Daily Bulletin


The Conversation

  • Written by Vanessa Teague, Senior Lecturer in the Department of Computing and Information Systems, University of Melbourne

In 2015, more than 280,000 votes were received in the New South Wales election from a personal computer or mobile phone. This was the largest-ever binding election to use online voting.

But federally, the Joint Standing Committee on Electoral Matters has ruled out allowing Australians to cast their vote online, arguing it risks “catastrophically compromising our electoral integrity”.

Despite years of research, nobody knows how to provide evidence of an accurate result while keeping individual online votes private.

Internet voting is similar to online banking, except you’re not sent a receipt saying “this is how you voted” because then you could be coerced or bribed. Your vote should be private, even from the electoral commission.

There are three reasons why Australia shouldn’t move to an online voting system:

  • the system might not be secure;

  • the code might not be correct; and, most importantly,

  • if something goes wrong, we might never know.

The system might not be secure

Computer security researcher Alex Halderman and I (Vanessa) found a serious security vulnerability in the NSW iVote system during March 2015 election. This was caused by some code imported into the secure voting session from an insecure third-party server. It meant an internet-based attacker could have exposed e-votes, changed them, and circumvented iVote’s verification process.

Read more: Thousands of NSW election online votes open to tampering

The vulnerability was repaired, but by that stage, 66,000 votes were cast. Just 3,000 votes determined the result of a disputed seat in the Legislative Council. There is no evidence that the security hole was exploited, but also no evidence that it was not.

Some iVote returns differed notably from those cast by more secure channels. The ALP received about 30% of the votes on paper in the Legislative Council, for instance, but only 25% via iVote. The NSW Electoral Commission (NSWEC) blamed these differences on a user interface design problem, but it might also have been a software error or a security breach.

The code might not be correct

The main use of computers in Australian elections is for counting complicated elections like the Senate and the upper houses of state parliaments. We’ve had the opportunity to inspect some of the code and some of the data. We’ve also found some bugs – which is a good thing, because then they can be fixed.

The vote-counting code used in the ACT is available for scrutiny. The Logic and Computation Group at the ANU analysed the code in 2001, 2005 and 2012 and found three bugs. Luckily they could be corrected before they affected an election.

This wasn’t the case in the 2012 local government elections in Griffith, NSW. Last week, with Andrew Conway and others, we identified a software error leading to a mistake in the 2012 results computed by the NSW Electoral Commission. The software error incorrectly distributed preferences, which meant candidate Rina Mercuri lost a spot on the Griffith council. Without the error, she would have won with a probability of about 91%.

The Australian Electoral Commission very recently purchased a new “Senate counting solution” from the same vendor that made iVote. But the code is unavailable to Australian public scrutiny, despite a Freedom of Information request and a Senate motion ordering the commission to publish it. The code should be made public, and the paper ballots should be available for auditing.

We’d expect a similar rate of error for internet voting code as counting code, but iVote’s code is not available for review. More importantly, there’s no simple way for an outsider to double-check the process.

If something goes wrong, we might never know

With no official account of the iVote run, and no public independent report, we cannot tell whether votes were changed or lost in the 2015 NSW election.

iVote had a limited verification mechanism: voters could ring a special service, enter their receipt number and have their vote read back to them.

An attacker who changed the vote could change the receipt number too, so the voter couldn’t retrieve any vote from the verification service. But the same would happen if voters simply forgot their receipt numbers, or if votes were accidentally lost due to a software bug.

The NSWEC’s online response to our analysis claims:

Some 1.7% of electors who voted using iVote® also used the verification service and none identified any anomalies with their vote.

But there must have been people who telephoned the verification service, but couldn’t retrieve any vote at all. The real question is: of those who tried to verify, what fraction failed?

How electronic voting can work: in a polling place

Secure electronic voting is possible – in a polling place. One simple method to check the accuracy of the process is to print a plain paper ballot that a voter can read and check.

Another method is an “end-to-end verifiable” election system. We worked with the Victorian Electoral Commission to develop the the first such system to run at a state level anywhere in the world.

Under this system, voters cast their votes at polling places using a computer. The system provided evidence to each voter that their vote was recorded as they intended and properly included in the count. It also provided evidence to scrutineers that all the votes were properly processed, without revealing individual votes.

The processes allowed votes to be returned electronically from London with evidence that they were correct, rather than shipping the ballot papers.

Why was it restricted to a polling place? Partly because large-scale voter coercion and identity fraud are harder. Most importantly, because voters can get help to follow the complicated verification process.

Lessons learnt

Election commissions must produce verifiable evidence that the winning candidates were chosen fairly, based on reliable and secure vote-casting and correct vote-counting.

The lesson from the bugs in the ACT and NSWEC vote-counting code is clear: make the computer code available for public inspection so that we can scrutinise it for errors before the election.

Receiving votes from the internet is the easy part. Proving that you got the right result, while keeping votes private, is an unsolved problem.

This article was co-published with Election Watch.

Authors: Vanessa Teague, Senior Lecturer in the Department of Computing and Information Systems, University of Melbourne

Read more http://theconversation.com/election-explainer-why-cant-australians-vote-online-57738

Writers Wanted

Factors that affect the cost of dishwasher repairs

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Prime Minister Scott Morrison's interview with Ray Hadley, 2GB

RAY HADLEY: Prime Minister, good morning to you.   PRIME MINISTER: G’day, Ray.   HADLEY: Gee, you’ve had a week.   PRIME MINISTER: Well, there's been a lot of weeks like this. This time last...

Scott Morrison - avatar Scott Morrison

Ray Hadley's interview with Scott Morrison

RAY HADLEY: I'm going to go straight to the Prime Minister, Scott Morrison is on the line right now. Prime Minister, good morning to you.    PRIME MINISTER: Good morning, Ray.   HADLEY: Just d...

Ray Hadley - avatar Ray Hadley

Defence and Veterans suicide Royal Commission

Today the Government has formally established a Royal Commission into Defence and Veteran Suicide following approval by the Governor-General.   Prime Minister Scott Morrison said the Royal Commi...

Scott Morrison - avatar Scott Morrison

Business News

Why it takes time to buy a business

Covid has sent shockwaves through the business for sale marketplace. At Bsale we are finding there are now more buyers in the market than sellers which creates a unique opportunity. With enforc...

Vanessa Lovie - Bsale CEO - avatar Vanessa Lovie - Bsale CEO

4 Ways To Make Your Business Look Nicer

If you own a business of any kind, you already know the importance of your building looking nice both inside and out. The more presentable it looks, the more professional it looks. A professional lo...

NewsServices.com - avatar NewsServices.com

9 Smart Hacks for Your First Day at Work

No matter how much work experience you have, the first day with a new company can be very stressful. Even the biggest professionals find the change of location and work collective a little frighte...

Chloe Taylor - avatar Chloe Taylor