Public Evidence from Secret Ballots

  • Matthew BernhardEmail author
  • Josh Benaloh
  • J. Alex Halderman
  • Ronald L. Rivest
  • Peter Y. A. Ryan
  • Philip B. Stark
  • Vanessa Teague
  • Poorvi L. Vora
  • Dan S. Wallach
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10615)


Elections seem simple—aren’t they just about counting? But they have a unique, challenging combination of security and privacy requirements. The stakes are high; the context is adversarial; the electorate needs to be convinced that the results are correct; and the secrecy of the ballot must be ensured. They also have practical constraints: time is of the essence, and voting systems need to be affordable and maintainable, as well as usable by voters, election officials, and pollworkers. It is thus not surprising that voting is a rich research area spanning theory, applied cryptography, practical systems analysis, usable security, and statistics. Election integrity involves two key concepts: convincing evidence that outcomes are correct and privacy, which amounts to convincing assurance that there is no evidence about how any given person voted. These are obviously in tension. We examine how current systems walk this tightrope.



This work was supported in part by the U.S. National Science Foundation awards CNS-1345254, CNS-1409505, CNS-1518888, CNS-1409401, CNS-1314492, and CNS-1421373, the Center for Science of Information STC (CSoI), an NSF Science and Technology Center, under grant agreement CCF-0939370, the Maryland Procurement Office under contract H98230-14-C-0127, and FNR Luxembourg under the PETRVS Mobility grant.


  1. 1.
    Adida, B.: Advances in Cryptographic Voting Systems. Ph.D. thesis, MIT, July 2006Google Scholar
  2. 2.
    Adida, B.: Helios: web-based open-audit voting. In: 17th USENIX Security Symposium, August 2008.
  3. 3.
    Adida, B., Neff, C.A.: Efficient receipt-free ballot casting resistant to covert channels. IACR Cryptology ePrint Archive, 2008 (2008)Google Scholar
  4. 4.
    Adida, B., Rivest, R.L., Scratch, V.: Self-contained paper-based cryptographic voting. In: ACM Workshop on Privacy in the Electronic Society (2006)Google Scholar
  5. 5.
    Alwen, J., Ostrovsky, R., Zhou, H.-S., Zikas, V.: Incoercible multi-party computation and universally composable receipt-free voting. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 763–780. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-48000-7_37 CrossRefGoogle Scholar
  6. 6.
    Bayer, S., Groth, J.: Efficient zero-knowledge argument for correctness of a shuffle. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 263–280. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_17 CrossRefGoogle Scholar
  7. 7.
    Bell, S., Benaloh, J., Byrne, M.D., DeBeauvoir, D., Eakin, B., Fisher, G., Kortum, P., McBurnett, N., Montoya, J., Parker, M., Pereira, O., Stark, P.B., Wallach, D.S., Winn, M.: STAR-vote: a secure, transparent, auditable, and reliable voting system. USENIX J. Election Technol. Syst. 1(1), 8 (2013)Google Scholar
  8. 8.
    Ben-Nun, J., Fahri, N., Llewellyn, M., Riva, B., Rosen, A., Ta-Shma, A., Wikström, D.: A new implementation of a dual (paper and cryptographic) voting system. In: 5th International Conference on Electronic Voting (2012)Google Scholar
  9. 9.
    Benaloh, J.: Simple verifiable elections. In: USENIX/ACCURATE Electronic Voting Technology Workshop, August 2006Google Scholar
  10. 10.
    Benaloh J.: Ballot casting assurance via voter-initiated poll station auditing. In: USENIX/ACCURATE Electronic Voting Technology Workshop, August 2007Google Scholar
  11. 11.
    Benaloh, J.: Administrative and public verifiability: can we have both? In: USENIX/ACCURATE Electronic Voting Technology Workshop, August 2008Google Scholar
  12. 12.
    Benaloh, J., Jones, D., Lazarus, E., Lindeman, M., Stark, P.B.: Soba: Secrecy-preserving observable ballot-level audit. In: Proceedings of the USENIX Accurate Electronic Voting Technology Workshop (2011)Google Scholar
  13. 13.
