Secure Online Voting

Title: Secure Online Voting

Duration: 3.20 mins

Speaker: Mark Ryan, Professor of Computer Security

Begins

Hi, I’m Mark Ryan, Professor of Computer Security at the University of Birmingham. Wouldn’t it be great if we could vote from home using the internet instead of having to go to the polling station? After all, we can do online banking, online shopping and online chatting, so why not online voting? Currently when you vote at a polling station you mark your choice on the ballot paper in private, fold the ballot paper and put it into a ballot box. So only the people who count the votes can see who you voted for. That stops family members, politicians and employers from improperly influencing how you vote. In order to ensure that the system is fair, each person receives only one ballot paper so that you can’t vote more than once. To try to avoid mistakes the votes are counted in front of observers that watch the count.

This system has served us pretty well, however it’s far from foolproof. In relying on people we make ourselves vulnerable to the possibility of human error or corruption. Imagine if instead of the current paper based system, the election authority ran a simple website that you could vote on. So instead of having to rely on multiple people counting votes, you’d be relying on just one piece of software. At first glance this seems like a pretty straightforward solution. However, such a system comes with its own set of difficulties. For example, how could you know that the website worked properly? How would you know that votes were properly counted or that who you voted for remains secret? A programmer could have slipped in code that adds extra votes to a certain candidate. This is important because unlike online banking and shopping, it’s not going to be easy to correct mistakes later.

So to summarise, we’d like to be able to vote online without having to trust the programmers, the system administrators or the election authorities. We’d like to know that our vote remains secret and we’d like to know that all the votes are counted correctly. Many people around the world are looking into different ways of meeting those requirements and in fact already very clever schemes have been invented. Unfortunately however, those schemes employ such complicated security that it makes them pretty unusable for the average voter.

Here at the University of Birmingham we’re working on designing something that’s a bit more practical and user friendly. Rather than trying to prevent all forms of fraud and coercion, our system will tolerate some of this activity but detect and report that it took place. In practical terms that means that instead of asking you to deal with a whole lot of frustrating security procedures that aim to prevent any chance of fraud, our system will simply highlight any votes which were cast through dubious means. By choosing to focus on detection rather than prevention, we believe that in time we can develop a secure, trustworthy and user friendly system that will make online voting a reality in the future.

Ends