Will, M. A., Nicholson, B., Tiehuis, M., & Ko, R. K. L. (2015). Secure voting in the cloud using homomorphic encryption and mobile agents. In Proceedings of the 2015 International Conference on Cloud Computing Research and Innovation, 26-27 October, 2015, Singapore (pp. 173–184). Washington, DC, USA: IEEE. http://doi.org/10.1109/ICCCRI.2015.30
Permanent Research Commons link: https://hdl.handle.net/10289/10568
While governments are transitioning to the cloud to leverage efficiency, transparency and accessibility advantages, public opinion - the backbone of democracy - is being left behind. Statistics show that traditional paper voting is failing to reach the technological-savvy generation, with voter turnout decreasing every election for many first-world countries. Remote electronic voting is a possible solution facilitator to this problem, but it still faces several security, privacy and accountability concerns. This paper introduces a practical application of partially homomorphic encryption to help address these challenges. We describe a cloud-based mobile electronic voting scheme, evaluating its security against a list of requirements, and benchmarking performance on the cloud and mobile devices. In order to protect voter privacy, we propose moving away from a public bulletin board so that no individual cipher votes are saved, while still allowing vote verification. As the majority of the security threats faced by electronic voting are from the underlying system, we also introduce the novel concept of using a dedicated hardware server for homomorphic tallying and decryption.
This is an author’s accepted version of an article published in the Proceedings of the 2015 International Conference on Cloud Computing Research and Innovation. ©2015 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.