    Benaloh, J., Moran, T., Naish, L., Ramchen, K., Teague, V.: Shuffle-sum: coercion-resistant verifiable tallying for STV voting. IEEE Trans. Inf. Forensics Secur. 4(4), 685–698 (2009)CrossRefGoogle Scholar
  14. 14.
    Benaloh, J., Rivest, R., Ryan, P.Y., Stark, P., Teague, V., Vora, P.: End-to-end verifiability. arXiv:1504.03778 (2015)
  15. 15.
    Benaloh, J., Tuinstra D.: Receipt-free secret-ballot elections. In: 26th ACM Symposium on Theory of Computing (1994)Google Scholar
  16. 16.
    Benaloh J.D.C.: Verifiable Secret-ballot Elections. Ph.D. thesis, Yale (1987). AAI8809191Google Scholar
  17. 17.
    Bernhard, M.: What happened in the Utah GOP caucus.
  18. 18.
    Blom, M., Stuckey, P.J., Teague, V.J., Tidhar, R.: Efficient computation of exact IRV margins. arXiv:1508.04885 (2015)
  19. 19.
    Brams, S.: Mathematics and Democracy. Princeton University Press, Princeton (2008)CrossRefzbMATHGoogle Scholar
  20. 20.
    Calandrino, J.A., Halderman, J.A., Felten, E.W.: Machine-assisted election auditing. In: USENIX/ACCURATE Electronic Voting Technology Workshop, August 2007Google Scholar
  21. 21.
    California Secretary of State’s Office: Top-to-bottom review of electronic voting systems (2007).
  22. 22.
    Canetti, R., Gennaro, R.: Incoercible multiparty computation. In: 37th IEEE Symposium on Foundations of Computer Science (1996)Google Scholar
  23. 23.
    Carback, R., Chaum, D., Clark, J., Conway, J., Essex, A., Herrnson, P.S., Mayberry, T., Popoveniuc, S., Rivest, R.L., Shen, E., Sherman, A.T., Vora, P.L.: Scantegrity II municipal election at Takoma Park: the first E2E binding governmental election with ballot privacy. In: 18th USENIX Security Symposium, August 2010Google Scholar
  24. 24.
    Carter Center: Expert study mission report–Internet voting pilot: Norway’s 2013 parliamentary elections, March 2014.
  25. 25.
    Cary, D.: Estimating the margin of victory for instant-runoff voting. In: USENIX/ACCURATE Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, August 2011Google Scholar
  26. 26.
    Chaum, D.: SureVote: technical overview. In: IAVoSS Workshop on Trustworthy Elections (2001)Google Scholar
  27. 27.
    Chaum, D., Carback, R., Clark, J., Essex, A., Popoveniuc, S., Rivest, R.L., Ryan, P.Y.A., Shen, E., Sherman, A.T., Scantegrity, I.I.: End-to-end verifiability for optical scan election systems using invisible ink confirmation codes. In: USENIX/ACCURATE Electronic Voting Workshop, August 2008Google Scholar
  28. 28.
    Chilingirian, B., Perumal, Z., Rivest, R.L., Bowland, G., Conway, A., Stark, P.B., Blom, M., Culnane, C., Teague, V.: Auditing australian senate ballots. arXiv preprint arXiv:1610.00127 (2016)
  29. 29.
    Clarkson, M., Chong, S., Myers, A.C.: Civitas: a secure remote voting system. Technical report, Cornell University Computing and Information Science Technology Report, May 2007.
  30. 30.
    (Cohen), J.B., Fischer, M.J.: A robust and verifiable cryptographically secure election scheme. In: 26th Annual Symposium on Foundations of Computer Science (1985)Google Scholar
  31. 31.
    Cordero, A., Wagner, D., Dill, D.: The role of dice in election audits - extended abstract. In: IAVoSS Workshop On Trustworthy Elections (2006)Google Scholar
  32. 32.
    Cortier, V., Galindo, D., Küsters, R., Müller, J., Truderung, T.: Verifiability Notions for E-Voting Protocols. Technical report, Technical Report 2016/287, Cryptology ePrint Archive (2016).
  33. 33.
    Delaune, S., Kremer, S., Ryan, M.: Verifying privacy-type properties of electronic voting protocols: a taster. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 289–309. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-12980-3_18 CrossRefGoogle Scholar
  34. 34.
