User:Li.andy/sandbox

This is a user sandbox of Li.andy. You can use it for testing or practicing edits. This is not the place where you work on your assigned article for a dashboard.wikiedu.org course. Visit your Dashboard course page and follow the links for your assigned article in the My Articles section. Get Help

Article evaluation

https://en.wikipedia.org/wiki/POPVOX

"empower effective participation, and create a transparent record that influences policy-making and fosters accountable, responsive governing.[citation needed]" ^{[citation needed]}

lower case "m" in masters

POPVOX makes the goal to improve ---> POPVOX aims to improve

it appears that time has come for POPVOX to gain enough credibility for this to occur - bias

Helios Voting

I plan to introduce Helios and its uses. I’ll present examples of when Helios was used in an election. I’ll present the most pressing issues about its encryption features because there are loopholes to its security. I will, then, present the ideas from others about how to improve the security of the system.

Google Scholar

Helios: Web-based Open-Audit Voting https://www.usenix.org/legacy/event/sec08/tech/full_papers/adida/adida.pdf • Introduction of Helios as a public open-source voting system that is open to the public to vote in elections. It is written in Python programming language and encrypted using Sako-Kilian. This text will provide information of Helio’s uses.

Usability Analysis of Helios – An Open Source Verifiable Remote Electronic Voting System http://static.usenix.org/events/evtwote11/tech/final_files/Karayumak7-8-11.pdf • There is a great need to ensure voter secrecy and a reinvent a better system of verifiability.

Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios https://www.usenix.org/legacy/event/evtwote09/tech/full_papers/adida-helios.pdf • These are suggestions about how to improve Helios to be more accountable and reliable to ensure voter’s votes are counted for correctly.

Academic Search Complete

Attacking and Fixing Helios: An Analysis of Ballot Secrecy http://search.ebscohost.com.libproxy.berkeley.edu/login.aspx?direct=true&db=a9h&AN=87598197&site=ehost-live Cortier, Véronique and Ben Smyth. "Attacking and Fixing Helios: An Analysis of Ballot Secrecy." Journal of Computer Security, vol. 21, no. 1, Jan. 2013, pp. 89-148. EBSCOhost, doi:10.3233/JCS-2012-0458. • There are many vulnerabilities and loophole in Helio’s security program, where others are able to invade the privacy of voters. A solution to presented to end the threat.

ACM Digital Library Distributed ElGamal a La Pedersen: Application to Helios https://dl-acm-org.libproxy.berkeley.edu/citation.cfm?id=2517852 • There is a vital need to protect voters’ information, so more voters use the platform. Ideas are presented about how to keep voters’ information confidential and private.

Implementation-Level Analysis of the JavaScript Helios Voting Client https://dl-acm-org.libproxy.berkeley.edu/citation.cfm?id=2851800

Security Proofs for Participation Privacy, Receipt-Freeness and Ballot Privacy for the Helios Voting Scheme https://dl-acm-org.libproxy.berkeley.edu/citation.cfm?id=3098990

IEEE Xplore Digital Library

Introducing Proxy Voting to Helios http://ieeexplore.ieee.org.libproxy.berkeley.edu/document/7784560/

A Taxonomy Refining the Security Requirements for Electronic Voting: Analyzing Helios as a Proof of Concept http://ieeexplore.ieee.org.libproxy.berkeley.edu/document/5438051/

Web of Science Machine-Checked Proofs of Privacy for Electronic Voting Protocols http://apps.webofknowledge.com.libproxy.berkeley.edu/full_record.do?product=WOS&search_mode=GeneralSearch&qid=5&SID=6FHqIyqOlWNjDeCLLif&page=1&doc=1&cacheurlFromRightClick=no

Apollo - End-to-End Verifiable Internet Voting with Recovery from Vote Manipulation http://apps.webofknowledge.com.libproxy.berkeley.edu/full_record.do?product=WOS&search_mode=GeneralSearch&qid=5&SID=6FHqIyqOlWNjDeCLLif&page=1&doc=2&cacheurlFromRightClick=no

Scopus Machine-Checked Proofs of Privacy for Electronic Voting Protocols https://www-scopus-com.libproxy.berkeley.edu/record/display.uri?eid=2-s2.0-85025167463&origin=resultslist&sort=plf-f&src=s&st1=helios+voting&st2=&sid=8f0a088cbb2fbdbbf980a20accee1e35&sot=b&sdt=b&sl=28&s=TITLE-ABS-KEY%28helios+voting%29&relpos=3&citeCnt=0&searchTerm=

Security proofs for participation privacy, receipt-freeness & ballot privacy for the Helios voting scheme https://www-scopus-com.libproxy.berkeley.edu/record/display.uri?eid=2-s2.0-85030328423&origin=resultslist&sort=plf-f&src=s&st1=helios+voting&st2=&sid=8f0a088cbb2fbdbbf980a20accee1e35&sot=b&sdt=b&sl=28&s=TITLE-ABS-KEY%28helios+voting%29&relpos=1&citeCnt=0&searchTerm=

