Abstract
End-to-end verifiable Internet voting enables a high level of election integrity. Cast-as-intended verification, in particular, allows voters to verify that their vote has been correctly cast, even in the presence of malicious voting devices. One cast-as-intended verification approach is code-based verification, used since 2015 in legally-binding Swiss elections. We evaluated the Swiss paper-based polling sheet and voting interface, focusing on how well it supported voters in verifying their votes. We uncovered several potential issues related to manipulation detection. We improved the paper-based polling sheet and voting interface accordingly. Then, we carried out a between-subjects lab study with 128 participants to compare the original and improved sheet and interface wrt. usability and its effectiveness in supporting manipulation detection. Our improvements significantly enhanced detection. Our study delivered insights into participants’ somewhat ineffectual reactions to detected anomalies, i.e. starting over again and trying to cast the same vote again, or calling the telephone number provided by the interface. This problem is likely to manifest in any verifiable voting system and thus needs to be addressed as future work.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
This type of code is also commonly referred to as a check or return code in the literature.
- 2.
For screenshots of the voting website and polling sheets for both of the evaluated systems, see https://secuso.org/code-based-supplemental-material.
- 3.
Germany’s Social Democratic Party.
- 4.
Participants were asked to cast a vote for a specific party to preserve ballot secrecy.
- 5.
Cast votes were neither stored nor processed.
References
Acemyan, C.Z., Kortum, P., Byrne, M.D., Wallach, D.S.: Usability of voter verifiable, end-to-end voting systems: baseline data for Helios, Prêt à Voter, and Scantegrity II. USENIX J. Election Technol. Syst. 2(3), 26–56 (2014)
Acemyan, C.Z., Kortum, P., Byrne, M.D., Wallach, D.S.: From error to error: why voters could not cast a ballot and verify their vote with Helios, Prêt à Voter, and Scantegrity II. USENIX J. Election Technol. Syst. (JETS) 3(2), 1–19 (2015)
Acemyan, C.Z., Kortum, P., Byrne, M.D., Wallach, D.S.: Summative usability assessments of STAR-Vote: a cryptographically secure e2e voting system that has been empirically proven to be easy to use. Hum. Factors 2018, 1–24 (2018)
Bangor, A., Kortum, P., Miller, J.: Determining what individual SUS scores mean: adding an adjective rating scale. J. Usability Stud. 4(3), 114–123 (2009)
Bär, M., Henrich, C., Müller-Quade, J., Röhrich, S., Stüber, C.: Real world experiences with bingo voting and a comparison of usability. In: IAVoSS Workshop On Trustworthy Elections (WOTE 2008), Leuven, Belgium (2008)
Bernhard, M., et al.: Can voters detect malicious manipulation of ballot marking devices? In: Proceedings of the 41st IEEE Symposium on Security and Privacy, Oakland (2020, To appear)
Budurushi, J., Renaud, K., Volkamer, M., Woide, M.: An investigation into the usability of electronic voting systems for complex elections. Ann. Telecommun. 71(7–8), 309–322 (2016). https://doi.org/10.1007/s12243-016-0510-2
Budurushi, J., Woide, M., Volkamer, M.: Introducing precautionary behavior by temporal diversion of voter attention from casting to verifying their vote. In: Workshop on Usable Security, USEC 2014, San Diego, California, 23 February 2014. Internet Society, Reston (2014). ISBN 1–891562-37-1
Distler, V., Zollinger, M.-L., Lallemand, C., Roenne, P., Ryan, P., Koenig, V.: Security-visible, yet unseen? How displaying security mechanisms impacts user experience and perceived security. In: Proceedings of ACM CHI Conference on Human Factors in Computing Systems (CHI 2019), Glasgow, Scotland, pp. 605:1–605:13 (2019)
Giles, M.: US elections are still far too vulnerable to attack - at every level, 6 June 2019. https://www.technologyreview.com/s/613635/us-elections-are-still-far-too-vulnerable-to-attackat-every-level/. Accessed 23 June 2019
Gjøsteen, K., Lund, A.S.: An experiment on the security of the Norwegian electronic voting protocol. Ann. Telecommun. 71(7–8), 299–307 (2016). https://doi.org/10.1007/s12243-016-0509-8