    Feldman, A.J., Halderman, J.A., Felten, E.W.: Security analysis of the Diebold AccuVote-TS voting machine. In: USENIX/ACCURATE Electronic Voting Technology Workshop, August 2007Google Scholar
  35. 35.
    Fieser, E.: People Openly Sell Votes for $20 in the Dominican Republic, May 2016.
  36. 36.
    Fisher, K., Carback, R., Sherman, A.T.: Punchscan: introduction and system definition of a high-integrity election system. In: IAVoSS Workshop on Trustworthy Elections (2006)Google Scholar
  37. 37.
    Gjøsteen, K.: The norwegian internet voting protocol. In: Kiayias, A., Lipmaa, H. (eds.) Vote-ID 2011. LNCS, vol. 7187, pp. 1–18. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32747-6_1 CrossRefGoogle Scholar
  38. 38.
    Gogolewski, M., Klonowski, M., Kubiak, P., Kutyłowski, M., Lauks, A., Zagórski, F.: Kleptographic attacks on e-voting schemes. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 494–508. Springer, Heidelberg (2006). doi: 10.1007/11766155_35 CrossRefGoogle Scholar
  39. 39.
    Grewal, G.S., Ryan, M.D., Bursuc, S., Ryan, P.Y.: Caveat coercitor: Coercion-evidence in electronic voting. In: 34th IEEE Symposium on Security and Privacy (2013)Google Scholar
  40. 40.
    Groth, J.: A verifiable secret shuffle of homomorphic encryptions. J. Cryptol. 23(4), 546–579 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  41. 41.
    Haenni, R., Spycher, O.: Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys, August 2011Google Scholar
  42. 42.
    Halderman, J.A., Teague, V.: The new south wales ivote system: security failures and verification flaws in a live online election. In: Haenni, R., Koenig, R.E., Wikström, D. (eds.) VOTELID 2015. LNCS, vol. 9269, pp. 35–53. Springer, Cham (2015). doi: 10.1007/978-3-319-22270-7_3 CrossRefGoogle Scholar
  43. 43.
    Hemaspaandra, L.A., Lavaee, R., Menton, C.: Schulze and ranked-pairs voting are fixed-parameter tractable to bribe, manipulate, and control. In: International Conference on Autonomous Agents and Multiagent Systems (2013)Google Scholar
  44. 44.
    Joaquim, R., Ribeiro, C., Ferreira, P.: VeryVote: a voter verifiable code voting system. In: Ryan, P.Y.A., Schoenmakers, B. (eds.) Vote-ID 2009. LNCS, vol. 5767, pp. 106–121. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04135-8_7 CrossRefGoogle Scholar
  45. 45.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: ACM Workshop on Privacy in the Electronic Society, November 2005Google Scholar
  46. 46.
    Kaczmarek, T., Wittrock, J., Carback, R., Florescu, A., Rubio, J., Runyan, N., Vora, P.L., Zagórski, F.: Dispute resolution in accessible voting systems: the design and use of audiotegrity. In: Heather, J., Schneider, S., Teague, V. (eds.) Vote-ID 2013. LNCS, vol. 7985, pp. 127–141. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39185-9_8 CrossRefGoogle Scholar
  47. 47.
    Karlof, C., Sastry, N., Wagner, D.: Cryptographic voting protocols: a systems perspective. In: 14th USENIX Security Symposium, August 2005Google Scholar
  48. 48.
    Kelsey, J., Regenscheid, A., Moran, T., Chaum, D.: Attacking Paper-Based E2E Voting Systems. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 370–387. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-12980-3_23 CrossRefGoogle Scholar
  49. 49.
    Khazaei, S., Wikström, D.: Randomized partial checking revisited. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 115–128. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36095-4_8 CrossRefGoogle Scholar
  50. 50.
    Kiayias, A., Yung, M.: Self-tallying elections and perfect ballot secrecy. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 141–158. Springer, Heidelberg (2002). doi: 10.1007/3-540-45664-3_10 CrossRefGoogle Scholar
  51. 51.
    Kiayias, A., Zacharias, T., Zhang, B.: Ceremonies for end-to-end verifiable elections. IACR Cryptology ePrint Archive, 2015 (2015)Google Scholar
  52. 52.
    Kiayias, A., Zacharias, T., Zhang, B.: End-to-end verifiable elections in the standard model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 468–498. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46803-6_16 Google Scholar
  53. 53.
