CSE Colloquium: Peter Y. A. Ryan

Peter Y A Ryan
University of Luxembourg

Abstract 
A simple way to achieve a degree of verifiability and ballot privacy is to provide each voter with a unique, private tracking number. Votes are posted on a bulletin board in the clear along with their tracking number. Thus voters can visit the WBB confirm that there is an entry with their tracking number showing the correct vote. The beauty of this approach is its simplicity and understandability. There are, however, two drawbacks: we must ensure that trackers are unique and a coercer can demand that the voter reveal her tracking number before the votes are posted. It is interesting to note though that the coercer’s window of opportunity is limited: he must ask for the tracker before posting. If he asks after posting the voter has a simple strategy to fool him: just reads off a tracker number with the coercer’s required vote from the WBB.

 In this talk, I describe a scheme that addresses both of these problems. The main idea is to close off the coercer’s window of opportunity by ensuring that the voters only learn their tracker numbers after votes have been posted. Notification of the trackers must provide high assurance but be deniable. The resulting scheme provides rather strong verifiability and a receipt-freeness but also provides a more immediately understandable form of verifiability: voters can find their vote, in the clear, in the tally identified by their secret tracker. This is in contrast to the usual cryptographic E2E verification schemes in which voters can confirm that their encrypted ballot goes into the tally, but they need to understand how the various audits steps guarantee that their vote is correctly included in the tally. 

However, there is a sting in the tail: a coerced voter might light on the coercer’s tracker, or the coercer may simply claim that the tracker is his. I describe some elaborations of the simple scheme to counter this problem.

Bio 
Peter Ryan is Professor of Applied Security at the University of Luxembourg since Feb 2009. He has around 25 years of experience in cryptography, information assurance and formal verification. He pioneered the application of process calculi to modelling and analysis of secure systems, in particular to the characterization of information flows (non-interference) and the application of process algebra (CSP) and model-checking tools (FDR) to the analysis of security protocols. He has published extensively on cryptographic protocols, security policies, mathematical models of computer security and, most recently, end-to-end verifiable election systems. He is the creator of the (polling station) Prêt à Voter and, with V. Teague, the (internet) Pretty Good Democracy verifiable voting schemes. He was also co-designer of the vVote system, based on Prêt à Voter that was used successfully for Lower House elections in Victoria State, Australia in November 2014. With Feng Hao, he also developed the OpenVote boardroom voting scheme and the J-PAKE password based authenticated key establishment protocol. Recently he co-authored the “Remark!” scheme for secure, anonymous marking of exams and has been working on Quantum Authenticated Key Establishment Protocols.