4 - Conclusion |
  |
4 CONCLUSION |
We conclude with a comparison of the goals of the CyberVote project with the initiatives considered in this deliverable.
A first goal of the CyberVote project is to design and test voting systems for which the underlying cryptographic protocols fulfil a rich set of security properties. In particular, it is required that the voting system is universally verifiable, which means that any party can verify that the election result actually corresponds to the encrypted votes cast during the election and furthermore that ballot secrecy is controlled by a set of talliers of any size deemed appropriate. That is, ballot secrecy is not necessarily dependent on a small, fixed number of parties but can be scaled to any desirable number of parties, which we call scalable distributed trust. Hence, among other things, the underlying cryptographic protocols are designed to satisfy the seemingly conflicting requirements of universal verifiability and ballot secrecy.
The cryptographic strength of the CyberVote system will thus be much higher than of all of the other initiatives considered in this deliverable, except for the products by VoteHere.net and the prototype used in the InternetStem project, which target the same set of security properties as the CyberVote project. Clearly, good overall security of the election system is not simply guaranteed by the strength of the underlying protocols, but weaknesses in these protocols can never be compensated for by additional security measures. Any appropriate state of the art security measures will be applied to achieve good overall security of the CyberVote system.
A second goal of the CyberVote project is to extend the platform for voting clients from PCs to other networked devices such as mobile phones and possibly TV settop boxes. Availability of voting clients on these devices will provide greater convenience to the voters. Some of the challenges are to implement the above mentioned cryptographic protocols, which require large-integer arithmetic, and to find suitable user-interfaces for these constrained devices. An important part of the CyberVote effort will be devoted to these issues. The other projects considered in this deliverable only target PCs.
A further goal of the CyberVote project is to take legal issues for binding, public elections into account. While private elections allow for considerable freedom, the rules for public elections are generally much more stringent. Also, the goal is to make the CyberVote system compatible with the rules of several countries at the same time, rather than limiting the scope to a single country. For example, compulsory voting may be supported by the CyberVote system, although it is not a requirement in every country. Further, the interaction between the CyberVote project and legislative bodies is supposed to be bidirectional, that is, the CyberVote project tries to match current and emerging requirements for voting systems and, at the same time, the CyberVote project tries to assist the development of new legislation pertaining to Internet-based voting systems.
Finally, CyberVote aims at realizing a user-friendly system in which voters can cast their vote in one session as easily as they cast their ballot in traditional election, using technologies the user is familiar with, and relying on a validated ergonomics plan [15].
