VeLVeT: Trusted and Verifiable, Large-scale e-Voting

Description of the Project:

Lately, the implementation of large-scale e-voting systems, including remote e-voting in national elections, is increasingly being viewed as feasible in short term perspective and may soon even become the norm, however not prior to rigorous and continuous pilot testing and research. The fact that no single system and/or methodology have been proven as fully satisfactory for this purpose shows that there is still a lot of work to be done in the area.

One of the main concerns in implementing trusted electronic elections is to ensure the verifiability of the e-voting process, without compromising its confidentiality and vote integrity. This is hard to provide by technology only and it further requires a set of strict security policy protocols to be developed and applied, in order to ensure “individual and institutional verifiability” while at the same time avoiding the vote-selling, malicious administration, minority conspiracy and other problems. Our proposed solution will enable the voters to be able to verify whether they have voted and what, without allowing them to “sell” their votes.

Another technological concern is the sizing of the system and its scalability, with respect to its performance, as the voting population grows. In this direction, we propose a scalable central system (of a “star” topology), consisting of a communication cluster subsystem and a database cluster subsystem.

Other issues that will be addressed are:
- the Legal Framework required (system failure liability, confidentiality breach liability, institutional verifiability, etc.)
- ways to educate the People and overcome the “digital divide” (requires societal and psychological analysis).

Our proposal relates most closely to the following Call Strategic Objective:
   Challenge 1: Pervasive and Trusted Network and Service Infrastructures.
   Objective ICT-2007.1.4: Secure, Dependable and Trusted Infrastructures.

Expected Outcomes:
As an outcome of this project we expect to provide a complete (as thorough, solid and bullet-proof, as possible) solution to the challenging problem of how Trusted and Verifiable Large-scale e-Elections can be carried out at a national level, with today’s state-of-the-art technology available. In other words, we expect to explicitly state what needs to be done from a technological, legal and societal point of view in order to propose a viable solution to this long lasting challenge of our Technology and our Democracy.

 

Our proposed technological approach, in brief, is as follows:

- NETWORKS: Allow strictly non-Internet, highly protected and secure networking infrastructures, with Virtual Private Networks (VPN). Star topology, or a 2-level (star) hierarchy combined with a (semi-)distributed central system. In the latter case, synchronization and extended security issues will have to be effectively dealt with.
- COMMUNICATIONS: We propose end-to-end, strongly secure client-server communications (i.e., strongly secure tunnels at the application level). For the crypto operations, a PKI system will be used with scalable protocols for key distribution and for combining symmetric and asymmetric encryption.
- CENTRAL PROCESSING SYSTEM: Multi-tier, client-server, centralized (or semi-centralized) servers (communication servers cluster and database servers cluster) supporting dynamic load distribution, scalability and fault-tolerance.
- VOTING TERMINALS: Specially designed, user-friendly GUI to bridge the “digital divide” of the population. Secure packaging and secure communications will be provided.
- PERSONAL VERIFIABILITY: Enabling the voters to be able to verify whether they have voted and what, can be ensured by using public or semi-public data that is, combining transparency and confidentiality in an efficient and legally / societally acceptable manner.
- INSTITUTIONAL VERIFIABILITY: Physical process protocols and crypto solutions, including very strict majority-voting protocols with conflicting-interest participants will be used to ensure that the central administration does not have the opportunity to compromise neither the confidentiality of the e-election process nor the final results.
- EVALUATION and TESTING: Use of performance modeling (analytical modeling, mean-value analysis, simulation studies). Voting terminals enabled with synthetic load generators for additional load to test scalability for several millions of users.

large-scale e-elections
large-scale e-voting
cluster systems
distributed database clusters
communication clusters
trusted computing infrastructures
analytical modeling
performance analysis
security and privacy

We are seeking partners with expertise in the following:

- Design and implementation of crypto algorithms and various security protocols

- Infrastructure specialists (computing systems, networks and communications)

- Cluster specialists (for cluster implementations)

- Database specialists (for distributed databases)

- Performance analysis (for modeling and analysis)

- Legal issues

- Psychological issues of large-scale e-voting

- Societal issues of large-scale e-voting

 

In order to achieve the main goals of the project, we plan to: 

- Study existing approaches and identify their strengths and weaknesses. 
- Propose and implement a set of protocols to ensure “individual verifiability” and “institutional verifiability” of the voting process
- Design and theoretically evaluate the performance of a complete, scalable e-voting system architecture, based on a multi-tier client-server infrastructure.
- Model, simulate and conduct performance analysis of the targeted system and its individual components, with emphasis on sizing, scalability and security issues. 
- Implement a pilot prototype system for preliminary evaluation. 
- Devise a testing methodology to extrapolate the results derived from the pilot system to any realistically “large” case. 
- Provide a solid legal framework of national and European caliber, for conducting trusted national elections with the proposed system.

We seek partners with expertise in the following areas:

- Security and Privacy (crypto algorithms and security policies)
- Computer Networks and Communications
- Parallel and Distributed Processing Systems
- Cluster Processing Systems
- Distributed Databases
- Analytical modeling, Performance Analysis and Testing
- Legal, Societal and Psychological analysis

Yes