LEAD SECTION

Helios Voting is an online open-source voting system written by Ben Adida. ^{[1] [2]} Its browser is written in JavaScript and HTML language, while the sever is written in phython. ^[3] This web-based platform is accessible to the general public, allowing them to vote on issues by creating election polls. ^[4] The Ballot Prepration System (BPS) is the main component of the platform, which is used to guide voters through the ballot and record voters’ choices. The platform offers three distinguishing features: individual, universal, and eligibility verifiability. Individual verifiability is the ability for the voter themselves to check whether their vote has been corrected posted, while eligibility verifiability is the ability of the public to audit or verify the integrity of the election. The general public including non-voters serving as auditorsto verify that each ballot was indeed casted by a registered voter. On the other hand, universal verifiability is the ability for general public to verify that all the votes casted in the election matches the amount of total votes that are counted. Anyone from the general public will be able to cast a ballot, however, in order for the final vote to be accounted for, their identification will be verified. ^[4] The Ballot Preparation System (BPS) guides the voter through the election. ^[5] The platform uses ballot secrecy and homomorphic encryption to protect the identity of the voter. ^[4] Ballot secrecy is an important aspect of Helios because voters vote remotely from wherever they choose away from peer pressured environments. ^[6]

Ben Adida, the founder, has intentionally made the platform user-friendly to attract more users. He understands that online ballots are inherently coercible, but with his creation of Helios Voting, he hopes to expose the vulnerability of coercion of mail ballots. His intention for Helios is to be used for low-coercion, small scale elections such as student governments. He hopes to educate others and raise awareness about the potential powerful impact of an open-audit election by exploiting the Helios platform. ^[5]

A user must create a Helios account in order to create an election. Users create an account by registering with an email address, their name, and a password. A link is, then, sent to the registered email address allowing the user to finalize the activation of the account. The user, then, chooses the time period that the election is open and also edits the entire content of the election. ^[5] Multiple candidates can be listed in the election. ^[7] Once the event is created, the Helios Voting platform provides a public key for the creator (administrator) of the election. The administrator can now edit and create their ballot in any way they want at any given time. They also have the ability to control who is able to vote in the election by adding and removing voters at their own preference. ^[5]

A voter will create a Helios Voting account using their name, email address, and a random password generated by the platform itself. A voter will submit their ballot, and the BPS in Helios Voting encrypts the voter’s choices’ as a ciphertext that becomes unreadable to humans. Now that the ballot choices have been encrypted, voters have the choice to either audit (review the process in the encryption) or seal (encrypt) their votes in the ballot. For those voters who choose to audit, they have the opportunity to review the displayed ciphertext to verify that the Helios Voting platform correctly saved their choices. Upon review of the voter’s choices, the user is able to submit her current choices or seal their ballots using a different ciphertext. On the other hand, for those voters who choose to seal their ballot, their ciphertext will be published onto the platform as is without being reviewed by the voter. Finally, their identity is authenticated and, their vote is, then, accounted for. All votes are posted to the online bulletin board displayed with either a voter name or a voter ID number, where voters themselves and others can find not only their own votes, but others as well. ^[5] After an election ends, the system shuffles the ballots and encrypts all the votes making them publicly accessible for voters to audit and verify if their own vote appeared correctly. The voters also have the ability to view others’ votes through universal verifiability. After a certain time period allocated for auditing, the system tallies all the ballots. An auditor can, then further, download the entire election to verify its authenticity. The votes are verified when there are enough auditors to ensure that the votes are tallied correctly. ^[5]

The platform is intended to be utilized at small scale levels elections such as university student governments. For example, the platform was utilized for student governments at Princeton University and Universite Catholique de Louvain. ^[2] The Universite catholique de Louvain with 25,000 eligible voters used Helios’ voting system in March 2009 to elect its university president. 4,000 out of the 5,000 registered voters chose to vote in the election, and at the end of the first round, the winning vote was only determined by a difference of 2 votes. ^[6] Helios has, also, been used to elect new board directors at the International Association for Cryptographic Research in 2010, 2011, and 2012. ^[7]

The creator first prioritizes the integrity of the election ensuring the accuracy of ballots, and then, voter privacy. Research has identified loopholes in its security because replaying a users’ selection of candidates will reveal their vote. ^[4] In addition, they have discovered that Helios is vulnerable to cyberattacks against privacy in the case that the attacker can resubmit a voter’s vote without being noticed. ^[7] Researchers have identified a major security breach called a cross-site scripting, and alerted Helios about this problem. Upon clicking a link created by the attacker leading to the Helios sever, the attacker can deceivingly steal the voter’s information. ^[3] It is possible that cyberattacks can steal the information of voter ballots, but Ben Adida claims that there is a high probability that auditors will realize the breach in the system before the election results are modified. ^[5] The web browser records all of the votes once it is submitted to the platform and leaves a trace of verified votes even in the event of a security breach making the system corrupt. ^[4] The integrity of the ballots are ensured by many trustees and the Helios server. This allows auditors to verify votes in the event of a breach. In the event that the Helios ballot becomes corrupt by showing choices that in reality accounts other candidates, the Ballot Encyrption Verification program is able to counter the attack. The Ballot Encryption Verification program is audited by auditors before they vote in the election. ^[5]

This is a user sandbox of Li.andy. You can use it for testing or practicing edits. This is not the place where you work on your assigned article for a dashboard.wikiedu.org course. Visit your Dashboard course page and follow the links for your assigned article in the My Articles section. Get Help