    Kremer, S., Ryan, M., Smyth, B.: Election verifiability in electronic voting protocols. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 389–404. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-15497-3_24 CrossRefGoogle Scholar
  54. 54.
    Küsters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: 17th ACM Conference on Computer and Communications Security (2010)Google Scholar
  55. 55.
    Küsters, R., Truderung, T., Vogt, A.: Verifiability, privacy, and coercion-resistance: New insights from a case study. In: 32nd IEEE Symposium on Security and Privacy (2011)Google Scholar
  56. 56.
    Küsters, R., Truderung, T., Vogt, A.: A game-based definition of coercion resistance and its applications. J. Comput. Secur. 20(6), 709–764 (2012)CrossRefGoogle Scholar
  57. 57.
    Lindeman, M., Stark, P.B., Yates, V.S.: BRAVO: ballot-polling risk-limiting audits to verify outcomes. In: USENIX Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, August 2012Google Scholar
  58. 58.
    Magrino, T.R., Rivest, R.L., Shen, E., Wagner, D.: Computing the margin of victory in IRV elections. In: USENIX Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, August 2011Google Scholar
  59. 59.
    McDaniel, P., et al.: EVEREST: evaluation and validation of election-related equipment, standards and testing, December 2007.
  60. 60.
    Moran, T., Naor, M.: Receipt-free universally-verifiable voting with everlasting privacy. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 373–392. Springer, Heidelberg (2006). doi: 10.1007/11818175_22 CrossRefGoogle Scholar
  61. 61.
    Moran, T., Naor, M.: Basing cryptographic protocols on tamper-evident seals. Theor. Comput. Sci. 411, 1283–1310 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  62. 62.
    Moran, T., Naor, M.: Split-ballot voting: everlasting privacy with distributed trust. ACM Trans. Inf. Syst. Secur. 13(2), 16 (2010)CrossRefGoogle Scholar
  63. 63.
    Neff, C.A.: A verifiable secret shuffle and its application to e-voting. In: ACM Conference on Computer and Communications Security. ACM (2001)Google Scholar
  64. 64.
    Neff C.A.: Practical high certainty intent verification for encrypted votes (2004).
  65. 65.
    Popoveniuc, S., Hosp, B.: An Introduction to Punchscan. In: IAVoSS Workshop on Trustworthy Elections, August 2006Google Scholar
  66. 66.
    Popoveniuc, S., Kelsey, J., Regenscheid, A., Vora, P.L.: Performance requirements for end-to-end verifiable elections. In: USENIX Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, August 2010Google Scholar
  67. 67.
    Rivest, R.L.: The Three Ballot voting system (2006).
  68. 68.
    Rivest, R.L.: On the notion of “software independence” in voting systems. Philos. Trans. R. Soc. A Math. Phys. Eng. Sci. 366, 3759–3767 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  69. 69.
    Rivest, R.L.: DiffSum: a simple post-election risk-limiting audit. CoRR abs/1509.00127 (2015)Google Scholar
  70. 70.
    Rivest, R.L., Shen, E.: A Bayesian method for auditing elections. In: USENIX Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, August 2012Google Scholar
  71. 71.
    Rivest, R.L., Smith, W.D.: Three voting protocols: ThreeBallot, VAV, and Twin. In: USENIX/ACCURATE Electronic Voting Technology Workshop, August 2007Google Scholar
  72. 72.
    Rosen, A., Ta-shma, A., Riva, B., Ben-Nun, J.Y.: Wombat voting system.
  73. 73.
    Ryan, P.Y.A.: Prêt à voter with confirmation codes. In: 2011 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, August 2011Google Scholar
  74. 74.
    Ryan, P.Y.A., Bismark, D., Heather, J., Schneider, S., Xia, Z.: Prêt à voter: a voter-verifiable voting system. IEEE Trans. Inf. Forensics Secur. 4(4), 662–673 (2009)CrossRefGoogle Scholar
  75. 75.
    Ryan, P.Y.A., Roenne, P.B., Iovino V.: Selene: Voting with Transparent Verifiability and Coercion-Mitigation. Cryptology ePrint Archive, Report 2015/1105 (2015).
  76. 76.
    Saari, D.G.: Geometry of voting (2012)Google Scholar
  77. 77.
