An accessible guide to the security that happens behind the scenes
As part of Scytl’s ongoing efforts to provide accessible information on the advanced security that protects our online voting solutions, our team has created The Security Table of Online Voting, available in our resource repository.
The Security Table centers on the basic security aspects and requirements that should be met by any internet voting system. Written and designed for anyone, regardless of technical experience, the document is accessible and intuitive, offering varying depths of explanations at differing levels of complexity, allowing readers to navigate at their own pace, focusing on specific topics of interest.
In recent years, cybersecurity-related risks have evolved quickly. Both public and private organizations and associations, as well as governments, have thus had to adapt their security strategies to face these technological advances.
Simultaneously, though, technology has also served to increase the security of various systems and processes. In the case of elections, online voting technology now allows for secure election participation from any location, on any device. However, few organizations and governments have sufficient technical knowledge to establish security requirements for implementing online voting systems and evaluating providers.
This guide aims to bridge this gap. Emulating a periodic table, Scytl has chosen 22 essential security concepts that should be offered by any online voting provider. These concepts are organized into five categories:
Secrecy in elections means two things: privacy and anonymity
Privacy can be thought of as a voting booth, or any method by which a voter can mark their ballot and have their decision known only to them. Anonymity, then, can be thought of as the blank envelope the voter puts their ballot in before casting it in the ballot box. Even though the voter identified themselves as an eligible voter, this envelope breaks all ties between the voter’s identity and their ballot, keeping their vote anonymous.
Maintaining privacy and anonymity in any remote voting channel (e.g., postal voting) is difficult to achieve, considering that voter authentication cannot be carried out physically in front of election managers, and that the vote is not put in the ballot box by the voter, but rather by a delegated third party, like the postal service.
In an online election, privacy and anonymity might seem difficult to achieve, given the fact that voters must identify themselves within the same system that they are using to cast their ballot, and that their ballot is being transmitted from their device to a voting server in an unknown location.
However, though complex, both privacy and anonymity can be achieved in an online election — with higher confidence than in postal voting, even — given the proper security features. When implemented correctly, these features can guarantee that a voter’s choices are not known to anyone else, and that their ballot is stripped of all identifying information and can in no way be traced back to them.
Integrity in any election is founded upon the proper conduct of election processes
Ensuring that votes are cast only by eligible voters, that those votes remain unmanipulated, that every voter casts only one ballot, and that electoral processes are easily auditable are all essential to the integrity of elections. Despite the fact that online elections involve numerous electronic processes that might seem invisible or hard to verify, the proper security measures can result in a transparent election with every step accounted for.
Election auditability is dependent on election transparency
Supplying voters with the ability and right to verify that their ballots were officially deposited in the ballot box with the choices they selected, and that those choices were recorded properly, is fundamental to fostering trust in the election process. Online voting presents a slight challenge to these verifications, as voters cannot just seal up their ballot and drop it in a physical ballot box themselves. Rather, their ballots leave their hands and are sent through the internet to a voting server, where they await downloading and decryption at the end of the voting period.
Providing proof to independent third-party auditors and the general public that the vote tally is correct and reflects the actual votes cast in an election is similarly important for election transparency. However, whereas paper records of each vote in a paper-based election can be recounted multiple times in the presence of official election observers and auditors, the vote tallying in an online election is, in appearance, slightly more invisible.
Security and cryptographic experts, nevertheless, have developed unique verification methods for online voting systems that provide both individual and universal verifiability of all election processes.
Strong authentication practices ensure voters can vote
As voters do not have their IDs checked at polling stations in an online election, alternative authentication methods have been developed to ensure that only registered voters can log on to the online voting portal, and that voters are not being impersonated by anyone else.
There are various authentication methods that can be used during an online election. Often, online voting systems are compatible with authentication methods that are already in use, like electronic ID cards. In scenarios where this is not possible, an authentication method is developed to best suit the needs of the election.
The physical hardware behind the digital ballot
Although the majority of online voting security measures lie within digital and electronic space, there are some very important pieces of physical infrastructure that are necessary for a secure online election.
These pieces of equipment are integral to the success of an online election and are specific to the needs of online voting. Without them, online ballots would have nowhere to be sent, decrypted, or tallied securely.
To dive deeper into The Security Table of Online Voting, check out the entire interactive PDF in our resource repository.