BSI study: No patent remedy for protection against manipulated voting machines

Beyond federal and state elections, voting is increasingly being conducted online. However, "there is no universal solution to protect against potentially manipulated voting machines." This is one of the findings of a study on the "end-to-end verifiability" of online elections commissioned by the German Federal Office for Information Security (BSI). According to the study, which verification mechanism for voting machines is suitable for certain votes "depends on various election-specific requirements".

With e-voting, there is a risk that voters' votes could be changed unnoticed through manipulation or software errors. For more than forty years, researchers and developers have been working on end-to-end verifiable online systems that safeguard the secrecy of the ballot. They have published hundreds of academic papers and implemented numerous e-voting systems. The study now published by August is intended to make it easier to make a choice in this "jungle". Among other things, it presents various cryptographic methods to protect the anonymity of voters during the evaluation and subsequent verification of election results.

The primary aim of these methods is to "place as little trust as possible in the individual components of the voting system", explains the Swiss IT security company Famoser, which prepared the analysis for the BSI. An important procedure for this is "secret rearrangement": the connections between the secret ballots received and those issued in plain text are concealed by randomly reshuffling the former. In "secret aggregation", another approach, the individual votes of each candidate are secretly added together and these totals are then issued.

For secret ballot boxes, the authors describe malleable public key encryption in particular as an efficient method. Homomorphic aggregation and verifiable mixnets are important for counting secret ballots in such a way that the individual connections between voters and their votes remain secret in the final result. Digital signatures are described by the authors as a "simple and effective way" to ensure "that votes are cast by eligible voters".

Considering the voting system as a whole

According to the study, methods for verifying voting machines make "different compromises", for example between specific verification and data protection functions. "Audit-or-cast" is the easiest way to hook into an existing voting system, but has weaknesses. "Cast-and-audit" guarantees that the encrypted vote cast by the voting machine is actually the one cast by the voter. This requires "a cryptographically more complex interaction with the election server".

According to the researchers, return codes save the voter from having to use a verification device. They made it unnecessary for the machine to learn the voter's choice. However, this would require "a more complex voting infrastructure". Combinations of these components are recommended. In their practicability analysis, the team refers to software libraries that implement the various mechanisms described. These are CHVote, ElectionGuard, Verificatum, Belenios and Swiss Post.

The experts conclude that a holistic view of the e-voting system is crucial. It is not enough to know what each individual security method does. For many elections, it is necessary to protect privacy in the long term. There are now practicable approaches for post-quantum cryptography to ensure this.

(nen)