    Sako, K., Kilian, J.: Receipt-free mix-type voting scheme. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 393–403. Springer, Heidelberg (1995). doi: 10.1007/3-540-49264-X_32 Google Scholar
  78. 78.
    Sandler, D.R., Derr, K., Wallach, D.S.: VoteBox: a tamper-evident, verifiable electronic voting system. In: 17th USENIX Security Symposium, July 2008Google Scholar
  79. 79.
    Sarwate, A.D., Checkoway, S., Shacham, H.: Risk-limiting audits and the margin of victory in nonplurality elections. Stat. Polit. Policy 4(1), 29–64 (2013)Google Scholar
  80. 80.
    Schulze, M.: A new monotonic, clone-independent, reversal symmetric, and condorcet-consistent single-winner election method. Soc. Choice Welfare 36(2), 267–303 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  81. 81.
    Smyth, B., Ryan, M., Kremer, S., Kourjieh, M.: Towards automatic analysis of election verifiability properties. In: Armando, A., Lowe, G. (eds.) ARSPA-WITS 2010. LNCS, vol. 6186, pp. 146–163. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-16074-5_11 CrossRefGoogle Scholar
  82. 82.
    Springall, D., Finkenauer, T., Durumeric, Z., Kitcat, J., Hursti, H., MacAlpine, M., Halderman, J.A.: Security analysis of the Estonian Internet voting system. In: 21st ACM Conference on Computer and Communications Security (2014)Google Scholar
  83. 83.
    Stark, P.: Conservative statistical post-election audits. Ann. Appl. Stat. (2008)Google Scholar
  84. 84.
    Stark, P.B.: Super-simple simultaneous single-ballot risk-limiting audits. In: Proceedings of the 2010 International Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, August 2010Google Scholar
  85. 85.
    Stark, P.B., Teague, V.: Verifiable European elections: risk-limiting audits for d’hondt and its relatives. USENIX J. Election Technol. Syst. 1(3), 18–39 (2014)Google Scholar
  86. 86.
    Stark, P.B., Wagner, D.A.: Evidence-based elections. IEEE Secur. Priv. Mag. 10(05), 33–41 (2012)CrossRefGoogle Scholar
  87. 87.
    Terelius, B., Wikström, D.: Proofs of restricted shuffles. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 100–113. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-12678-9_7 CrossRefGoogle Scholar
  88. 88.
    Tideman, T.N.: Independence of clones as a criterion for voting rules. Soc. Choice Welfare 4(3), 185–206 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  89. 89.
    Trayno, I.: Russia accused of unleashing cyberwar to disable Estonia, May 2007.
  90. 90.
    Unruh, D., Müller-Quade, J.: Universally composable incoercibility. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 411–428. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14623-7_22 CrossRefGoogle Scholar
  91. 91.
    U.S. Vote Foundation and Galois: The future of voting: End-to-end verifiable Internet voting specification and feasibility assessment study (2015).
  92. 92.
    Wallach, D.: Security and Reliability of Webb County’s ES&S Voting System and the March 06 Primary Election. Expert Report in Flores v, Lopez (2006)Google Scholar
  93. 93.
    Zagórski, F., Carback, R.T., Chaum, D., Clark, J., Essex, A., Vora, P.L.: Remotegrity: design and use of an end-to-end verifiable remote voting system. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 441–457. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38980-1_28 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Matthew Bernhard
    • 2
    Email author
  • Josh Benaloh
    • 1
  • J. Alex Halderman
    • 2
  • Ronald L. Rivest
    • 8
  • Peter Y. A. Ryan
    • 3
  • Philip B. Stark
    • 4
  • Vanessa Teague
    • 6
  • Poorvi L. Vora
    • 7
  • Dan S. Wallach
    • 5
  1. 1.Microsoft ResearchRedmondUSA
  2. 2.University of MichiganAnn ArborUSA
  3. 3.University of LuxembourgLuxembourg CityLuxembourg
  4. 4.University of California at BerkeleyBerkeleyUSA
  5. 5.Rice UniversityHoustonUSA
  6. 6.University of MelbourneMelbourneAustralia
  7. 7.The George Washington UniversityWashingtonUSA
  8. 8.Massachusetts Institute of TechnologyCambridgeUSA

Personalised recommendations