VoteID 2011 (September 28th-30th, 2011, Tallinn, Estonia)

Preliminary List of Accepted Papers

Feasibility Analysis of Pret a Voter for German Federal Elections
Authors: Denise Demeril and Maria Henning and Peter Y. A. Ryan and Steve Schneider and Melanie Volkamer

See abstract

An Efficient and Highly Sound Voter Verification Technique and its Implementation
Authors: Rui Joaquim and Carlos Ribeiro

See abstract

Single Layer Optical-scan Voting with Fully Distributed Trust
Authors: Aleksander Essex and Christian Henrich and Urs Hengartner

See abstract

On the Side-Effects of Introducing E-voting
Authors: James Heather and Morgan Llewellyn and Vanessa Teague and Roland Wen

See abstract

Towards Best Practice for E-election Systems: Lessons from Trial and Error in Australian Elections
Authors: Richard Buckland and Vanessa Teague and Roland Wen

See abstract

Pret a Voter with Write-Ins
Authors: Steve Schneider and Sriramkrishnan Srinivasan and Chris Culnane and James Heather and Zhe Xia

See abstract

Programming Voting Protocols in Linear Logic
Authors: Henry DeYoung and Carsten Schuermann

See abstract

The Norwegian Internet Voting Protocol
Authors: Kristian Gjøsteen

See abstract

Trivitas: Voters directly verifying votes
Authors: Sergiu Bursuc and Gurchetan S. Grewal and Mark D. Ryan

See abstract

On applying i-voting for Estonian Parliamentary elections in 2011
Authors: Sven Heiberg and Peeter Laud and Jan Willemson

See abstract

Efficient Vote Authorization in Coercion-Resistant Internet Voting
Authors: Michael Schläpfer and Rolf Haenni and Reto Koenig and Oliver Spycher

See abstract

Transparency and Technical Measures to Establish Trust in Norwegian Internet Voting
Authors: Oliver Spycher and Melanie Volkamer and Reto Koenig

See abstract

Paperless Independently-Verifiable Voting
Authors: David Chaum, Alex Florescu, Mridul Nandi, Stefan Popoveniuc, Jan Rubio, Poorvi L. Vora, Filip Zagorski

See abstract

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting
Authors: Mario Heiderich and Tilman Frosch and Marcus Niemietz

Abstract:
This paper briefly describes security challenges for critical web applications such as the Helios Voting system. After analyzing the Helios demonstration website we discovered several small flaws that can have a large security critical impact. An attacker is able to extract sensitive information, manipulate voting results, and modify the displayed information of Helios without any deep technical knowledge or laboratory-like prerequisites. Displaying and processing trusted information in an untrustworthy user agent can lead to the issue that most protection mechanisms are useless. In our approach of attacking Helios voting systems we do not rely on an already infected or trojanized machine of the user, instead we use simple and commonly known web browser features to leverage information disclosure and state modification attacks. We propose that online voting applications should at least follow the latest vulnerability mitigation guidelines. In addition, there should be thorough and frequent coverage with automated as well as manual penetrations tests in privacy sensitive applications. E-Voting software driven by web browsers are likely to become an attractive target for attackers. Successful exploitation can have impact ranging from large scale personal information leakage, financial damage, calamitously intended information and state modification as well as severe real life impact in many regards.

Internet Voting System with Cast as Intended Verication
Authors: Jordi Puiggalí Allepuz and Sandra Guasch Castelló

See abstract

Two more papers were conditionally accepted. Their names will be published here in the due time.