The Cloudier Side of Cryptographic End-to-end Verifiable Voting: A Security Analysis of Helios

Helios is an open-audit internet voting system providing cryptographic protections to both individual voter privacy, and overall election integrity. As part of these protections, Helios produces a cryptographic audit trail that can be used by the public to verify ballots were recorded and counted correctly. Such cryptographic end-to-end (E2E) election verification schemes have been well studied in the literature and are a promising step toward developing trusthworthy electronic voting systems.

In this paper we approach the discussion from the flip-side by exploring the practical potential for threats to be introduced by the presence of a cryptographic audit trail. We conducted a security analysis of the Helios implementation and discovered and tested a range of vulnerabilities that would: allow a malicious election official to produce arbitrary election results with accepting proofs of correctness; allow a malicious voter to cast a malformed ballot to prevent the tally from being computed; and, allow an attacker to surreptitiously cast a ballot on a voter's behalf. We also examine privacy issues including a random-number generation bias affecting the indistinguishably of encrypted ballots.

We conclude with a discussion and set of lessons learned for future developers by emphasizing that, relative to conventional, ``less-verifiable'' internet voting systems, the public audit trail of an E2E election introduces unique benefits---and risks.

Author(s):

Aleksander Essex    
Western University
Canada

Nicholas Chang-Fong    
Western University
Canada