Skip to main content
SpringerLink
Log in

An experiment on the security of the Norwegian electronic voting protocol

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

Even when using a provably secure voting protocol, an election authority cannot argue convincingly that no attack that changed the election outcome has occurred, unless the voters are able to use the voting protocol correctly. We describe one statistical method that, if the assumptions underlying the protocol’s security proof hold, could provide convincing evidence that no attack occurred for the Norwegian Internet voting protocol (or other similar voting protocols). To determine the statistical power of this method, we need to estimate the rate at which voters detect possible attacks against the voting protocol. We designed and carried out an experiment to estimate this rate. We describe the experiment and results in full. Based on the results, we estimate upper and lower bounds for the detection rate. We also discuss some limitations of the practical experiment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Campbell BA, Byrne MD (2009) Straight-party voting: what do voters think? IEEE Trans Inf Forensics Secur 4(4):718–728. doi:10.1109/TIFS.2009.2031947

    Article  Google Scholar 

  2. Gjøsteen K Analysis of an internet voting protocol. Cryptology ePrint Archive, Report 2010/380 (2010). http://eprint.iacr.org/

  3. Gjøsteen K The Norwegian internet voting protocol. Cryptology ePrint Archive, Report 2013/473 (2013). http://eprint.iacr.org/

  4. Gjøsteen K, Lund AS The Norwegian internet voting protocol: a new instantiation. Cryptology ePrint Archive, Report 2015/503 (2015). http://eprint.iacr.org/

  5. Karayumak F, Kauer M, Olembo MM, Volk T, Volkamer M (2011) User study of the improved Helios voting system interfaces. In: 1st workshop on socio-technical aspects in security and trust, STAST 2011, Milan, pp 37–44. doi:10.1109/STAST.2011.6059254

  6. Karayumak F, Olembo MM, Kauer M, Volkamer M (2011) Usability analysis of Helios - an open source verifiable remote electronic voting system. In: 2011 electronic voting technology workshop / workshop on trustworthy elections, EVT/WOTE ’11, San Francisco. https://www.usenix.org/conference/evtwote-11/usability-analysis-helios-%E2%80%94-open-source-verifiable-remote-electronic-voting

  7. Koenig RE, Locher P, Haenni R (2013) Attacking the verification code mechanism in the Norwegian internet voting system. In: Heather J, Schneider SA, Teague V (eds) Proceedings of 4th international conference of e-voting and identify. Vote-ID 2013. Lecture Notes in Computer Science, vol 7985. Springer, Guildford, pp 76–92. doi:10.1007/978-3-642-39185-9_5

    Google Scholar 

  8. Olembo MM, Bartsch S, Volkamer M (2013) Mental models of verifiability in voting. In: Proceedings of 4th international conference of e-voting and identify, Vote-ID 2013, Guildford, pp 142–155. doi:10.1007/978-3-642-39185-9_9

  9. Olsen KA, Nordhaug HF (2012) Internet elections: unsafe in any home? Commun ACM 55(8):36–38. doi:10.1145/2240236.2240251

    Article  Google Scholar 

  10. Schneider S, Llewellyn M, Culnane C, Heather J, Srinivasan S, Xia Z (2011) Focus group views on Prêt à Voter 1.0. In: 2011 international workshop on requirements engineering for electronic voting systems, REVOTE 2011, Trento, pp 56–65. doi:10.1109/REVOTE.2011.6045916

  11. Sherman AT, Carback R, Chaum D, Clark J, Essex A, Herrnson PS, Mayberry T, Popoveniuc S, Rivest RL, Shen E, Sinha B, Vora PL (2010) Scantegrity mock election at Takoma park. In: 4th international conference of electronic voting 2010, EVOTE 2010. Co-organized by Council of Europe, Gesellschaft für Informatik and E-Voting.CC. Castle Hofen, Bregenz, pp 45–61. http://subs.emis.de/LNI/Proceedings/Proceedings167/article5683.html

    Google Scholar 

  12. Stone D, Jarrett C, Woodroffe M, Minocha S (2005) User interface design and evaluation. Morgan Kaufmann

  13. Weber JL, Hengartner U (2009) Usability study of the open audit voting system Helios. http://www.jannaweber.com/wp-content/uploads/2009/09/858Helios.pdf

  14. Yao Y, Murphy LD (2007) Remote electronic voting systems: an exploration of voters’ perceptions and intention to use. EJIS 16(2):106–120. doi:10.1057/palgrave.ejis.3000672

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematical Sciences, NTNU, 7491, Trondheim, Norway

    Kristian Gjøsteen & Anders Smedstuen Lund

Authors
  1. Kristian Gjøsteen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anders Smedstuen Lund
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kristian Gjøsteen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gjøsteen, K., Lund, A.S. An experiment on the security of the Norwegian electronic voting protocol. Ann. Telecommun. 71, 299–307 (2016). https://doi.org/10.1007/s12243-016-0509-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-016-0509-8

Keywords

Search

Navigation