Towards Trustworthy Electronic Voting Systems

We will focus on this talk on electronic voting which emulates traditional voting in a networked environment. We will first introduce the model of electronic voting. In particular, we will present the security requirements that an electronic voting system must fulfil in order to be a proper substitute for a paper-ballot system. We will also briefly review the cryptographic tools generally used to design secure electronic voting systems.<br/> We will then address some particular drawbacks of usual e-voting systems and show that recent works give serious hope to overcome them -or, on the contrary, annihilate such a hope. In particular, we will briefly present some methods which allow to detect when voting machines (or softwares) are misbehaving. By using them, it is possible to achieve the "What You See Is What You Vote for" property without performing a complex and costly security evaluation of these machines (or softwares). We will next briefly explain how to render useless all kind of coercive attacks (how to ensure that a vote is free, i.e. not constrained) in the context of on-line voting. Finally, we will also give evidence that the "perfect system" cannot exist, by mentioning some impossibility results from WOTE'06. In particular, perfect ballot secrecy and "universal" verifiability of the outcome of the election cannot be satisfied at the same time. We will conclude our presentation with a discussion of ongoing research on the area of e-voting protocols.