Ben Adida, Olivier Pereira EVT/WOTE 2010 { August 9, 2010 · State of Helios 2010 - Aug. 2010 1 State of Helios 2010: features and deployments Ben Adida, ... Aug. 2010 10 After the

UCL Crypto GroupMicroelectronics Laboratory State of Helios 2010 - Aug. 2010 1

State of Helios 2010: features and deployments

Ben Adida, Olivier Pereira

EVT/WOTE 2010 – August 9, 2010


Helios. . .

online electionslow-coercion

more than 25000 votes cast


Helios. . .

online electionslow-coercion

more than 25000 votes cast


Helios. . .

1. New developments

2. New deployments

3. New release


Monitoring Helios elections

Helios offers a bulletin board, but . . .

I What if the Helios server is getting hacked?Audit will see it, but are we stuck?

I Audit is technical. . .Can I share my audit results?

Observation:

The Helios server only stores public data!






Observation:







Observation:




Helios Election Monitor (by Olivier de Marneffe)https://www.uclouvain.be/crypto/electionmonitor/

https://www.uclouvain.be/crypto/electionmonitor/





Audit of the tally


After the UCL president election. . .

AGL (the UCL student association), Sep. 2009:

“Could we also have verifiable elections on the Internet?”

- “Well, how do your elections work?”


After the UCL president election. . .

AGL (the UCL student association), Sep. 2009:

“Could we also have verifiable elections on the Internet?”

- “Well, how do your elections work?”


UCL student elections

“Our ballots are a bit more complicated, here is a typical list:



“and:



“and:

“and we typically have 3 such lists + a few smaller ones”



“and:

“and we typically have 3 such lists + a few smaller ones”


Helios ballot encoding

Helios ballot encoding [CGS97]: 6 modexp/candidate

≈ 250 candidates: minutes on an old browser


Helios ballot encoding

Helios ballot encoding [CGS97]: 6 modexp/candidate

≈ 250 candidates: minutes on an old browser


We need something else. . .

Move to completely different crypto!

I Mixnet-based tallying

I one ciphertext per ballot

I use augmented cryptosystems [Wik08] to ensure ballotindependence

≤ 5 modexp/ballot


We need something else. . .

Move to completely different crypto!

I Mixnet-based tallying

I one ciphertext per ballot

I use augmented cryptosystems [Wik08] to ensure ballotindependence

≤ 5 modexp/ballot


Deployment. . .

I New participation record!77% of students want to keep paper and electonic polling,

22% want Internet onlyI Much more burden than homomorphic tallying:

I checking ballot independence,I mixing,I decryption and counting + proof verifications

I Still much more comfortable than paper tallying. . .


Deployment. . .


22% want Internet only

I Much more burden than homomorphic tallying:




Deployment. . .






Deployment. . .





