.
3994025096

Anne now exits the booth clutching her receipt, registers with an official, and casts her receipt. Her receipt is placed over an optical reader or similar device that records the random value at the bottom of the strip and records in which cell her "X" is marked. Her original paper receipt is digitally signed and franked, and returned to her to keep.

Note that because the candidate list is removed before scanning, the machine that reads the ballot paper never learns the content of the vote. This prevents (intentional or unintentional) violation of vote privacy by the scanning equipment.

Origin

[edit]

Prêt à Voter was inspired by the earlier, voter-verifiable scheme by David Chaum. It replaces the visual cryptographic encoding the voter's choice in Chaum's scheme by the conceptually and technologically simpler candidate randomization. The Prêt à Voter idea of encoding the vote through permutations has subsequently been incorporated in Chaum's Punchscan scheme. However Punchscan uses a permutation of indirection symbols instead of candidate names allowing it to comply with voting laws that require a specific ordering of candidates. The first implementation of Prêt à Voter, by a team led by the University of Surrey, won Best Design, and overall second place at the 2007 University Voting Systems Competition, after the winning team, Punchscan, uncovered a security flaw in the random number generator portion of the Prêt à Voter source code [5] .[6]

Past development

[edit]

An EPSRC-funded project, Trustworthy Voting Systems, ran from April 2009 to April 2014, and aimed to enhance the design of Prêt à Voter in various ways, to build a full prototype implementation, and to produce mathematical proofs of the claimed security properties of Prêt à Voter. The project was run by James Heather and Steve Schneider at the University of Surrey, and Mark Ryan at the University of Birmingham; it was a close collaboration with the FNR-funded SerTVS project run by Peter Ryan at the University of Luxembourg.

Current development

[edit]

There appears to have been no development since 2014. Their domains have expired as of 2015.

Security Analysis

[edit]

There were a few different studies done, mostly concluding that the system was secure and "remarkably robust", despite a few possible attack vectors. [7] [8]

References

[edit]
  1. ^ Ryan, P.Y.A.; D. Bismark; J. Heather; S. Schneider; Z. Xia (2009). "The Prêt à Voter Verifiable Election System" (PDF). IEEE Transactions on Information Forensics and Security. 4 (4): 662–673. doi:10.1109/tifs.2009.2033233. S2CID 8986993. Archived from the original (PDF) on 2010-11-28.
  2. ^ Chaum, D.; P.Y.A. Ryan; S. Schneider (2005), "A Practical Voter-Verifiable Election Scheme", Computer Security – ESORICS 2005 (PDF), Lecture Notes in Computer Science, vol. 3679, pp. 118–139, doi:10.1007/11555827_8, ISBN 978-3-540-28963-0, archived from the original (PDF) on 2012-03-14
  3. ^ Ryan, P.Y.A.; S. Schneider (2006), "Prêt à Voter with Re-encryption Mixes", Computer Security – ESORICS 2006 (PDF), Lecture Notes in Computer Science, vol. 4189, pp. 313–326, doi:10.1007/11863908_20, ISBN 978-3-540-44601-9, archived from the original (PDF) on 2010-11-28
  4. ^ Ryan, P.Y.A. (2008). "Prêt à Voter with Paillier Encryption" (PDF). Mathematical and Computer Modelling. 48 (9–10): 1646–1662. doi:10.1016/j.mcm.2008.05.015.
  5. ^ Bismark, D.; J. Heather; R.M.A. Peel; S. Schneider; Z. Xia; P.Y.A. Ryan (2009). "Experiences Gained from the first Prêt à Voter Implementation". 2009 First International Workshop on Requirements Engineering for e-Voting Systems (PDF). pp. 19–28. doi:10.1109/RE-VOTE.2009.5. ISBN 978-1-4244-7698-5. S2CID 18928706. Archived from the original (PDF) on 2011-07-15.{{cite book}}: CS1 maint: date and year (link)
  6. ^ Zetter, Kim (July 19, 2007). "US/Canada Team Wins Voting Machine Competition". Wired. Retrieved 2008-08-19.
  7. ^ Ryan, Peter Y. A.; Peacock, Thea (2010). "A Threat Analysis of Prêt à Voter". Towards Trustworthy Elections. Lecture Notes in Computer Science. Vol. 6000. pp. 200–215. doi:10.1007/978-3-642-12980-3_12. ISBN 978-3-642-12979-7.
  8. ^ "Prêt à voter: a systems perspective".
[edit]
  • An accessible account of Prêt à Voter can be found in "The Computer Ate my Vote", chapter to appear in Formal Methods: State of the Art and New Directions, Ed. Paul Boca, Springer 2007, also available as Newcastle University Technical Report 988 [1].
  • Further technical details can be found in Newcastle University Technical Reports 864, 880, 929, 956 and 965, and on the Prêt à Voter web site .