Halderman, J.A.: Practical attacks on real-world e-voting. In: Hao, F., Ryan, P.Y.A. (eds.) Real-World Electronic Voting. Design, Analysis and Deployment, pp. 143–170. Auerbach Publications, Boca Raton (2016)
Harada, M., Smith, D.M.: You have to pay to play: candidate and party responses to the high cost of elections in Japan. Electoral. Stud. 36(2014), 51–64 (2014)
Karayumak, F., Olembo, M.M., Kauer, M., Volkamer, M.: Usability analysis of helios - an open source verifiable remote electronic voting system. In: Proceedings of the: Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (EVT/WOTE 2011). USENIX Association, Berkeley (2011)
Kulyk, O., Henzel, J., Renaud, K., Volkamer, M.: Comparing “challenge-based” and “code-based” internet voting verification implementations. In: Lamas, D., Loizides, F., Nacke, L., Petrie, H., Winckler, M., Zaphiris, P. (eds.) INTERACT 2019. LNCS, vol. 11746, pp. 519–538. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29381-9_32
Kulyk, O., Neumann, S., Budurushi, J., Volkamer, M.: Nothing comes for free: how much usability can you sacrifice for security? IEEE Secur. Priv. 15(3), 24–29 (2017)
Kulyk, O., Volkamer, M.: Usability is not enough: lessons learned from human factors in security - research for verifiability. E-Vote-ID 2018, pp. 66–81 (2018)
MacNamara, D., Gibson, P., Oakley, K.: A preliminary study on a DualVote and Prêt à Voter hybrid system. In: CeDEM 2012: Conference for E-Democracy and Open Government, 3–4 May 2012, p. 77. Edition-Donau-Univ. Krems, Danube-University Krems, Austria (2012)
MacNamara, D., Scully, T., Gibson, P.: DualVote addressing usability and verifiability issues in electronic voting systems (2011). http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.399.7284
Marky, K., Kulyk, O., Renaud, K., Volkamer, M.: What did i really vote for? In: 2018 Proceedings of the CHI Conference on Human Factors in Computing Systems, p. 176. ACM, Montreal (2018)
Olembo, M.M., Renaud, K., Bartsch, S., Volkamer, M.: Voter, what message will motivate you to verify your vote. In: Workshop on Usable Security. USEC, Okinawa (2014)
Oostveen, A.-M., Van den Besselaar, P.: Users’ experiences with e-voting: a comparative case study. J. Electronic Gov. 2(4), 357–377 (2009)
Schneider, S., Llewellyn, M., Culnane, C., Heather, J., Srinivasan, S., Xia, Z.: Focus group views on Prêt à Voter 1.0. In: International Workshop on Requirements Engineering for Electronic Voting Systems (REVOTE), pp. 56–65. IEEE, Trento (2011)
Schweitzer, E.J., Albrecht, S.: Das Internet im Wahlkampf: Eine Einführung. In: Schweitzer, E.J., Albrecht, S. (eds.) Das Internet im Wahlkampf, pp. 9–65. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-531-92853-1_1
Serdult, U., Germann, M., Mendez, F., Portenier, A., Wellig, C.: Fifteen years of internet voting in switzerland [history, governance and use]. In: 2nd International Conference on eDemocracy & eGovernment (ICEDEG), pp. 126–132. IEEE, Quito (2015)
Solvak, M., Krimmer, R.: The curse of knowledge. E-Vote-ID (2019)
Weber, J.-L., Hengartner, U.: Usability Study of the Open Audit Voting System Helios (2009). http://www.jannaweber.com/wpcontent/uploads/2009/09/858Helios.pdf. Accessed 22 Dec 2017
Winckler, M., et al.: Assessing the usability of open verifiable e-voting systems: a trial with the system Prêt à Voter. In: Proceedings of ICE-GOV, pp. 281–296 (2009)
Acknowledgement
This work was partially conducted within the Center of Information Security and Trust at the IT University of Copenhagen and also supported by the German Federal Ministry of Education and Research within the Competence Center for Applied Security Technology (KASTEL).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Kulyk, O., Volkamer, M., MĂĽller, M., Renaud, K. (2020). Towards Improving the Efficacy of Code-Based Verification in Internet Voting. In: Bernhard, M., et al. Financial Cryptography and Data Security. FC 2020. Lecture Notes in Computer Science(), vol 12063. Springer, Cham. https://doi.org/10.1007/978-3-030-54455-3_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-54455-3_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-54454-6
Online ISBN: 978-3-030-54455-3
eBook Packages: Computer ScienceComputer Science (R0)