FROM TO 2010 2011 2012 2013

2009-12-14 17:00:002009-12-14 18:00:00 44 68 80 74

2009-12-14 18:00:002009-12-14 19:00:00 26 36 47 43

2009-12-14 19:00:002009-12-14 20:00:00 13 10 16 27

2009-12-14 20:00:002009-12-14 21:00:00 11 21 21 22

2009-12-14 21:00:002009-12-14 22:00:00 6 14 17 18

2009-12-14 22:00:002009-12-14 23:00:00 4 5 9 9

2009-12-14 23:00:002009-12-15 00:00:00 3 1 8 7

2009-12-15 00:00:002009-12-15 01:00:00 0 6 6 6

2009-12-15 01:00:002009-12-15 02:00:00 5 14 6 11

2009-12-15 02:00:002009-12-15 03:00:00 10 15 2 8

2009-12-15 03:00:002009-12-15 04:00:00 3 5 7 5

2009-12-15 04:00:002009-12-15 05:00:00 9 5 5 0

2009-12-15 05:00:002009-12-15 06:00:00 2 1 6 2

2009-12-15 06:00:002009-12-15 07:00:00 2 3 1 5

2009-12-15 07:00:002009-12-15 08:00:00 1 6 2 3

2009-12-15 08:00:002009-12-15 09:00:00 0 1 0 0

2009-12-15 09:00:002009-12-15 10:00:00 0 0 0 0

2009-12-15 10:00:002009-12-15 11:00:00 0 0 0 0

2009-12-15 11:00:002009-12-15 12:00:00 0 0 0 0

2009-12-15 12:00:002009-12-15 13:00:00 0 0 0 0

2009-12-15 13:00:002009-12-15 14:00:00 0 2 1 0

2009-12-15 14:00:002009-12-15 15:00:00 1 2 0 0

2009-12-15 15:00:002009-12-15 16:00:00 0 1 0 0

2009-12-15 16:00:002009-12-15 17:00:00 3 0 1 1

2009-12-15 17:00:002009-12-15 18:00:00 1 0 0 1

2009-12-15 18:00:002009-12-15 19:00:00 1 1 2 1

2009-12-15 19:00:002009-12-15 20:00:00 25 27 4 15

2009-12-15 20:00:002009-12-15 21:00:00 6 5 1 12

2009-12-15 21:00:002009-12-15 22:00:00 0 13 2 3

2009-12-15 22:00:002009-12-15 23:00:00 3 0 1 4

2009-12-15 23:00:002009-12-16 00:00:00 0 2 2 2

2009-12-16 00:00:002009-12-16 01:00:00 1 4 0 1

2009-12-16 01:00:002009-12-16 02:00:00 2 5 4 1

2009-12-16 02:00:002009-12-16 03:00:00 1 3 4 5

2009-12-16 03:00:002009-12-16 04:00:00 0 0 0 0

2009-12-16 04:00:002009-12-16 05:00:00 0 0 0 0

2009-12-16 05:00:002009-12-16 06:00:00 0 0 0 0

2009-12-16 06:00:002009-12-16 07:00:00 0 0 0 0

2009-12-16 07:00:002009-12-16 08:00:00 0 0 0 0

2009-12-16 08:00:002009-12-16 09:00:00 0 0 0 0

2009-12-16 09:00:002009-12-16 10:00:00 0 0 0 0

2009-12-16 10:00:002009-12-16 11:00:00 0 0 0 0

2009-12-16 11:00:002009-12-16 12:00:00 0 0 0 0

2009-12-16 12:00:002009-12-16 13:00:00 0 0 0 0

2009-12-16 13:00:002009-12-16 14:00:00 0 0 0 0

2009-12-16 14:00:002009-12-16 15:00:00 0 0 0 0

2009-12-16 15:00:002009-12-16 16:00:00 0 0 0 0

2009-12-16 16:00:002009-12-16 17:00:00 0 0 0 0

2009-12-16 17:00:002009-12-16 18:00:00 0 0 0 0 0

20

40

60

80

Princeton Winter 2009 Runoff Election, # votes cast per class per hour

2010 2011 2012 2013

DeploymentsInfocard Foundation(MS, Google, Oracle, Verizon, ...)

Université catholique de LouvainDean of the University

Top University hiringand promotion decisions

Princeton Student Gov Elections

IACR

New Release

online as of last nighthttp://heliosvoting.org

Java no longer necessary(but still good for increased privacy)

streamlined UI, more social

scalable to thousands of votersout of the box.

http://heliosvoting.org


A Non-ProfitDirectors➡ Ben Adida➡ Lawrence Lessig➡ Jim Adler

Tech Advisory Board➡ Josh Benaloh, Microsoft Research➡ Olivier Pereira, UCL➡ Dan Wallach, Rice University

Code➡ Ben Adida, Olivier Pereira, Olivier de Marneffe

go vote!http://heliosvoting.org



Documents

Ben Adida, Olivier Pereira EVT/WOTE 2010 { August 9, 2010 · State of Helios 2010 - Aug. 2010 1 State of Helios 2010: features and deployments Ben Adida, ... Aug. 2010 10 After the